Cro: C++ GUI Wrapper

[Guy]

Download: http://www.sendspace.com/file/ah8w90

Another library, still incomplete, but has support for the following widgets:

- Button
- Textbox
- Label
- Checkbox
- Hyperlink
- Radiobutton
- Tabs (Partial; not all events implemented)
- Listbox

The above support varying events, which are all demonstrated; two events have problems on Vista, which I'll investigate when I get around to it.

__

Here's my thread whitelist/module whitelist ideas re-built for cleansiness, incorporated into my "Fury" mini-library; it's quite easy to use, take a look at the main.cpp example file.

EDIT: Quick update made!
Download: http://www.sendspace.com/file/np5vbp

Main specifications:
- Checks all modules entrypoint for being outside module space and the code segment; if module name is whitelisted; if multiple instances of the module are loaded (If so, dies); if size image or base image is invalid (Not set).
- Checks if thread start address or EIP is outside the code segment and outside module space.
- Check if an API function is hooked by checking the epilogue code (e.g. The first 5 bytes).


Enjoy!

[MentaL]

[Tman151]

Thank you very much.

[Guy]

Thank you very much.

The Fury mini-lib was updated; I added the ability to check epilogue code for any potential hooks now.

[ThievingSix]

Which events are having issues?

[Guy]

Which events are having issues?

To quote my code:

Code:

			// crashes on Vista
			MainWindow.SetText( btnAlter, MainWindow.GetText( txtButtonAlter, 255 ) );

The "set text" function.

Code:

		// crashes on vista
		if( lstUnknown && !strcmp( lstUnknown->SelectedItem( ), "Rock!" ) )
		{
			break;
		}

The "SelectedItem" function in the Listbox. Otherwise, everything works.

[Team Lion]

What if it hooks after the prologue?

And if I remember right, the prologue means the beginning, epilogue the ending.




Just messing with you. I don't know any libraries to think of that do, though I think it'd be better off that way anyhow. Instead of copying three instructions you only need to really copy one. Hopefully. Not always.

Anyways, enough rambling, very fine releases you have coming out. Hopefully some servers actually do put them to good use, but I'm on Vista, and I generally don't have any problems with events not working, I'll take a look though, and see if I can see whats messing it up.




Okay, so I downloaded Cro, compiled it, and it ran perfectly, no crashing at all. I compiled it in 32-bit, as this Laptop is using 32-bit Vista. No crash on anything at all. Probably a 64-bit error, or pre-Vista SP2 error. Could also be because I have UAC disabled, and it was running as Administrator.

[Guy]

What if it hooks after the prologue?

And if I remember right, the prologue means the beginning, epilogue the ending.




Just messing with you. I don't know any libraries to think of that do, though I think it'd be better off that way anyhow. Instead of copying three instructions you only need to really copy one. Hopefully. Not always.

Anyways, enough rambling, very fine releases you have coming out. Hopefully some servers actually do put them to good use, but I'm on Vista, and I generally don't have any problems with events not working, I'll take a look though, and see if I can see whats messing it up.




Okay, so I downloaded Cro, compiled it, and it ran perfectly, no crashing at all. I compiled it in 32-bit, as this Laptop is using 32-bit Vista. No crash on anything at all. Probably a 64-bit error, or pre-Vista SP2 error. Could also be because I have UAC disabled, and it was running as Administrator.

1) I wrote this at around 3AM, so excuse the flipping of prologue and epilogue :P

2) Yup, you can hook later; there isn't much you can do about that, but, via checking for other threads and modules, you'll eliminate threads launched still via hooking; I have another technique that'll check process heaps which I'll implement later.

3) Well, who knows? I don't run all apps as administrator, or in a 64-bit environment.

Eitherway, I'll be implementing my heap idea later, and dropping an update if it works well enough.

[Guy]

The heap idea turned out less than spectacular; if you want to check the number of heaps:

Code:

GetProcessHeaps( 0, 0 );

In the loaded application, it can be implemented like so:

Code:

#include "Fury.h"

int WINAPI WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd )
{
	if( CheckModules( ) == 0 &&
		EnumerateForBadThreads( ) > 0 && 
		CheckAPI_Hook( ) == FALSE && 
		GetProcessHeaps( 0, 0 ) == 4 )
		MessageBox( 0, "Nothing evil detected.", "Success?", MB_OK );
	else
		MessageBox( 0, "Bad module, thread, heap count, or API function!", "Fatal Error", MB_OK );

	return( 0 );
}

Enjoy.