admin/SuperMega
1
0
Fork 0
mirror of https://github.com/dobin/SuperMega synced 2026-06-03 01:27:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

featur: make anti-debug more configurable

Browse Source
This commit is contained in:
Dobin Rutishauser
2024-06-26 03:03:13 +02:00
parent a17ea74e6e
commit 2b576df872
3 changed files with 40 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
data/source/antiemulation/sirallocalot.c
+28 -13
View File
@@ -1,8 +1,12 @@
#define ALLOC_NUM 256
/* This will allocate ALLOC_NUM RW memory regions,
#define SIR_ITERATION_COUNT {{SIR_ITERATION_COUNT}}
#define SIR_ALLOC_COUNT {{SIR_ALLOC_COUNT}}
#define SIR_SLEEP_TIME 200 // ms
/* This will allocate SIR_ALLOC_COUNT RW memory regions,
set them to RX, and free them
The idea is that the AV emulator will probably give up, either because
@@ -14,24 +18,35 @@
*/
void antiemulation() {
void* allocs[ALLOC_NUM];
void* allocs[SIR_ALLOC_COUNT];
DWORD result;
for(int i=0; i<4; i++) {
for(int n=0; n<ALLOC_NUM; n++) {
for(int i=0; i<SIR_ITERATION_COUNT; i++) {
for(int n=0; n<SIR_ALLOC_COUNT; n++) {
allocs[n] = VirtualAlloc(
NULL,
0x1000,
{{PAYLOAD_LEN}},
0x3000,
p_RW
);
char *ptr = allocs[n];
// write every byte of it
for(int i=0; i<{{PAYLOAD_LEN}}; i++) {
ptr[i] = 0x23;
}
}
for(int n=0; n<ALLOC_NUM; n++) {
// Write something.
/*for(int n=0; n<SIR_ALLOC_COUNT; n++) {
char *alloc = allocs[n];
alloc[0] = 0; // overwrite the first byte
}*/
for(int n=0; n<SIR_ALLOC_COUNT; n++) {
if (VirtualProtect(
allocs[n],
1000,
{{PAYLOAD_LEN}},
p_RX,
&result) == 0)
{
@@ -39,13 +54,13 @@ void antiemulation() {
}
}
Sleep(200);
Sleep(SIR_SLEEP_TIME);
BOOL bSuccess;
for(int n=0; n<ALLOC_NUM; n++) {
for(int n=0; n<SIR_ALLOC_COUNT; n++) {
bSuccess = VirtualFree(
allocs[n],
1000,
{{PAYLOAD_LEN}},
0x00008000); // MEM_RELEASE
}
}