Log in

View Full Version : OSIX Articles: Avoiding Debuggers; Self Modifying Code - Defeating the Disassembler


Kayaker
March 23rd, 2005, 19:18
A couple of very nice articles I hope the author doesn't mind me attaching here for future reference.


Written by Giovanni Tropeano 11/2004
Prepared for OSIX


Avoiding Debuggers - Protect your programs!
http://www.osix.net/modules/article/print.php?id=594

This time we will look at how to make it very difficult for people to trace through your code. Learn about debuggers, how they work, and how your applications can detect them.

<< Sections in this document <<

...Preface
...Brief history of debuggers
...How debuggers work
...Tracing, and how to overcome
...Getting around breakpoints


-------------------------------------------


Self Modifying Code: A Guide to Defeating the Disassembler
http://www.osix.net/modules/article/print.php?id=592

This article takes an in depth look at self modifying code (SMC) and how you can use it in your own applications. There are examples in C++ using inline assembly, as well as pure assembler. I also talk about executing code on the stack, which is essential to successfully write and execute SMC.

<< Sections in this document >>

...Brief History of Self Modifying Code...
...Windows Memory - How it's put together...
...Using WriteProcessMemory - New Best Friend...
...Putting Code on the Stack, and executing it!...
...Why relocatable code can be bad for your health...
...I got your optimization right here!...
...Using SMC in your own apps...
...How to contact me about this document...

-------------------------------------------

Kayaker

bilbo
March 24th, 2005, 09:10
Thanks for the link, Kayaker, this is definitely a must read!

I love the capacity which has this author of giving stimulus on many fields, due to his comparative knowledges (Windows/Linux, ASM/C, Microsoft/Borland, and so on...)

Other papers from the same guy:
Examining Viruses (http://www.osix.net/modules/article/?id=629)
Common Hacking Techniques to be Aware Of (http://www.osix.net/modules/article/?id=632)

Thanks again...
The whole site too is extremely interesting,
bilbo

thandermax
April 20th, 2005, 04:42
other link such about virus and releted :

can be found here =>

http://vx.netlux.org


u can get many sources also.

A very good site about those , but ofcource to enhance ur knowledge not to let others computer down.