Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page @rm@d1ll0 debug bl0cker bye bye
Register Forum Rules FAQ Calendar

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 10-07-2004, 22:56
zaratustra
 
Posts: n/a
@rm@d1ll0 debug bl0cker bye bye
Hi all,
I'm happy to publish the following result reached by
one of the biggest reverser in the current scene:
faina.
Every version of the packer available up to know
simply checks for the OpenMutex API before starting as
debugger process or debugged process respectively.
So, if you want to avoid the debug blocker feature
simply check the OpenMutex calls.
Obviously it works on EVERY windows system.
And obviously it works good for targets that can run directly
without other protections (copymem etc.).
Hope this will help and will be improved (olly scripts etc.).
Cheers Z..
Reply With Quote
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Debug with x64dbg dnvthv General Discussion 2 03-22-2025 21:49
Mac OS app debug wx69wx2023 General Discussion 2 04-10-2024 20:37
How to Debug JNI dll using OD? winndy General Discussion 1 10-21-2005 23:52
Debug for SEH , how to do! nig General Discussion 3 03-09-2004 20:56


All times are GMT +8. The time now is 15:39.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )