Anti-Debugging
-
Debugger Detection via Hardware BreakpointsComputer/Security 2011. 12. 6. 18:11
Assembly로 하는 코드들은 다른 데 나와 있어서 Visual C++로 해 보았다. LPEXCEPTION_POINTERS except_ptr; __try{ RaiseException(1, 0, 0, NULL); } __except (except_ptr = GetExceptionInformation(), EXCEPTION_EXECUTE_HANDLER) { CONTEXT *ctx = except_ptr->ContextRecord; if (ctx->Dr0 != 0 || ctx->Dr1 != 0 || ctx->Dr2 != 0 || ctx->Dr3 != 0 || ctx->Dr6 != 0 || ctx->Dr7 != 0) { printf("Debugger Present - Hardware Breakpoints\n..