BataBo 13 AntiDebug lib By BataBo [align=center] Recently I've noticed that cracking programs that were made by some really good developers have a flaw where you can use an http debugger to get endpoints.[/align] So I decided to make a library that prevents detects http debuggers and than I thought about expanding its usability and also added unpacking program detection. [align=center] This library was made in c++ because I'm a masochist,I mean so it can be used by all of our developers to protect their checker regardless of their language preference.[/align] In theory it should work for every language but in practice it was testes with c#,java and python It as the title says protects you from debuggers it protects you from every http debugger and it also protects you from: OllyDBG, MegaDumper and DnSpy [align=center] [/align] Before I get to any examples of usage lets discuss how you should implement it. It's pretty simple start another thread in your language of choice run dll method inside after that say what should happen if debugger is detected. Your language of choice wont be able to pass dll method unless there is a debugger present. [align=center] [/align] Examples: C#: [align=left] class Test { private static Thread thread2 = new Thread(ListNum); const string _dllLocation = "DebuggerCheck.dll"; [DllImport(_dllLocation)] public static extern int DebuggerCheck(); static void Main() { Thread thread = new Thread(AntiDebug); thread.Start(); thread2.Start(); } private static void AntiDebug() { DebuggerCheck(); Console.WriteLine("Bad guys detected!"); Environment.Exit(0); } private static void ListNum() { int i; for (i = 0; i < 1000000; i++) { Console.WriteLine(i); } } } [/align] Java: You'll need to use jna(java native access) Test:src:javaexport:AntiDebug [align=left] package javaexport; import com.sun.jna.Library; import com.sun.jna.Native; public interface AntiDebug extends Library{ AntiDebug INSTANCE = (AntiDebug)Native.loadLibrary("DebuggerCheck", AntiDebug.class); public int DebuggerCheck(); } [/align] Test:src:main:Runnable [align=left] package main; import javaexport.AntiDebug; class Runnable2 implements Runnable { public void run() { AntiDebug a = AntiDebug.INSTANCE; a.DebuggerCheck(); System.exit(0); } } [/align] Test:src:main:Main [align=center][align=left] package main; public class Main { public static void main(String[] args) { Thread t = new Thread(new Runnable2()); t.start(); int i; for(i = 0;i<1000000;i++) { System.out.print(i + "\n"); } } } [/align] [/align] Python: [align=left] import threading import _thread import ctypes import sys import time testlib = ctypes.CDLL('DebuggerCheck.dll') def AntiDebug(): testlib.DebuggerCheck() //Whatever terminates the program thread = threading.Thread(target=AntiDebug) thread.start() i = 0 while i < 1000000: print(i) time.sleep(1) i += 1 [/align] [align=center] Here is my lib in action:[/align] As soon as http analyzer has been opened test app closed Here is a download link: https://anonfile.com/64M5f0udn8/antiDebbuger_zip If you have any issue with this lib feel free to contact me :) Quote Share this post Link to post Share on other sites
