Jump to content
Tuts 4 You

New RCE blog

Aguila

By Aguila
in Reverse Engineering Articles

 Share

Recommended Posts

Aguila

Aguila

Posted
  • Author
Posted

Would this have worked... :P

 

https://forum.tuts4you.com/blog/aguila-ntquery/

 

Ted.

ah you mean using this board as blog?

Maybe... I am just testing it a little bit. If people dont like it, I will stop anyway.

 

 

Here is something new again:

https://ntquery.wordpress.com/2014/03/30/anti-debug-ntqueryobject/

 

@chixiaojie

Please tell us your strong anti-debug stuff...

  • Like 1
Link to comment
Share on other sites
ahmadmansoor

ahmadmansoor

Posted
Posted

nice blog ,and Good start . :smartass:



 


@chixiaojie


Please tell us your strong anti-debug stuff...



I think I can give u a very good example if u want (and allow me ) . I can upload the program for u .


the protection depended on QueryPerformanceCounter , GetTickCount , QueryPerformanceFrequency ,


to defeat HW-BP and BP and step in step out :sweat:


let me know if u want to study it  :plus:  .


by the way the target not protected by any protector .


Good luck in ur new blog - I have add it to our best sites of exetools site list -


Link to comment
Share on other sites
Aguila

Aguila

Posted
  • Author
Posted

@ahmadmansoor


 


I am currently working on a ring3 hide plugin/tool and that is why I am currently looking for anti-debug stuff. I know that there is TitanHide, but sometimes you don't want to install a driver and it cannot protect against things like BlockInput.


Link to comment
Share on other sites
  • 6 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...