Quote:
Originally Posted by TQN
I have a wonder: this function will be called from: the loader or the victim process.
|
The code example is the called from the victim. He asked how to defeat it, I'm not going to code it for him.
However with little to no modification this code or its equivalent could be used in combination with y0da's Force Library and thus IsDebuggerPresnt could be defeated via RemoteExec which enables you to execute code within the context of another process
Regards...
__________________
Even as darkness envelops and consumes us, wrapping around our personal worlds like the hand that grips around our necks and suffocates us, we must realize that life really is beautiful and the shadows of despair will scurry away like the fleeting roaches before the light.
Last edited by D-Jester; 02-28-2005 at 22:02.
|