Exetools  

Go Back   Exetools > General > Community Tools
Reload this Page OllyDBG v2.xx plugin - OllyExt
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 05-25-2014, 18:44
sendersu sendersu is offline
VIP
  
Join Date: Oct 2010
Posts: 1,305
Rept. Given: 337
Rept. Rcvd 237 Times in 127 Posts
Thanks Given: 340
Thanks Rcvd at 652 Times in 357 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Hi ferrit
how about processing this method of detecting?

ntdll.NtQueryInformationProcess()
I've a target that is using it.
Reply With Quote
  #2  
Old 06-02-2014, 06:29
ferrit.rce's Avatar
ferrit.rce ferrit.rce is offline
VIP
  
Join Date: Sep 2013
Location: Switzerland
Posts: 42
Rept. Given: 10
Rept. Rcvd 101 Times in 23 Posts
Thanks Given: 0
Thanks Rcvd at 5 Times in 4 Posts
ferrit.rce Reputation: 100-199 ferrit.rce Reputation: 100-199
This function is already hooked. Maybe it's a bug. Please send me the binary which detects it.

Quote:
Originally Posted by sendersu View Post
Hi ferrit
how about processing this method of detecting?

ntdll.NtQueryInformationProcess()
I've a target that is using it.
Reply With Quote
Reply

Tags
anti-anti-debug, anti-debug, ollydbg, ollyext, plugin

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
DEF plugin for OllyDbg 2.XX wilson bibe Community Tools 2 07-22-2014 09:01


All times are GMT +8. The time now is 03:06.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )