Created
May 20, 2014 18:52
-
-
Save 17twenty/be6d4e19c6b736850f68 to your computer and use it in GitHub Desktop.
LD_PRELOAD=blockdebugdetect.so strace ./testDebug
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Simple source code for a library to prevent apps being able to see if they're running under debug | |
| * compile as follows: | |
| * gcc -shared -fPIC blockdebugdetect.c -o blockdebugdetect.so | |
| * then use LD_PRELOAD to override as follows: | |
| * LD_PRELOAD=blockdebugdetect.so strace ./testDebug | |
| */ | |
| long ptrace(int request, int pid, void *addr, void *data) | |
| { | |
| /* Nope - we're definitely not running under a debugger mwaahahahahaa */ | |
| return 0; | |
| } | |
| #if 0 | |
| typedef void (*sighandler_t)(int); | |
| sighandler_t signal(int signum, sighandler_t handler) | |
| { | |
| /* This assumes they're also preventing SIGTRAP/int3 from being inserted so stub that out too */ | |
| return NULL; | |
| } | |
| #endif |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment