SoftICE protection

Soon I take a program which had protection from hardware debuggers like SoftICE
Have you got an idea how this can be done in Delphi?
razor111Asked:
Who is Participating?
 
Dennis9Commented:
Hi this should detect if Softice is runnig:

//SoftIce in W9x
Function IsSoftIce95Loaded: boolean;
Var hFile: Thandle;
Begin
 result := false;
 hFile := CreateFileA('\.SICE', GENERIC_READ or GENERIC_WRITE,
   FILE_SHARE_READ or FILE_SHARE_WRITE, nil, OPEN_EXISTING,
   FILE_ATTRIBUTE_NORMAL, 0);
 if( hFile <> INVALID_HANDLE_VALUE ) then begin
   CloseHandle(hFile);
   result := TRUE;
 end;
End;

// SoftIce in NT OS
Function IsSoftIceNTLoaded: boolean;
Var hFile: Thandle;
Begin
 result := false;
 hFile := CreateFileA('\.NTICE', GENERIC_READ or GENERIC_WRITE,
   FILE_SHARE_READ or FILE_SHARE_WRITE, nil, OPEN_EXISTING,
   FILE_ATTRIBUTE_NORMAL, 0);
 if( hFile <> INVALID_HANDLE_VALUE ) then begin
   CloseHandle(hFile);
   result := TRUE;
 end;
End;

//to detect it
if IsSoftIce95Loaded or IsSoftIceNTLoaded then
Application.Terminate
{if you insert a "Nag" (Message telling him he uses SoftIce) then a amatuer cracker w'll find this protection in notime}
//bestway of using this thing is in "project Unit"


Hope it helped

Dennis
0
 
GwenaCommented:
listening :-)
0
 
ginsonicCommented:
Me too .
Nick

P.S. I remember that I see on net  a component for this.
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
WiseGuyCommented:
listening :-) 2
0
 
smurffCommented:
Dennis

All the cracker has to do is hex sice.exe and change one byte and thats it.

I remember a API call somewhere called ISDebuggerLoaded in the OS I`ll have a look

regards
Smurff
0
 
Russell LibbySoftware Engineer, Advisory Commented:
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:

Accept Dennis9's comment as answer

Please leave any comments here within the next seven days.
 
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
 
Thank you,
Russell

EE Cleanup Volunteer
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.