Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/TannerJin/AntiMSHookFunction
AntiMSHookFunction (make MSHookFunction doesn't work)
https://github.com/TannerJin/AntiMSHookFunction
Last synced: about 1 month ago
JSON representation
AntiMSHookFunction (make MSHookFunction doesn't work)
- Host: GitHub
- URL: https://github.com/TannerJin/AntiMSHookFunction
- Owner: TannerJin
- License: mit
- Created: 2019-09-20T05:57:27.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2020-09-07T09:10:14.000Z (about 4 years ago)
- Last Synced: 2024-05-02T18:07:57.585Z (5 months ago)
- Language: C
- Homepage:
- Size: 23.4 KB
- Stars: 122
- Watchers: 7
- Forks: 48
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - TannerJin/AntiMSHookFunction - AntiMSHookFunction (make MSHookFunction doesn't work) (C)
README
# AntiMSHookFunction
AntiMSHookFunction is an AntiHook library for MSHookFunction at runtime (make MSHookFunction doesn't work)
include `MSHookFunction Check` and `Anti-MSHookFunction`
[Swift-Version](https://github.com/TannerJin/IOSSecuritySuite/blob/master/IOSSecuritySuite/MSHookFunctionChecker.swift)(latest version)
## Usage
```c
void* orig_antiDebug = antiMSHook(antiDebug);
if (orig_antiDebug == NULL) {
printf("[+++] Not MSHook");
antiDebug();
} else {
printf("[+++] AntiMSHook 🚀🚀🚀");
typedef void AntiDebug(void);
AntiDebug *_antiDebug = (AntiDebug *)orig_antiDebug;
_antiDebug();
}
void antiDebug() {
resetSymbol(@"dlopen"); // anti-fishhook
resetSymbol(@"dlsym"); // anti-fishhook
void* handle = dlopen("/usr/lib/libc.dylib", RTLD_NOW);
void* ptrace = dlsym(handle, "ptrace");
typedef int Ptrace(int, pid_t, int, int);
Ptrace *_ptrace = (Ptrace *)ptrace;
_ptrace(31, 0, 0, 0);
dlclose(handle);
}
```