Comments on: Anti-Debugging Series – Part II http://www.veracode.com/blog/2008/12/anti-debugging-series-part-ii/ Application security testing, analysis, and metrics Thu, 09 Feb 2012 11:59:00 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: coz http://www.veracode.com/blog/2008/12/anti-debugging-series-part-ii/comment-page-1/#comment-7608 coz Fri, 03 Jun 2011 21:24:36 +0000 http://www.veracode.com/blog/?p=530#comment-7608 Yeah I can't get it to work either. I'm on a win7 computer if that has anything to do with it but I doubt it. I wouldn't use it as an anti-debug. Yeah I can’t get it to work either. I’m on a win7 computer if that has anything to do with it but I doubt it. I wouldn’t use it as an anti-debug.

]]> By: Adrian http://www.veracode.com/blog/2008/12/anti-debugging-series-part-ii/comment-page-1/#comment-5565 Adrian Sun, 15 Aug 2010 17:20:08 +0000 http://www.veracode.com/blog/?p=530#comment-5565 Hi, Tyler. I tried your approach to detect debugger by calling OutputDebugString and checking LastError value. It seems to me that value never changes, no matter if there was debugger attached or not. Are you sure this approach is correct? Frankly, I didn't found anything in OutputDebugString help page about setting LastError value. Hi, Tyler.

I tried your approach to detect debugger by calling OutputDebugString and checking LastError value. It seems to me that value never changes, no matter if there was debugger attached or not. Are you sure this approach is correct? Frankly, I didn’t found anything in OutputDebugString help page about setting LastError value.

]]> By: Tyler Shields http://www.veracode.com/blog/2008/12/anti-debugging-series-part-ii/comment-page-1/#comment-2426 Tyler Shields Wed, 07 Jan 2009 17:25:05 +0000 http://www.veracode.com/blog/?p=530#comment-2426 @cd-MaN Definitely a very interesting technique. In this series I'm outlining a small selection of methods from each of the different anti-debugging areas defined. There are certainly other ways, one of which you outline in your link. Thanks for the information! @daniel reznick That might be another series down the line. At this point I plan on writing up interesting methods in which developers can add layers to the security of their application. As we all know there is no fool proof method of securing client side code, these can all be bypassed. People can feel free to leave comments on bypassing techniques if they are so inclined. @cd-MaN Definitely a very interesting technique. In this series I’m outlining a small selection of methods from each of the different anti-debugging areas defined. There are certainly other ways, one of which you outline in your link. Thanks for the information!

@daniel reznick That might be another series down the line. At this point I plan on writing up interesting methods in which developers can add layers to the security of their application. As we all know there is no fool proof method of securing client side code, these can all be bypassed. People can feel free to leave comments on bypassing techniques if they are so inclined.

]]> By: daniel reznick http://www.veracode.com/blog/2008/12/anti-debugging-series-part-ii/comment-page-1/#comment-2424 daniel reznick Wed, 07 Jan 2009 12:55:50 +0000 http://www.veracode.com/blog/?p=530#comment-2424 How about including information on how to defeat these techniques as well? It would make your series much more interesting. How about including information on how to defeat these techniques as well? It would make your series much more interesting.

]]> By: Cd-MaN http://www.veracode.com/blog/2008/12/anti-debugging-series-part-ii/comment-page-1/#comment-2415 Cd-MaN Fri, 02 Jan 2009 09:25:52 +0000 http://www.veracode.com/blog/?p=530#comment-2415 Here is an other "API based" way to detect debuggers: http://hype-free.blogspot.com/2009/01/detecting-user-mode-debuggers-under.html Best regards. Here is an other “API based” way to detect debuggers: http://hype-free.blogspot.com/2009/01/detecting-user-mode-debuggers-under.html

Best regards.

]]>