Have an account?
It looks like you're new here. If you want to get involved, click one of these buttons!
Apply for Membership
Who's Online (1)
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Bypassing Anti Debugging Filters?
A lot of popular software now will kill the process if you attempt to open it in a debugger or use it with a network analyser to prevent cracking, do you guys know of any ways to block this?
I know there are some olly plugins that can try make it invisible but not all of them work.
If you think it is just a simple IsDebuggerPresent you can do a two byte patch and take it out. As for olly i use the stealth64 plugin. Another tip is that most hard core reverse engineering 'drivers' do function on 64 bit i have gotten lucky several times to see a a company did not make a 64bit driver for their software. As for network analysis you can easily rig up your own packet logger if the application does not use SSL and they use the winsock API, connect / send / receive are very easy to hook.
Cheers - xpl0yt
Add a Comment