开通博客赚积分
发布资源赚积分
分类

源码开发语言/平台
当前位置:首页 > 源码/资料 > Windows编程 > 钩子与API截获 > 查看源码
HideDebugger.ini
资源名称:idastealth.rar [点击查看]
上传用户:leapwu
上传日期:2022-07-24
资源大小:801k
文件大小:4k
源码类别:

钩子与API截获

开发平台:

Visual C++

HideDebugger.ini:源码内容
  1. [default]
  2. NtQueryObject_enabled=0
  3. RtlGetNtGlobalFlags_enabled=0
  4. NtQuerySystemInformation_enabled=0
  5. NtQueryInformationProcess_enabled=0
  6. GetTickCount_enabled=0
  7. ProtectDRs_enabled=0
  8. GetVersion_enabled=0
  9. NtClose_enabled=0
  10. PEBIsDebugged_enabled=1
  11. NtGlobalFlag_enabled=0
  12. HeapFlags_enabled=0
  13. GetTickCount_delta=2
  14. EnableDbgAttach_enabled=1
  15. EnableDbgStart_enabled=1
  16. PassUnknownExceptions_enabled=0
  17. InlinePatchingMethod_mode=0
  18. BlockInput_enabled=0
  19. SuspendThread_enabled=0
  20. NtTerminate_enabled=0
  21. FakeParentProcess_enabled=0
  22. HideIDAProcess_enabled=0
  23. HideIDAWindow_enabled=0
  24. DbgPrintException_enabled=0
  25. OpenProcess_enabled=0
  26. SwitchDesktop_enabled=0
  27. KillAntiAttach_enabled=0
  28. NtYieldExecution_enabled=0
  29. OutputDebugString_enabled=0
  30. NtSetInformationThread_enabled=0
  31. RDTSCEmulation_enabled=0
  32. RDTSCEmulation_mode=0
  33. UnloadRDTSCDriver_enabled=0
  34. RandRDTSCName_enabled=0
  35. RDTSCEmulation_delta=0
  36. GetTickCount_value=0
  37. RDTSCEmulation_value=0
  38. RemoteTCPPort_value=4242
  39. StealthNtSetInformationThread_enabled=0
  40. StealthDriver_enabled=0
  41. StealthNtQueryInformationProcess_enabled=0
  42. UnloadStealthDriver_enabled=0
  43. []
  44. last_profile=Themida v2.0.4.0
  45. [Themida v2.0.4.0]
  46. NtQueryObject_enabled=1
  47. RtlGetNtGlobalFlags_enabled=1
  48. NtQuerySystemInformation_enabled=1
  49. NtQueryInformationProcess_enabled=0
  50. GetTickCount_enabled=0
  51. ProtectDRs_enabled=0
  52. GetVersion_enabled=0
  53. NtClose_enabled=0
  54. PEBIsDebugged_enabled=1
  55. NtGlobalFlag_enabled=1
  56. HeapFlags_enabled=1
  57. GetTickCount_value=3
  58. EnableDbgAttach_enabled=1
  59. EnableDbgStart_enabled=1
  60. PassUnknownExceptions_enabled=0
  61. InlinePatchingMethod_mode=1
  62. RemoteTCPPort_value=4242
  63. RDTSCEmulation_enabled=1
  64. RDTSCEmulation_mode=1
  65. UnloadRDTSCDriver_enabled=1
  66. RandRDTSCName_enabled=0
  67. RDTSCEmulation_value=23
  68. BlockInput_enabled=0
  69. SuspendThread_enabled=0
  70. NtTerminate_enabled=0
  71. FakeParentProcess_enabled=0
  72. HideIDAProcess_enabled=0
  73. HideIDAWindow_enabled=0
  74. DbgPrintException_enabled=0
  75. OpenProcess_enabled=0
  76. SwitchDesktop_enabled=0
  77. KillAntiAttach_enabled=0
  78. NtYieldExecution_enabled=0
  79. OutputDebugString_enabled=0
  80. NtSetInformationThread_enabled=0
  81. StealthNtSetInformationThread_enabled=1
  82. UnloadStealthDriver_enabled=1
  83. StealthNtQueryInformationProcess_enabled=1
  84. StealthDriver_enabled=1
  85. [ASProtect v1.5]
  86. NtQueryObject_enabled=0
  87. RtlGetNtGlobalFlags_enabled=0
  88. NtQuerySystemInformation_enabled=0
  89. NtQueryInformationProcess_enabled=0
  90. GetTickCount_enabled=0
  91. ProtectDRs_enabled=0
  92. GetVersion_enabled=0
  93. NtClose_enabled=0
  94. PEBIsDebugged_enabled=1
  95. NtGlobalFlag_enabled=1
  96. HeapFlags_enabled=1
  97. GetTickCount_value=0
  98. EnableDbgAttach_enabled=1
  99. EnableDbgStart_enabled=1
  100. PassUnknownExceptions_enabled=0
  101. InlinePatchingMethod_mode=0
  102. RemoteTCPPort_value=4242
  103. RDTSCEmulation_enabled=0
  104. RDTSCEmulation_mode=0
  105. UnloadRDTSCDriver_enabled=0
  106. RandRDTSCName_enabled=0
  107. RDTSCEmulation_value=0
  108. BlockInput_enabled=0
  109. SuspendThread_enabled=0
  110. NtTerminate_enabled=0
  111. FakeParentProcess_enabled=0
  112. HideIDAProcess_enabled=0
  113. HideIDAWindow_enabled=0
  114. DbgPrintException_enabled=0
  115. OpenProcess_enabled=0
  116. SwitchDesktop_enabled=0
  117. KillAntiAttach_enabled=0
  118. NtYieldExecution_enabled=0
  119. OutputDebugString_enabled=0
  120. NtSetInformationThread_enabled=0
  121. StealthNtSetInformationThread_enabled=0
  122. UnloadStealthDriver_enabled=0
  123. StealthNtQueryInformationProcess_enabled=0
  124. StealthDriver_enabled=0
  125. [yoda's Protector]
  126. NtQueryObject_enabled=0
  127. RtlGetNtGlobalFlags_enabled=0
  128. NtQuerySystemInformation_enabled=0
  129. NtQueryInformationProcess_enabled=0
  130. GetTickCount_enabled=0
  131. ProtectDRs_enabled=0
  132. GetVersion_enabled=0
  133. NtClose_enabled=0
  134. PEBIsDebugged_enabled=1
  135. NtGlobalFlag_enabled=0
  136. HeapFlags_enabled=0
  137. GetTickCount_value=0
  138. EnableDbgAttach_enabled=1
  139. EnableDbgStart_enabled=1
  140. BlockInput_enabled=1
  141. SuspendThread_enabled=0
  142. NtTerminate_enabled=0
  143. FakeParentProcess_enabled=1
  144. HideIDAProcess_enabled=0
  145. HideIDAWindow_enabled=0
  146. DbgPrintException_enabled=0
  147. OpenProcess_enabled=0
  148. SwitchDesktop_enabled=0
  149. KillAntiAttach_enabled=0
  150. NtYieldExecution_enabled=0
  151. OutputDebugString_enabled=0
  152. NtSetInformationThread_enabled=0
  153. RDTSCEmulation_enabled=0
  154. RDTSCEmulation_mode=0
  155. UnloadRDTSCDriver_enabled=0
  156. RandRDTSCName_enabled=0
  157. RDTSCEmulation_value=0
  158. PassUnknownExceptions_enabled=0
  159. InlinePatchingMethod_mode=0
  160. RemoteTCPPort_value=4242
  161. StealthNtSetInformationThread_enabled=0
  162. UnloadStealthDriver_enabled=0
  163. StealthNtQueryInformationProcess_enabled=0
  164. StealthDriver_enabled=0