Hi Friends

How I Can Set A "Hardware BreakPoint On Execute" Into A Process With A Loader That Writen By VB Or Delphi ?

Please Give Me An Example Source Code

Tnx

You'll need to debug the child process (mind possible debugger detections!), then you can set the hwbp via Get-/SetThreadContext (modifying Dr0 - Dr3 and Dr6/7). I do not really think this is the way to go if there's any way to use Int3 or even EB FE since hwbps make the whole thing more difficult (like I said, anti-debug, you'll need a minimalistic debugging engine etc).

If you really want to do so, a good starting point is the Intel manual for sure, as well as some sources floating around - last but not least, MSDN will help you out (CreateProcess, Get-/SeThreadContext).

Maybe this tut would give you some clues...

Tutorial: ASProtect Analysis Of Hardware Breakpoint Clearing Feature

Author: ThunderPwr

Description:

ASProtect analysis of the Hardware Breakpoint clearing feature (universal AsProtect debugger tool included)

Get it at:

_http://arteam.accessroot.com/tutorials.html

Cheers

Nacho_dj