2010-2-26 Linux antidebug 2
Content: This is dirty solution it checks programms argv[0] name
with your defined namewhen running debuger such as gdb or ald name is
chaned to fullpath nameuser defined name from terminal is './main'.
Dirty function that makes dirty solution at one place
with your defined namewhen running debuger such as gdb or ald name is
chaned to fullpath nameuser defined name from terminal is './main'.
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
int main( int argc , char **argv )
{
pid_t pid,ppid;
FILE *f;
char str[128];
char spid[10];
//openfile and write ppid
f = fopen( "pid.txt" , "w" );
pid = getpid();
fprintf(f,"%d ",pid);
fclose( f );
f = fopen( "pid.txt" , "r" );
fscanf( f , "%s" , spid );
fclose( f );
strcpy( str , "cat /proc/" );
strcat( str , &spid[0] );
strcat( str , "/cmdline");
printf( "[%s]\n", spid );
system( str );
printf("\n");
}
Dirty function that makes dirty solution at one place
int badppid( const char *real_name )
{
pid_t pid,ppid;
FILE *f;
char str[128];
char spid[10];
f = fopen( "pid.txt" , "w" );
pid = getpid();
fprintf(f,"%d ",pid);
fclose( f );
f = fopen( "pid.txt" , "r" );
fscanf( f , "%s" , spid );
fclose( f );
strcpy( str , "cat /proc/" );
strcat( str , &spid[0] );
strcat( str , "/cmdline > name.txt");
system( str );
f = fopen( "name.txt" , "r" );
fscanf( f , "%s" , str );
fclose( f );
if ( strncmp(str,real_name,strlen(real_name)) != 0 )
{
return -1;
}
return 0;
}