Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page How to hide debugger?
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 10-04-2005, 19:41
deXep deXep is offline
Friend
  
Join Date: Aug 2004
Posts: 42
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
deXep Reputation: 0
How to hide debugger?
Hi my nice guys!

I'm working on a dumper and I cannot grab FS base via
GetThreadSelectorEntry
it returns TRUE but LDT_ENTRY is still NULL.

and I tried use address of debugger becoz all PEB is in the same address
this code works well
mov eax, fs:[30h]
inc eax
inc eax
call write_mem
but if I code like these:
mov edi, fsbase; grabbed
lea eax, [edi+30h]
call read_mem
then ReadProcessMemory return 0, last Error is PARTIALLY_COPY

I'm mad for such a strange problem

regards
Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cant not hide debugger for Themida/Winlicense 3.X Turkuaz General Discussion 2 09-24-2020 17:15
how hide softice under w2k or xp the_beginner General Discussion 3 09-06-2004 20:51
how to hide a file taos General Discussion 7 08-26-2004 18:31


All times are GMT +8. The time now is 19:08.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )