• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3793
  • Last Modified:

how to hide application

Hi All,

I need to know how to hide an application from the

A. Windows task manager (Under NT and NON-NT based Windows).

B. Windows Process List (IF POSSIBLE) under NT based Windows.


So can someone please provide me with any sample code that can help me accomplish my above tasks?

P.S. About task (B) I know that it was done before using C++ but I am not sure if it is possible to be done using Delphi.
0
GiantMatrix
Asked:
GiantMatrix
  • 5
  • 4
  • 2
  • +3
1 Solution
 
saravananvgCommented:
Hello Sir,

  Check the following site if it of any use to you.

http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=764&lngWId=7

with regards,
padmaja.
0
 
Mark BradyCommented:
You can not hide a program from Win XP.  That's one of the features they built in when they wrote it.  Sorry buddy.

Regards
Elvin
0
 
ZhaawZSoftware DeveloperCommented:
>> You can not hide a program from Win XP.
Everything is possible. I suppose WinTaskManager is nothing more than a plain application that calls few functions and show results. And MS Windows has quite powerful functions that allow to do almost whatever you want with other applications (and also with task manager). I also have seen people that do such things (so it's not only theory).
I haven't tried it myself and also I am not sure if it's not against ex-ex rules, so I can't show an example.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
GiantMatrixAuthor Commented:
Elvin,

Bad news...as I said before I know a C++ application that do hide the application even from the process list under Windows XP...so sorry buddy but nothing impossible in this world ;)
0
 
GiantMatrixAuthor Commented:
ZhaawZ,

You are 100% correct as I found that the C++ application I mentioned here before which do hide it exe from Windows XP process list simply integrates with the Windows task manager using something like dll injection or so then hide the program exe file from the process manager ListBox.

As of source code I don't believe it is a problem to post a source code here.

If it is OK with you, I can post my email here for you so that you can send me the example you have if possible.

Please let me know...

Thanks in advance for your help
0
 
A. Cristian CsikiSenior System AdministratorCommented:
try this:


function Main(dwEntryPoint: Pointer): longword; stdcall;
begin
  {now we are in notepad}
  LoadLibrary('kernel32.dll');
  LoadLibrary('user32.dll');
  MessageBox(0, 'Hello, now I am in the memory of another process!', 'Hijacked Process', 0);
  MessageBox(0, 'Now we can do anything we want. :)', 'Hijacked Process', 0);
  MessageBox(0, 'You can even delete the original exe and these message boxes will still be here.', 'Hijacked Process', 0);
  MessageBox(0, 'See?', 'Hijacked Process', 0);
  MessageBox(0, 'Told you.', 'Hijacked Process', 0);
  MessageBox(0, 'Ok, bye.', 'Hijacked Process', 0);
  MessageBox(0, 'I''ll close notepad for you ;)', 'Hijacked Process', 0);
  ExitProcess(0);
  Result := 0;
end;

procedure Inject(ProcessHandle: longword; EntryPoint: pointer);
var
  Module, NewModule: Pointer;
  Size, BytesWritten, TID: longword;
begin
  Module := Pointer(GetModuleHandle(nil));
  Size := PImageOptionalHeader(Pointer(integer(Module) + PImageDosHeader(Module)._lfanew + SizeOf(dword) + SizeOf(TImageFileHeader))).SizeOfImage;
  VirtualFreeEx(ProcessHandle, Module, 0, MEM_RELEASE);
  NewModule := VirtualAllocEx(ProcessHandle, Module, Size, MEM_COMMIT or MEM_RESERVE, PAGE_EXECUTE_READWRITE);
  WriteProcessMemory(ProcessHandle, NewModule, Module, Size, BytesWritten);
  CreateRemoteThread(ProcessHandle, nil, 0, EntryPoint, Module, 0, TID);
end;

var
  ProcessHandle, PID: longword;
  StartupInfo: TStartupInfo;
  ProcessInfo: TProcessInformation;

begin
  {lets make a new process}
  CreateProcess(nil, 'notepad', nil, nil, False, 0, nil, nil, StartupInfo, ProcessInfo);
  {give it some time to wake up}
  Sleep(500);
  {and hijack it!}
  GetWindowThreadProcessId(FindWindow('Notepad', nil), @PID);
  ProcessHandle := OpenProcess(PROCESS_ALL_ACCESS, False, PID);
  Inject(ProcessHandle, @Main);
  CloseHandle(ProcessHandle);
  {we have a copy of ourself running in notepad so we can exit}
end.

0
 
GiantMatrixAuthor Commented:
nodramas,

Thanks a lot for the sources...I've tried it but unfortunately I received an access violation in NotePad.exe

So any idea what might be wrong?

P.S. I am testing under Windows XP (SP2)

Thanks in advance
0
 
A. Cristian CsikiSenior System AdministratorCommented:
i'm using xp sp2 and it works. If you like i can send you the application with source to see it works..
0
 
ZhaawZSoftware DeveloperCommented:
tried on xp+sp1 and it (notepad) crashed ;)
0
 
GiantMatrixAuthor Commented:
nodramas,

That will be more than great...if you can please send me the application with sources, may be I am missing something here.

MyICQ # is: 267621075

Regards

0
 
A. Cristian CsikiSenior System AdministratorCommented:
email at nodramasno@yahoo.com
regards.
0
 
Scay7Commented:
This only works for win9x non-NT based systems
http://www.delphifaq.com/faq/delphi_windows_API/f514.shtml

As for WinXP i have tried to hide, and failed best thing that i could do was to use MADCODE stuff and inject a dll to stop the person from ENDTASKING my app which worked great, and to regedit the registry to disable to crtl-alt-del function.

Other than that you can try
http://www.codeproject.com/system/preventclose.asp
0
 
A. Cristian CsikiSenior System AdministratorCommented:
or you may just rename your exe csrss. (ex: csrss.exe). Now the user can't terminate that process, but with different programs you might kill it.  So.... in my oppinion un-usefull.

See ya
0
 
GiantMatrixAuthor Commented:
nodramas,

I've tried your new sources and they work perfectly. So thank you so much for your help and support.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 5
  • 4
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now