Cracking 1

home *** CD-ROM | disk | FTP | other *** search

/ Cracking 1 / Cracking I..iso / Příklady / 3.Anti-Debugging / Detekce SoftICu / INT 1 / INT_1Dlg.cpp < prev next >

Wrap

C/C++ Source or Header | 2002-07-11 | 4.1 KB | 152 lines

// INT_1Dlg.cpp : implementation file // #include "stdafx.h" #include "INT_1.h" #include "INT_1Dlg.h" #ifdef _DEBUG #define new DEBUG_NEW #undef THIS_FILE static char THIS_FILE[] = __FILE__; #endif ///////////////////////////////////////////////////////////////////////////// // CINT_1Dlg dialog CINT_1Dlg::CINT_1Dlg(CWnd* pParent /*=NULL*/) : CDialog(CINT_1Dlg::IDD, pParent) { //{{AFX_DATA_INIT(CINT_1Dlg) // NOTE: the ClassWizard will add member initialization here //}}AFX_DATA_INIT // Note that LoadIcon does not require a subsequent DestroyIcon in Win32 m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME); } void CINT_1Dlg::DoDataExchange(CDataExchange* pDX) { CDialog::DoDataExchange(pDX); //{{AFX_DATA_MAP(CINT_1Dlg) // NOTE: the ClassWizard will add DDX and DDV calls here //}}AFX_DATA_MAP } BEGIN_MESSAGE_MAP(CINT_1Dlg, CDialog) //{{AFX_MSG_MAP(CINT_1Dlg) ON_WM_PAINT() ON_WM_QUERYDRAGICON() ON_BN_CLICKED(IDC_OK, OnOk) //}}AFX_MSG_MAP END_MESSAGE_MAP() ///////////////////////////////////////////////////////////////////////////// // CINT_1Dlg message handlers BOOL CINT_1Dlg::OnInitDialog() { CDialog::OnInitDialog(); // Set the icon for this dialog. The framework does this automatically // when the application's main window is not a dialog SetIcon(m_hIcon, TRUE); // Set big icon SetIcon(m_hIcon, FALSE); // Set small icon // TODO: Add extra initialization here return TRUE; // return TRUE unless you set the focus to a control } // If you add a minimize button to your dialog, you will need the code below // to draw the icon. For MFC applications using the document/view model, // this is automatically done for you by the framework. void CINT_1Dlg::OnPaint() { if (IsIconic()) { CPaintDC dc(this); // device context for painting SendMessage(WM_ICONERASEBKGND, (WPARAM) dc.GetSafeHdc(), 0); // Center icon in client rectangle int cxIcon = GetSystemMetrics(SM_CXICON); int cyIcon = GetSystemMetrics(SM_CYICON); CRect rect; GetClientRect(&rect); int x = (rect.Width() - cxIcon + 1) / 2; int y = (rect.Height() - cyIcon + 1) / 2; // Draw the icon dc.DrawIcon(x, y, m_hIcon); } else { CDialog::OnPaint(); } } // The system calls this to obtain the cursor to display while the user drags // the minimized window. HCURSOR CINT_1Dlg::OnQueryDragIcon() { return (HCURSOR) m_hIcon; } void CINT_1Dlg::OnOk() { __asm { mov ax,ds test al,4 // o jak² operaΦnφ systΘm se jednß? jne Win9x // skok = operaΦnφm systΘmem je Windows 9x/Me xor eax,eax // EAX = 0 push offset MyHandler // adresa handleru push dword ptr fs:[eax] // adresa p°edchozφho handleru mov fs:[eax],esp // instalace INT 1 pop dword ptr fs:[0] // obnovenφ p∙vodnφho handleru add esp,4 // korekce zßsobnφku cmp eax,4 // byl SoftICE nalezen? jz No_SoftICE jmp SoftICE MyHandler: mov edx,[esp+0Ch] // CONTEXT mov ecx,[esp+4] // EXCEPTION_RECORD mov eax,80000004h // EAX = Φφslo chyby STATUS_SINGLE_STEP, kterou // INT 1 vyvolß pokud je SoftICE aktivnφ mov ecx,[ecx] // ECX = Φφslo chyby, kterß prßv∞ vznikla sub eax,ecx // porovnßnφ hodnot EAX a ECX je Ok // pokud se Φφsla chyb shodujφ je SoftICE aktivnφ sub ecx,0C0000005h // pokud nenφ SoftICE aktivnφ, INT 1 vyvolß // chybu STATUS_ACCESS_VIOLATION(C0000005h) je No_NTIce // pokud se Φφsla chyb shodujφ, nenφ SoftICE aktivnφ sub eax,eax // doÜlo k jinΘ chyb∞, kterou tento handler nebude zpracovßvat inc eax // ExceptionContinueSearch jmp Konec No_NTIce: add dword ptr[edx+0B8h],2 // opravenφ chyby p°eskoΦenφm chybnΘ instrukce mov [edx+0B0h],4 // ulo₧φ do EAX hodnotu 4 - SoftICE nenalezen Ok: sub eax,eax // ExceptionContinueExecution Konec: ret } Win9x: MessageBox("Tato metoda funguje pouze ve Windows NT/2000/XP",NULL,MB_OK); return; No_SoftICE: MessageBox("SoftICE nenalezen",NULL,MB_OK); return; SoftICE: MessageBox("SoftICE nalezen",NULL,MB_OK); }