> There is a Windows API function, IsDebuggerPresent. It should work. > However, it won't work well as a defense against cracking. If I were > trying to crack a program, one of the first things I would do would be > to patch over IsDebuggerPresent so that whenever your program called > it, it would always return False.
I might get the names wrong here, but there's The Hacker's Debuger: BlackIce / SoftIce (something with Ice anyway). This debuger loads itself BEFORE Windows so it "debugs" anything running on Windows, including Windows itself. I'm not sure how all this works but it certanly makes detecting it VERY difficult. I've seen articles writen on the subject and the conclusion was allways the same: no matter what you do, some one on the other side of the fence will find a way arround your debugger detecting code. On the other hand, if this is done for anti-cracking, one only needs to protect from would-be hackers, and some anti-debugging code would be grate. If the software is interesting enough there's no software or hardware based solution for protecting it (Microsoft fails at this time and time again, and not for lack of trying) __________________________________________________ Delphi-Talk mailing list -> [email protected] http://www.elists.org/mailman/listinfo/delphi-talk
