Allow having IDA open
This commit is contained in:
parent
75ed941297
commit
0dabe137cb
@ -30,6 +30,17 @@ namespace arxan
|
||||
|
||||
utils::hook::detour nt_close_hook;
|
||||
utils::hook::detour nt_query_information_process_hook;
|
||||
utils::hook::detour create_mutex_ex_a_hook;
|
||||
|
||||
HANDLE create_mutex_ex_a_stub(const LPSECURITY_ATTRIBUTES attributes, const LPCSTR name, const DWORD flags, const DWORD access)
|
||||
{
|
||||
if (name == "$ IDA trusted_idbs"s || name == "$ IDA registry mutex $"s)
|
||||
{
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
return create_mutex_ex_a_hook.invoke<HANDLE>(attributes, name, flags, access);
|
||||
}
|
||||
|
||||
NTSTATUS WINAPI nt_query_information_process_stub(const HANDLE handle, const PROCESSINFOCLASS info_class,
|
||||
const PVOID info,
|
||||
@ -109,6 +120,8 @@ namespace arxan
|
||||
hide_being_debugged();
|
||||
scheduler::loop(hide_being_debugged, scheduler::pipeline::async);
|
||||
|
||||
create_mutex_ex_a_hook.create(CreateMutexExA, create_mutex_ex_a_stub);
|
||||
|
||||
const utils::nt::library ntdll("ntdll.dll");
|
||||
nt_close_hook.create(ntdll.get_proc<void*>("NtClose"), nt_close_stub);
|
||||
nt_query_information_process_hook.create(ntdll.get_proc<void*>("NtQueryInformationProcess"),
|
||||
|
Loading…
Reference in New Issue
Block a user