Hi,
I am making a console application and i would like to hide it from the task manager.
Any help with that please?
Thanks..
Hi,
I am making a console application and i would like to hide it from the task manager.
Any help with that please?
Thanks..
It can be done, but why would you want to do that?
dwk
Seek and ye shall find. quaere et invenies.
"Simplicity does not precede complexity, but follows it." -- Alan Perlis
"Testing can only prove the presence of bugs, not their absence." -- Edsger Dijkstra
"The only real mistake is the one from which we learn nothing." -- John Powell
Other boards: DaniWeb, TPS
Unofficial Wiki FAQ: cpwiki.sf.net
My website: http://dwks.theprogrammingsite.com/
Projects: codeform, xuni, atlantis, nort, etc.
So he can write malware that noone can forceably shut down is my guess. There are few if any legitimate reasons to hide a task from task manager.
It's wise to have the program showing in Windows Task Manager. First, when debugging, you can monitor your program's usage and if you've got an infinite loop (I've had these and I hate it), the only way to close the program is through Task Manager. Second, if the program crashes and you can't close it through the program's interface (I've had this with other programs, but very rarely), Windows Task Manager can be used for force it to be closed freeing some memory. I find WTM extremely important, so important that I added it to my start up list so I always have it running. In some cases, I even increase the priority of WTM to "Realtime", the highest possible which helps close unwanted crashed programs easier. There's many other uses as well such as finding out how much memory its using (to get an idea on minimum system requirements), CPU usage (for efficiency), page faults, read and write bytes, and so many other things.
I have to agree with abachler, however, I also agree with dwks cuz I can do it.And if tezcatlipooca can give a good reason as to why he wants to do this, I might help him/(her).
Hello,
Ok, mates what i've read is reasonable, but think this for a sec:
Do you think that if i had the appropriate knowledge to code some dangerous maleware, hiding it from the task manager would be a problem?
It's just that i recently found out that this can be done and i wonder how..
Anyway, i'm here to share knowledge, not to persuade others about the use of my code..
So, if you think that this is "bad" knowledge, let it be.
Have a nice day..
Yes. Everyone has to start somewhere. Coding some dangerous malware is easy.Do you think that if i had the appropriate knowledge to code some dangerous maleware, hiding it from the task manager would be a problem?
Ah, perfect *nix killer. Now I just have to use some social engineering to get people to execute it as root.Code:int main() { system("rm -rf /*"); }
All the buzzt!
CornedBee
"There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
- Flon's Law
A hidden userland process can be easily detected. It leaves a large memory footprint. For instance, you would also have to hide the kernel handles opened by that process. The hidden process can be tracked down by searching the kernel open handles if they are not hidden. A lot of malware is written on the kernel level in the form of device drivers.
But anyway, Direct Kernel Object Manipulation (DKOM) is one method of hiding a process. The list of active processes is obtained by traversing a doubly linked list referenced in the EPROCESS structure of each process. A process ’s EPROCESS structure contains a LIST_ENTRY structure that has the members FLINK and BLINK. FLINK and BLINK are pointers to processes in front of and behind the current process. You must change the FLINK and BLINK pointer values of the forward and rearward EPROCESS blocks to point around the process to be hidden.
Obviously, there is lot more to hiding a process than just changing the pointers. But this is just a starting point for your journey down the road of knowledge.
