Parsi Coders

نسخه‌ی کامل: [VB6] mAntiDebug
شما در حال مشاهده نسخه آرشیو هستید. برای مشاهده نسخه کامل کلیک کنید.
کد:
'---------------------------------------------------------------------------------------
' Module      : mAntiDebug
' DateTime    : 4/09/2009  03:25
' Author      : SqUeEzEr
' Mail        : scott_van_dinter@hotmail.com
' Purpose     : Check if you're being debugged
' Usage       : At your own risk
' Requirements: None
' Distribution: You can freely use this code in your own
'               applications, but you may not reproduce
'               or publish this code on any web site,
'               online service, or distribute as source
'               on any media without express permission.
'
'---------------------------------------------------------------------------------------
Option Explicit
Private Declare Function NtCurrentTeb Lib "ntdll" () As Long
Private Declare Function NtWriteVirtualMemory Lib "ntdll.dll" (ByVal ProcessHandle As Long, ByVal BaseAddress As Long, ByVal pBuffer As Long, ByVal NumberOfBytesToWrite As Long, ByRef NumberOfBytesWritten As Long) As Long
Public Function IsBeingDebugged() As Boolean
Dim pPeb            As Long
Dim bIBD            As Boolean
Dim l               As Long
Dim pHeap           As Long

NtWriteVirtualMemory -1, VarPtr(pPeb), NtCurrentTeb + &H30, 4, 0
NtWriteVirtualMemory -1, VarPtr(pHeap), pPeb + &H20, 4, 0
NtWriteVirtualMemory -1, VarPtr(bIBD), pPeb + 2, 1, 0
NtWriteVirtualMemory -1, VarPtr(l), pHeap + &H10, 4, 0
If l <> 0 Then IsBeingDebugged = True
If bIBD = True then IsBeingDebugged = True
End Function