Thread: TitanHide
View Single Post
  #9  
Old 01-29-2014, 03:05
mr.exodia mr.exodia is offline
Retired Moderator
 
Join Date: Nov 2011
Posts: 784
Rept. Given: 492
Rept. Rcvd 1,122 Times in 305 Posts
Thanks Given: 90
Thanks Rcvd at 711 Times in 333 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
Quote:
Originally Posted by ferrit.rce View Post
I thought you've found the holy grail and it works That was the reason why I've designed out the driver based protection from OllyExt. BTW I've made big steps to make my plugin multi-debugger capable. If you make a plugin framework for your debugger then I could make an X64DbgExt
I figured out how to do SSDT hooking (still with PatchGuard & Driver signing disabled), but it is very unstable, because the addresses are relative. It requires a memory page withing 128MB range of ntoskrnl. This is sometimes possible, but not always unfortunately.

The debugger has a plugin framework, but I don't know if it is good enough to support your needs, could you maybe PM me what kind of stuff you need? I will work on that.

Greetings
Reply With Quote
The Following User Says Thank You to mr.exodia For This Useful Post:
Indigo (07-19-2019)