- http://jbremer.org/x86-api-hooking-demystified/
- http://www.codeproject.com/Articles/30815/An-Anti-Reverse-Engineering-Guide
- http://blog.praty.net/?p=235
- https://github.com/RC1140/hackfortress
- Very goods tricks to avoid reversing by the author of a challenge.
- Antidebug trick using constructor.
- http://radare.org/get/rootedlabs2013-radare.pdf
- http://www.ropshell.com/peda/
- http://pythonarsenal.erpscan.com/
- http://code.google.com/p/idapathfinder/
Last active
October 4, 2015 13:48
-
-
Save packz/2648627 to your computer and use it in GitHub Desktop.
Reverse
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // original from http://www.phiral.net/other/linux-anti-debugging.txt | |
| #include<stdio.h> | |
| #include<stdlib.h> | |
| void foo() { | |
| printf("Hello\n"); | |
| } | |
| int main() { | |
| int cycle; | |
| for (cycle = 0 ; cycle < 10 ; cycle++) { | |
| if ((*(volatile unsigned *)((unsigned)foo + cycle) & 0xff) == 0xcc) { | |
| printf("BREAKPOINT at 0x%p + 0x%x\n", foo, cycle); | |
| exit(1); | |
| } | |
| } | |
| foo(); | |
| return 0; | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * $ ./antidbx | |
| * $ | |
| * $ gdb -q ./antidbx | |
| * (gdb) r | |
| * Starting program: antidbx | |
| * | |
| * Program received signal SIGTRAP, Trace/breakpoint trap. | |
| * 0x080483e7 in main () | |
| */ | |
| #include<signal.h> | |
| void handler(int signal) { | |
| } | |
| int main() { | |
| signal(SIGTRAP, handler); | |
| asm("int $0x03"); | |
| return 0; | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <sys/ptrace.h> | |
| #include <unistd.h> | |
| #include <stdio.h> | |
| void check(void) __attribute__((constructor)); | |
| void | |
| check(void) | |
| { | |
| if (ptrace(PTRACE_TRACEME, 0, 0, 0) == -1) { | |
| printf("lulz!\n"); | |
| _exit(-1); | |
| } | |
| } | |
| int | |
| main(void) | |
| { | |
| printf("do stuff outside GDB\n"); | |
| return 0; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment