URL : http://www.codeproject.com/KB/security/AntiReverseEngineering.aspx
'코드프로젝트'에 기고된 Anti-Reverse 관련 Article 입니다.
1. Breakpoints
ㅇ Int 3
ㅇ Memory
ㅇ Hardware
2. Timing Attacks
ㅇ RDTSC
ㅇ Win32 Timing APIs
3. Windows Internals
ㅇ ProcessDebugFlags
ㅇ Debug Object Handle
ㅇ Thread Hiding
ㅇ BlockInput
ㅇ OutputDebugString
4. Process Exploitation
ㅇ OpenProcess
ㅇ Parent Processes
ㅇ Self-Debugging
ㅇ UnhandledExceptionFilter
ㅇ NtQueryObject
5. Anti-Dumping
ㅇ Nanomites
ㅇ Stolen Code (Stolen Bytes)
ㅇ SizeOfImage
ㅇ Virtual Machines
ㅇ Guard Pages
ㅇ Removing the PE Header
6. IA-32 Instruction Exploits
ㅇ Interrupt 2D
ㅇ Stack Segment
ㅇ Instruction Prefixes
7. OllyDBG Specific
ㅇ FindWindow
ㅇ OutputDebugString Exploit
8. WinDBG Specific
ㅇ FindWindow
9. Other Techniques
ㅇ Junk Code
ㅇ Native Code Permutations
출처 : 코드프로젝트
'Programming > CodeProject' 카테고리의 다른 글
[CodeProject] The Ultimate Toolbox (0) | 2010.04.02 |
---|---|
[CodeProject] API hooking for hotpatchable operating systems (0) | 2010.04.02 |
[CodeProject] An Anti-Reverse Engeneering Guide (2) | 2009.03.04 |
[CodeProject] C++ Reverse Disassembly (0) | 2009.02.27 |
[CodeProject] Driver Development Part1 ~ Part6 (0) | 2007.12.26 |
[CodeProject] Three Ways to Inject Your Code into Another Process (0) | 2007.12.13 |
anti-reverse,
CodeProject,
RCE,
Reverse Engineering,
Windows System,
리버스엔지니어링,
보안,
안티-리버싱,
윈도우시스템,
코드프로젝트
Stack Segment 조작은 디버거 감지 효과가 정말로 있는지 지금까지 의문이었는데... 디버거에 의해 명령어가 건너띄워지기(Step Over) 때문에 그랬던 것이군요 ^^ 좋은 정보 감사합니다...
하핫..^^;; 별말씀을..
코드프로젝트에 정리가 잘되어있는걸.. 긁어왔을 뿐인데요 뭘...ㅋ