-
-
Save yehgdotnet/e9fe9afda3ad120a338e705915177375 to your computer and use it in GitHub Desktop.
Sample code to use ptrace() through dlsym on iOS to terminate when a debugger is attached. NOT FOOLPROOF, but it bypasses Rasticrac decryption.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Build on OS X with: | |
| // clang debugdetect.cpp -o debugdetect -arch armv7 -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS.sdk/ -miphoneos-version-min=7 | |
| #import <dlfcn.h> | |
| #import <sys/types.h> | |
| #import <stdio.h> | |
| typedef int (*ptrace_ptr_t)(int _request, pid_t _pid, caddr_t _addr, int _data); | |
| void disable_dbg() { | |
| ptrace_ptr_t ptrace_ptr = (ptrace_ptr_t)dlsym(RTLD_SELF, "ptrace"); | |
| ptrace_ptr(31, 0, 0, 0); // PTRACE_DENY_ATTACH = 31 | |
| } | |
| int main() { | |
| #ifndef DEVEL | |
| disable_dbg(); | |
| #endif | |
| printf("Hello, World\n"); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment