Need to set signal handler with handles interrupt number 3 with is used
for step by step debugging
Compile:
gcc main.c -o main
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#define FALSE 0
#define TRUE 1
void sig_handler( int );
int debuging;
int main()
{
debuging = FALSE;
signal(SIGTRAP, sig_handler);
__asm__("int3");
if (debuging == FALSE)
{
printf("Nothing special\n");
} else
{
printf("Playing seek and hide\n");
}
exit(1);
}
void sig_handler( int sig)
{
debuging = TRUE;
}
Run:
./main
Example with asm
Compile:
fasm ad4.asm ad4.o
gcc ad4.o -o ad4
format ELF include 'ccall.inc' SYS_EXIT equ 1 SIGTRAP equ 5 TRUE equ 1 FALSE equ 0 section '.text' executable public main extrn printf extrn exit extrn signal main: ccall signal, SIGTRAP, sig_handler int 3h cmp [debug],FALSE jne no_dbg ccall printf,str1 jmp exit no_dbg: ccall printf,str2 to_exit: mov eax, SYS_EXIT mov ebx, 0 int 80h sig_handler: param1 equ dword [ebp+8] mov [debug], TRUE ret section '.data' writable debug db FALSE str1 db "Under debug",0xA,0 str2 db "No debug",0xA,0Tested and works for gdb and ald. Links:
[1] http://blog.binarycell.org/2011/04/simple-antidebugging-methods-part-2.html