Last 5 News Posts:

Hello everyone,

Some more minor updates to the site.
  • Some backend work/updates.
  • Guests should now be able to view every section of the forum.
  • Added some common file extension types to be allowed for attachments.
  • Updated the banner logo of the forum. (Simple and basic. Want to submit a different one? Feel free to pm me.)
File types added to the allowed list:
  • .cs - C# source code files.
  • .vb - Vb.NET source code files.
  • .lua - Lua scripts.
  • .ct - Cheat Engine trainer tables.
  • .CETRAINER - Cheat Engine trainers.

While I am enabling CETRAINER extensions to be allowed, if this is abused I will remove it.
Hello everyone,

Some minor updates to the forums have happened over the last few days.
  • Updated some backend extensions.
  • Updated the forum theme to something more suitable and appealing.
  • Updated the registration code used to register on these forums.
The registration code is now in two parts. All you need to do is copy paste both parts into the same box forming a single code.
No spaces are used! Just make it one full word of the two parts.
This was a topic that was brought up on Tuts4You here:
https://forum.tuts4you.com/topic/39503- ... -peb-in-c/

I Google'd around and could not find a single instance of doing this in C# within the parameters given by the poster so I took to some ideas in mind of how I could allocate memory without any imports.

Some ideas that came to mind were:
- Marshal.AllocHGlobal
- Marshal.AllocCoTaskMem
- MemoryStream

Sadly, all three of these options only allocate the memory that have protection flags of PAGE_READ and PAGE_WRITE with no ability to execute.

Next, I thought of memory mapped files, these are a way to share memory between processes. This API allows you to specify the access type of the file, including execution permissions. C# has this built-in via the 'System.IO.MemoryMappedFiles' namespace within the System.Core.dll module.

Using this namespace, we can create a mapped file in memory, write our shellcode to it, create a function delegate to the function and invoke it. Here's an example of doing this, getting the PEB of the process (32bit):
  1. /**
  2.  * C# Shellcode Example
  3.  * (c) 2017 atom0s [atom0s@live.com]
  4.  *
  5.  * Demonstrates how to invoke shellcode within C# using a memory mapped file.
  6.  */
  7.  
  8. namespace ShellcodeExample
  9. {
  10.     using System;
  11.     using System.IO.MemoryMappedFiles;
  12.     using System.Runtime.InteropServices;
  13.  
  14.     class Program
  15.     {
  16.         /// <summary>
  17.         /// Function delegate to invoke the shellcode.
  18.         /// </summary>
  19.         /// <returns></returns>
  20.         private delegate IntPtr GetPebDelegate();
  21.  
  22.         /// <summary>
  23.         /// Shellcode function used to obtain the PEB of the process.
  24.         /// </summary>
  25.         /// <returns></returns>
  26.         private unsafe static IntPtr GetPeb()
  27.         {
  28.             var shellcode = new byte[]
  29.                 {
  30.                     0x64, 0xA1, 0x30, 0x00, 0x00, 0x00,         // mov eax, dword ptr fs:[30]
  31.                     0xC3                                        // ret
  32.                 };
  33.  
  34.             MemoryMappedFile mmf = null;
  35.             MemoryMappedViewAccessor mmva = null;
  36.  
  37.             try
  38.             {
  39.                 // Create a read/write/executable memory mapped file to hold our shellcode..
  40.                 mmf = MemoryMappedFile.CreateNew("__shellcode", shellcode.Length, MemoryMappedFileAccess.ReadWriteExecute);
  41.  
  42.                 // Create a memory mapped view accessor with read/write/execute permissions..
  43.                 mmva = mmf.CreateViewAccessor(0, shellcode.Length, MemoryMappedFileAccess.ReadWriteExecute);
  44.  
  45.                 // Write the shellcode to the MMF..
  46.                 mmva.WriteArray(0, shellcode, 0, shellcode.Length);
  47.  
  48.                 // Obtain a pointer to our MMF..
  49.                 var pointer = (byte*)0;
  50.                 mmva.SafeMemoryMappedViewHandle.AcquirePointer(ref pointer);
  51.  
  52.                 // Create a function delegate to the shellcode in our MMF..
  53.                 var func = (GetPebDelegate)Marshal.GetDelegateForFunctionPointer(new IntPtr(pointer), typeof(GetPebDelegate));
  54.  
  55.                 // Invoke the shellcode..
  56.                 return func();
  57.             }
  58.             catch
  59.             {
  60.                 return IntPtr.Zero;
  61.             }
  62.             finally
  63.             {
  64.                 mmva?.Dispose();
  65.                 mmf?.Dispose();
  66.             }
  67.         }
  68.  
  69.         /// <summary>
  70.         /// Entry point.
  71.         /// </summary>
  72.         /// <param name="args"></param>
  73.         static void Main(string[] args)
  74.         {
  75.             var peb = GetPeb();
  76.             Console.WriteLine("PEB is located at: {0:X8}", peb.ToInt32());
  77.         }
  78.     }
  79. }
Thanks to evlncrn8 for his adjustments to the shellcode itself to trim things down.
Hello everyone,

I have done some reorganization on the site and forum which was much overdue. I am aiming to make the forums a bit more public-use friendly and have done some cleanup and updates.

Forums Updated
  • I have started by updating the forums to the latest version of phpBB. While upgrades are a great thing this did land up breaking some of the previous plugins I was using and some custom edits etc. I have done my best to find alternatives and fill in the gaps myself where possible. Casual users should not notice any difference in the forums on that end though, most things were admin-only features.

    I also changed the forum theme due to the upgrade to the latest forum version. The previous theme was no longer supported, so I had to find something different. I made some modifications to this new theme to fit my preference in how I like the forum system to look. If you find any issues, feel free to let me know.
Changing Forum Sections
  • I have renamed the 'My Blog' section to better fit its purpose. The idea of having it as a blog is no longer fitting to the purpose of the forums. Because of that I have also added a new section 'Rants / Opinions' and moved all relevant posts from the original blog section there. These no longer fit the "front-page" aspect I have planned for the new site when I have time to work on it. I would rather the main website contain posts and information regarding my actual work and site news rather than me bashing a company/brand I dislike.

    I plan to add and redo some other sections in time as well. So this is an ongoing change that will continue over the next several weeks.
New Forum Features (Upcoming)
  • While most of my work is free and released here with nothing more than a donation link somewhere in the project, I want to test the waters on bringing in some more money to continue my incentive to work on various projects. I plan on creating a Patreon page in the near future and with that, I may add some perks for various donation levels that will affect this site in one way or another. Such as Patreon pledgers being added to special user groups, gaining access to certain apps before others (like closed-beta testers) and so on. So there may be some upcoming changes that will alter how some content is handled on this site/forum in the future.
Full credits for this go to dudu2002 from bios-mods.com, I am just sharing the info on how this was done for anyone else with this same laptop.

This past month has been a downhill struggle with my Lenovo laptop, my previous post already expressed my utter hatred for this company. After the issues with the graphics and having no way to fix that, my wifi card finally decided to start kicking the bucket. I would constantly drop connection or speeds would constantly drop from a full 144.4Mbps down to under 10. This was getting extremely frustrating because of the way I work on my laptop at times. I tend to remote into my desktop and work via VNC to have full performance without any lag.

I went and purchased a new wifi card for the laptop, an Intel Dual Band Wireless-AC 3160. After a huge fiasco with Fedex and the delivery I finally got the card and went to plug it in. Standard stuff, removing the old one and replacing it, one thing I will give Lenovo is their laptops are setup in a nice manner to upgrade things if need be, but that does not help with the next part..

Once the card was replaced, I booted up the machine and was greeted with a lovely black screen message showing:
"Unauthorized Wireless network card is plugged in. Power off and remove it"

Immediately I was like wtf?? and hit the web to research the error. Within a few minutes I found dozens of sites complaining about how Lenovo has a "whitelist" restriction in their BIOS' to prevent users from upgrading certain parts of their machine that are not Lenovo-qualified parts. Yet again does Lenovo dictate MY device after I purchased it. Best yet? It's out of warranty and they refuse to help at all. So not only do they lock your system down without telling you, they refuse to help you with this when problems like this happen after the fact. Yes, that's right. Lenovo has 0 mention of the whitelist in their BIOS. None of the documentation for the laptop has any info about this. Their websites help center, nothing. This seriously has to be illegal..

So now frustrations aside, here is how to fix this. Please note, this information is specific to the Lenovo Ideapad z710!
This may/may not work for other models!
This can brick your laptop as well! (Meaning it will no longer work.)
You are doing this at your own risk. I AM NOT RESPONSIBLE FOR WHAT HAPPENS!


1. Download The Attachment
  • Download the attachment that is with this post. Once the download is finished, extract to a new folder on your desktop. Something such as:
    C:\Users\atom0s\Desktop\z710\
2. Create Bootable EFI USB Drive
  • Next, we need to create a USB drive that can be bootable to EFI. This is very simple to do. Plug in your USB drive (into a USB 2.0 port) then open 'My Computer' or 'This PC' or whatever your OS calls it. Right-click on the drive and choose 'Format'. Change the format type to 'Fat32' and format the drive. You can use 'Quick Format' to format the drive fast if need be.

    Once done, open the new folder on your desktop from before and locate the EFI Shell.rar file. Extract this to the new formatted USB drive.
    It should create a new file like this:
    F:\EFI\BOOT\BOOTX64.EFI
3. Reboot Into BIOS For Configurations
  • Next, the last preparation step to do is to set BIOS to allow legacy booting.
    Restart the system and mash the F2 button until you are in BIOS.

    Once in, you are going to want to make sure that boot mode and such are all set to Legacy support.
    Afterward, you can exit out of bios ensuring to save all settings.
4. Boot Into the EFI USB Drive
  • After you exit out of BIOS saving your changes, mash F12 until you get the boot list.
    Once the list shows, there should be an option to boot from an EFI USB disk. Choose this option.

    If done correctly, you should be greeted with a message saying something like:

    Code: Select all

    Welcome to GRUB!
    Entering rescue mode...
    error: file not found
    grub rescue>
5. Enter Needed Variable Overrides
  • Now that we have the GRUB console, we need to enter the following two commands:
    setup_var 0x4ab 0x0
    setup_var 0x1ee 0x1

    Please note: Your system may seem to lockup after you enter each of these commands. The first setup_var may never seem to finish. Give it a few minutes and if nothing happens, force-reboot the machine and redo step 4 to get back to the GRUB console. Once there, enter the second setup_var command and allow the same to happen. If nothing happens again, just give it a few minutes then force restart the machine.

    After you have done both of these commands restart the machine and boot into Windows as normal.
6. Flashing The Bios
  • Almost done! Last step is to flash the BIOS. This requires us to use a glitch with Windows and it's Sleep mode.

    To do this, be sure to follow the steps carefully! Open the folder we made on the desktop.
    Copy EVERYTHING from this folder and place it directly into your C:\ drive.

    Once done, open up a command prompt as Administrator. (IT MUST BE ADMINSTRATIVE LEVEL PERMISSIONS!)
    You can do this via opening the start menu, type in cmd then right-click and choose 'Run as Administrator' on the cmd program to start an instance of it as an admin.

    Once the prompt is open, navigate to C:\ You can do this via typing:
    cd ..

    Until you see the prompt show as:
    C:\

    Next, force the system to sleep. You can do this via the start menu. In the power options choose 'Sleep'.
    Once the system is asleep, wake it up as normal. (Press the power button.)

    Now the system should restore to what it was, go to the command window we opened and enter the following command:
    fptw64 -f bios.rom -bios

    The system should now flash the BIOS and complete within a few minutes. Once done, reboot and your system should restart without issue.

    After you have restarted, restart again and press F2 until you are in BIOS again. You should now see all the new unlocked options and the whitelisting should now be removed!

Again, HUGE thanks to bubu2002 from bios-mods.com for helping me with this. Without him I'd still be going insane trying to unlock the BIOS.