luxiferrwoo

(exprssn#6408)

Reputation: 16 [rate]

Joined: May, 2022

Last online:

Profile Picture

Bio

C++, C, Python, Lua developer


Badges

badge

Activity Feed


Replied to thread: [CW] emiray, threats, expose and some other stuff


:face_palm: watching this community get riled up over an 11 year old kid is insane, leaking his face and details about his life as if he's not 11, he's in like 6th grade. let the child be, yeah he can be toxic but are you forgetting that you're arguing with an ELEVEN YEAR OLD? you're all mentally insane and handicapped to be this harmful towards a literal child. no wonder so many people left this community, you idiots thrive off of drama and conflict no matter who it's with / against.

Replied to thread: [REL] password generator


@lilbiden69

preprocessor directives + using namespace std :pray:

 

Replied to thread: [REL] quick bsod


@stacktrace

tell me you don't know what uniform initialization is without telling me you don't know what uniform initialization is.

Replied to thread: [RELEASE] Webhook Spammer


@TERIHAX

and theres multiple people who made it years before you did so what lmao

Replied to thread: [RELEASE] Webhook Spammer


@Murz

 

you don't need to be good to do it, it's extremely easy.

just work a little. trigger a ratelimit by spamming the webhook and print out the response json, then just parse the json and the rest is easy pickings

Replied to thread: [RELEASE] Webhook Spammer


@Murz

just trigger a ratelimit and you'll see how to do it. 

Replied to thread: [RELEASE] Webhook Spammer


lol add ratelimit detection, it's easy to add and very useful ( I did it when I was like 11 or 12 ), I even did it in lua.

 

Replied to thread: Windows Defender Issue


lmao this is possibly the biggest skill issue I have ever seen

Created a new thread: C++ Kernel Mode Driver


This driver is not meant to be used in any real applications as it is not adequate for them ( easily detected ), it's meant to simply be a basic kernel mode driver which reads and writes from/to processes. This was an educational experience for me and hopefully for anyone who reads this and the code.

 

I had sort of forgot about this project, and decided to make a few changes to it and release it publicly. Note that this is my first kernel mode driver and it's meant to be a simple one, with basic features and it does not mitigate any detection vectors, with that being said, here's the github link, and some preview of the code:

#pragma once
#include "includes.h"


namespace major_functions
{
	/// <summary>
	/// IRP_MJ_CREATE Major Function
	/// </summary>
	/// <param name=""></param>
	/// <param name="irp_ptr"></param>
	/// <returns></returns>
	NTSTATUS mj_create( DEVICE_OBJECT*, IRP* irp_ptr )
	{
		util::log( "%s", "MJ_CREATE Major Function called." );

		// denying handle if connection with user-mode process already established
		if( driver_globals::connection_initialized )
		{
			util::log( "%s", "Cannot establish connection with 2 user-mode processes at once." );
			return STATUS_ACCESS_DENIED;
		}
		irp_ptr->IoStatus.Information = 0;
		irp_ptr->IoStatus.Status = STATUS_SUCCESS;

		IofCompleteRequest( irp_ptr, IO_NO_INCREMENT );
		return STATUS_SUCCESS;
	}
	/// <summary>
	/// IRP_MJ_CLOSE Major Function
	/// </summary>
	/// <param name=""></param>
	/// <param name="irp_ptr"></param>
	/// <returns></returns>
	NTSTATUS mj_close( DEVICE_OBJECT*, IRP* irp_ptr )
	{
		util::log( "%s", "MJ_CLOSE Major Function called." );
		// resetting for preparation for a new user-mode process to establish a connection to.
		driver_globals::connection_initialized = false;
		driver_globals::um_process.um_process = nullptr;
		driver_globals::um_process.um_process_id = 0;

		irp_ptr->IoStatus.Information = 0;
		irp_ptr->IoStatus.Status = STATUS_SUCCESS;

		IofCompleteRequest( irp_ptr, IO_NO_INCREMENT );
		return STATUS_SUCCESS;
	}
	/// <summary>
	/// This function is responsible for dispatching and initializing connections with user-mode processes. 
	/// </summary>
	/// <param name=""></param>
	/// <param name="irp_ptr"></param>
	/// <returns></returns>
	NTSTATUS mj_ioctl_dispatcher( DEVICE_OBJECT*, IRP* irp_ptr )
	{
		util::log( "%s", "MJ_IOCTL_HANDLER Major Function called." );

		const auto irp_stack_location = IoGetCurrentIrpStackLocation( irp_ptr );
		const auto ctl_code = irp_stack_location->Parameters.DeviceIoControl.IoControlCode;

		// check for valid control codes.
		if( ( ctl_code != ioctl_codes::read_code ) && ( ctl_code != ioctl_codes::write_code ) && ( ctl_code != ioctl_codes::init_connection_code ) )
		{
			util::log( "%s %i", "Invalid control code passed as DeviceIoControl parameter. Returning STATUS_INVALID_PARAMETER. Control Code: ", ctl_code );
			return STATUS_INVALID_PARAMETER;
		}

		util::log( "%s %i", "Io Control Code Passed: ", ctl_code );
		// initializing/establishing connection with user-mode process.
		if( ctl_code == ioctl_codes::init_connection_code )
		{
			if( driver_globals::connection_initialized )
			{
				util::log( "%s %i", "Connection with user-mode process already established." );
				return STATUS_ACCESS_DENIED;
			}
			util::log( "%s", "INITIALIZE_CONNECTION control code passed. Initializing connection with user-mode process." );
			
			const auto um_process_id = *static_cast< unsigned long* >( irp_ptr->AssociatedIrp.SystemBuffer );
			const auto um_process_lookup_res = PsLookupProcessByProcessId( reinterpret_cast< HANDLE >( um_process_id ), &driver_globals::um_process.um_process );

			if( um_process_lookup_res != STATUS_SUCCESS )
			{
				util::log( "%s %i", "PsLookupProcessByProcessId failed. Error code: ", um_process_lookup_res );
				return um_process_lookup_res;
			}
			
			driver_globals::um_process.um_process_id = um_process_id;
			driver_globals::connection_initialized = true;
			util::log( "%s", "Connection with user-mode process established. KM_READ and KM_WRITE now available." );
			return STATUS_SUCCESS;
		}

		if( !driver_globals::connection_initialized )
		{
			util::log( "%s %i", "Cannot use KM_READ or KM_WRITE until connection with user-mode process is established." );
			return STATUS_ACCESS_DENIED;
		}

		const auto& [ target_process_id, rw_length, write_to, read_from ] = *static_cast< structs::vmem_arg_t* > ( irp_ptr->AssociatedIrp.SystemBuffer );
		
		PEPROCESS target_process{ nullptr };
		const auto target_proc_lookup_res = PsLookupProcessByProcessId( reinterpret_cast< HANDLE >( target_process_id ), &target_process );

		if( target_proc_lookup_res != STATUS_SUCCESS )
		{
			util::log( "%s %i", "PsLookupProcessByProcessId call failed. Error code: ", ctl_code );
			return ctl_code;
		}

		if( ctl_code == ioctl_codes::read_code )
		{
			util::log( "%s", "KM_READ Called.\n" );
			return util::memory::KM_READ( target_process, read_from, write_to, rw_length );
		}

		util::log( "%s", "KM_WRITE Called.\n" );
		return util::memory::KM_WRITE( target_process, read_from, write_to, rw_length );
	}
	/// <summary>
	/// This function is responsible for cleaning up.
	/// </summary>
	/// <param name="driver_object_ptr"></param>
	void DriverUnload( DRIVER_OBJECT* driver_object_ptr )
	{
		util::log( "%s", "DriverUnload callback called. Cleaning up the driver." );
		IoDeleteSymbolicLink( &driver_globals::driver_device::dos_device_name );
		IoDeleteDevice( driver_object_ptr->DeviceObject );
		ObfDereferenceObject( &driver_globals::um_process.um_process );
		util::log( "%s", "DriverUnload call complete." );
	}

}

https://github.com/expressiongz/Kernel-Mode-Driver

Replied to thread: [REL] quick bsod


@stacktrace

 

ironic considering the only words you use are "wahhh" and "bad" lol.

let me see your C++ code real quick tho

its real easy to talk with no public code lmao :clown:

Replied to thread: Is bcrypt safe?


@Aja

BCrypt itself is not a library, it's a hashing algorithm.

Created a new thread: Private C++ Classes for Nitro


I'm providing private C++ classes for nitro, at the end of our classes you will have the following:

Beginner to Intermediate C++ skills filled with good practices and an in-depth understanding of multiple C++ topics.

Knowledge of how and where to apply modern C++ features, how they work, and where they're utilized every day.

A good understanding of how memory works, how to edit memory, and how to work with memory in C++.

 

Your beginner to intermediate C++ skills will include the following:

Procedural Programming

Functional Programming

Object-Oriented Programming

Templates

Lvalue and Rvalue references.

Move semantics

and more.

 

Not only that but at the end of our classes, you will leave with extra useful resources that you can use as a reference ( no pun intended ) to our classes and future learning. At effect of our classes ending, this does not mean that you won't be able to contact me privately with any questions you have relating to C++.

 

Where to contact me ( discord ): exprssn#6408

If you want proof or need vouches on my skills and ability to teach, I can provide you with code I have written and public projects ( https://github.com/expressiongz )

 

I forgot to mention what specific nitro I'm charging, for reference it is the 9.99$ nitro.

 

 

Replied to thread: Should I Switch To Windows 11?


don't! I similar specs, and I absolutely hate windows 11 and I regret using it.

at this point I've just been procrastinating making a clean install back to windows 10 ( I'm on the dev channel ).

the windows 10 UI is much better IMO.

 

 

Replied to thread: Jupiter (WIP)


@JJSploit_On_Top

the only thing LuaJIT does for you is faster compilation. that's it.

 

because of that, "LuaJIT execution method" isn't a valid thing, because it's not specific to LuaJIT, LuaJIT just improves the speed of compilation.

 

Replied to thread: Jupiter (WIP)


@JJSploit_On_Top

 

I didn't have to, as soon as I saw this I knew you were a braindead monkey lol

https://media.discordapp.net/attachments/1029853853094510714/1034921108123693076/unknown.png