Browse Source

Create WriteWatchVirtualAllocIsDebuggerPresent.c

pull/3/head
vxunderground 11 months ago committed by GitHub
parent
commit
7fb828a71d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 33
      Anti Debug/WriteWatchVirtualAllocIsDebuggerPresent.c

33
Anti Debug/WriteWatchVirtualAllocIsDebuggerPresent.c

@ -0,0 +1,33 @@ @@ -0,0 +1,33 @@
BOOL WriteWatchVirtualAllocIsDebuggerPresent(VOID)
{
ULONG_PTR Count = NULL;
DWORD Granularity = 0;
BOOL bFlag = FALSE;
PVOID Address = NULL;
PINT Buffer = NULL;
Address = VirtualAlloc(NULL, (4096 * sizeof(PVOID)), MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
if (Address == NULL)
return FALSE;
Buffer = (PINT)VirtualAlloc(NULL, (4096 * 4096), MEM_RESERVE | MEM_COMMIT | MEM_WRITE_WATCH, PAGE_READWRITE);
if (Buffer == NULL)
goto EXIT_ROUTINE;
Buffer[0] = IsBeingDebuggedAlt();
Count = 4096;
if (GetWriteWatch(0, Buffer, 4096, Address, &Count, &Granularity) != ERROR_SUCCESS)
bFlag = (Count != 1) | (Buffer[0] == TRUE);
EXIT_ROUTINE:
if (Buffer)
VirtualFree(Buffer, 0, MEM_RELEASE);
if (Address)
VirtualFree(Address, 0, MEM_RELEASE);
return bFlag;
}
Loading…
Cancel
Save