diff --git a/CMakeLists.txt b/CMakeLists.txt index 4e5940c..c343928 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -142,6 +142,40 @@ target_link_options(MemoryTest PRIVATE unset(CMKR_TARGET) unset(CMKR_SOURCES) +# Target AntiDebugHandle +set(CMKR_TARGET AntiDebugHandle) +set(AntiDebugHandle_SOURCES "") + +list(APPEND AntiDebugHandle_SOURCES + "src/AntiDebugHandle/AntiDebugHandle.cpp" +) + +list(APPEND AntiDebugHandle_SOURCES + cmake.toml +) + +set(CMKR_SOURCES ${AntiDebugHandle_SOURCES}) +add_executable(AntiDebugHandle) + +if(AntiDebugHandle_SOURCES) + target_sources(AntiDebugHandle PRIVATE ${AntiDebugHandle_SOURCES}) +endif() + +get_directory_property(CMKR_VS_STARTUP_PROJECT DIRECTORY ${PROJECT_SOURCE_DIR} DEFINITION VS_STARTUP_PROJECT) +if(NOT CMKR_VS_STARTUP_PROJECT) + set_property(DIRECTORY ${PROJECT_SOURCE_DIR} PROPERTY VS_STARTUP_PROJECT AntiDebugHandle) +endif() + +source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${AntiDebugHandle_SOURCES}) + +target_link_options(AntiDebugHandle PRIVATE + "/DYNAMICBASE:NO" + "/INCREMENTAL:NO" +) + +unset(CMKR_TARGET) +unset(CMKR_SOURCES) + # Target TestTitanEngine set(CMKR_TARGET TestTitanEngine) set(TestTitanEngine_SOURCES "") diff --git a/cmake.toml b/cmake.toml index 2db279b..643d5b3 100644 --- a/cmake.toml +++ b/cmake.toml @@ -23,6 +23,10 @@ sources = ["src/DebugMe/*.cpp"] type = "test" sources = ["src/MemoryTest/*.cpp"] +[target.AntiDebugHandle] +type = "test" +sources = ["src/AntiDebugHandle/*.cpp"] + [target.TestTitanEngine] type = "executable" sources = ["src/TestTitanEngine/*.cpp", "src/TestTitanEngine/*.h"] diff --git a/src/AntiDebugHandle/AntiDebugHandle.cpp b/src/AntiDebugHandle/AntiDebugHandle.cpp new file mode 100644 index 0000000..cb96e64 --- /dev/null +++ b/src/AntiDebugHandle/AntiDebugHandle.cpp @@ -0,0 +1,19 @@ +#include +#include +#include + +int main() +{ + puts(""); + + wchar_t executablePath[MAX_PATH] = L""; + GetModuleFileNameW(0, executablePath, _countof(executablePath)); + + auto hNtdll = CreateFileW(L"C:\\Windows\\system32\\ntdll.dll", GENERIC_READ, 0, nullptr, OPEN_EXISTING, 0, nullptr); + printf("[AntiDebugHandle] ntdll: 0x%zX (LastError: %u)\n", (uintptr_t)hNtdll, GetLastError()); + + auto hExe = CreateFileW(executablePath, GENERIC_READ, 0, nullptr, OPEN_EXISTING, 0, nullptr); + printf("[AntiDebugHandle] exe: 0x%zX (LastError: %u)\n", (uintptr_t)hExe, GetLastError()); + + puts(""); +} diff --git a/src/DebugLoop/DebugLoop.cpp b/src/DebugLoop/DebugLoop.cpp index 9c55a42..3ff883a 100644 --- a/src/DebugLoop/DebugLoop.cpp +++ b/src/DebugLoop/DebugLoop.cpp @@ -295,6 +295,11 @@ int main(int argc, char** argv) case LOAD_DLL_DEBUG_EVENT: { + const auto& dll = debugEvent.u.LoadDll; + if (dll.hFile) + { + CloseHandle(dll.hFile); + } } break;