[CodeProject] An Anti-Reverse Engeneering Guide

Programming/CodeProject 2009. 3. 4. 14:00

URL : http://www.codeproject.com/KB/security/AntiReverseEngineering.aspx

'코드프로젝트'에 기고된 Anti-Reverse 관련 Article 입니다.

1. Breakpoints
   ㅇ Int 3
   ㅇ Memory
   ㅇ Hardware

2. Timing Attacks
   ㅇ RDTSC
   ㅇ Win32 Timing APIs

3. Windows Internals
   ㅇ ProcessDebugFlags
   ㅇ Debug Object Handle
   ㅇ Thread Hiding
   ㅇ BlockInput
   ㅇ OutputDebugString

4. Process Exploitation
   ㅇ OpenProcess
   ㅇ Parent Processes
   ㅇ Self-Debugging
   ㅇ UnhandledExceptionFilter
   ㅇ NtQueryObject

5. Anti-Dumping
   ㅇ Nanomites
   ㅇ Stolen Code (Stolen Bytes)
   ㅇ SizeOfImage
   ㅇ Virtual Machines
   ㅇ Guard Pages
   ㅇ Removing the PE Header

6. IA-32 Instruction Exploits
   ㅇ Interrupt 2D
   ㅇ Stack Segment
   ㅇ Instruction Prefixes

7. OllyDBG Specific
   ㅇ FindWindow
   ㅇ OutputDebugString Exploit

8. WinDBG Specific
   ㅇ FindWindow

9. Other Techniques
   ㅇ Junk Code
   ㅇ Native Code Permutations

출처 : 코드프로젝트

'Programming > CodeProject' 카테고리의 다른 글

[CodeProject] The Ultimate Toolbox (0)	2010.04.02
[CodeProject] API hooking for hotpatchable operating systems (0)	2010.04.02
[CodeProject] An Anti-Reverse Engeneering Guide (2)	2009.03.04
[CodeProject] C++ Reverse Disassembly (0)	2009.02.27
[CodeProject] Driver Development Part1 ~ Part6 (0)	2007.12.26
[CodeProject] Three Ways to Inject Your Code into Another Process (0)	2007.12.13

anti-reverse, CodeProject, RCE, Reverse Engineering, Windows System, 리버스엔지니어링, 보안, 안티-리버싱, 윈도우시스템, 코드프로젝트

TRACKBACK 0 AND COMMENT 2

YOUR COMMENT IS THE CRITICAL SUCCESS FACTOR FOR THE QUALITY OF BLOG POST

vbdream 2009.04.22 20:11 댓글주소 수정/삭제 댓글쓰기
Stack Segment 조작은 디버거 감지 효과가 정말로 있는지 지금까지 의문이었는데... 디버거에 의해 명령어가 건너띄워지기(Step Over) 때문에 그랬던 것이군요 ^^ 좋은 정보 감사합니다...
- XeroNic(HS) 2009.04.23 00:51 신고 댓글주소 수정/삭제
  하핫..^^;; 별말씀을..
  코드프로젝트에 정리가 잘되어있는걸.. 긁어왔을 뿐인데요 뭘...ㅋ