Thread: RE: [GD-General] Bink
Brought to you by:
vexxed72
Menu
▾
▴
gamedevlists-general
|
From: Matt N. <mat...@ni...> - 2003-09-03 16:16:43
|
Out of curiosity, what were you using before? Matt Newport. > -----Original Message----- > From: Gareth Lewin [mailto:GL...@cl...]=20 > Sent: 03 September 2003 16:46 > To: gam...@li... > Subject: [GD-General] Bink >=20 >=20 > I know there are some RADTools people here. >=20 > I just put Bink into Sudeki. Man your codec is excellent.=20 > Hat's off to you guys, our FMVs look (to quote an artist)=20 > "29million times better". >=20 > ________________________ > Regards, Gareth Lewin > Programmer, Sudeki > http://www.xbox.com/Sudeki --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 19/08/2003 =20 |
|
From: Gareth L. <GL...@cl...> - 2003-09-03 16:23:54
|
WMV version 8 > -----Original Message----- > From: Matt Newport [mailto:mat...@ni...] > Sent: 03 September 2003 17:16 > To: gam...@li... > Subject: RE: [GD-General] Bink > > > Out of curiosity, what were you using before? > > Matt Newport. > > > -----Original Message----- > > From: Gareth Lewin [mailto:GL...@cl...] > > Sent: 03 September 2003 16:46 > > To: gam...@li... > > Subject: [GD-General] Bink > > > > > > I know there are some RADTools people here. > > > > I just put Bink into Sudeki. Man your codec is excellent. > > Hat's off to you guys, our FMVs look (to quote an artist) > > "29million times better". > > > > ________________________ > > Regards, Gareth Lewin > > Programmer, Sudeki > > http://www.xbox.com/Sudeki > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.512 / Virus Database: 309 - Release Date: 19/08/2003 > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Gamedevlists-general mailing list > Gam...@li... > https://lists.sourceforge.net/lists/listinfo/gamedevlists-general > Archives: > http://sourceforge.net/mailarchive/forum.php?forum_idU7 > |
|
From: Colin F. <cp...@ea...> - 2003-10-09 17:10:20
|
Can a Windows application determine if it is being debugged? Naturally it can't do anything if it has been suspended at a breakpoint, but I'm wondering if there is a way, during execution, to check for debugging. Sorry, it has been a while since I was in to Windows process information stuff, so I forget all the cool things a process can do. Anyhow, let's say the application is started. Meanwhile, something like Visual C++ has already been started, or is now started. Some time during the execution of the application, the user of Visual C++ uses the "Attach to Process..." option, and selects the application. Is there any way for the application to detect that it is being debugged, assuming it has not been immediately paused? The method cannot depend on any particular debugger (like checking for certain states of, say, Visual Studio). But I assume that many debuggers work the same way -- although the 1337 haX0r might run the whole app in an 80x86 emulator... I don't really have any particular objective, like popping up a dialog to embarrass the first haX0r who attempts to crack my application. I'm just making conversation. Relax! Talk amongst yourselves! --- Colin cp...@ea... |
|
From: brian s. <pud...@po...> - 2003-10-09 17:40:20
|
You could call IsDebuggerPresent(). Of course they can easily detour your calls to that function so it's really only useful for you - for instance, if you're trying to figure out whether to display your fancy assert box or drop straight into the debugger. Ultimately, if the person running the debugger didn't want you to know you were being debugged, I don't think you could tell. You could try to play games, like tracking frame times to guess if you'd been sitting at a breakpoint, but that wouldn't stop anyone serious. --brian Colin Fahey wrote: >Can a Windows application determine if it is being debugged? >Naturally it can't do anything if it has been suspended at a breakpoint, >but I'm wondering if there is a way, during execution, to check for debugging. > >Sorry, it has been a while since I was in to Windows process information >stuff, so I forget all the cool things a process can do. > >Anyhow, let's say the application is started. Meanwhile, something like >Visual C++ has already been started, or is now started. Some time >during the execution of the application, the user of Visual C++ uses >the "Attach to Process..." option, and selects the application. >Is there any way for the application to detect that it is being debugged, >assuming it has not been immediately paused? > >The method cannot depend on any particular debugger (like checking for >certain states of, say, Visual Studio). But I assume that many debuggers >work the same way -- although the 1337 haX0r might run the whole app in >an 80x86 emulator... > >I don't really have any particular objective, like popping up a dialog >to embarrass the first haX0r who attempts to crack my application. >I'm just making conversation. Relax! Talk amongst yourselves! > >--- Colin > >cp...@ea... > > |
|
From: Daniel V. <vo...@ep...> - 2003-10-09 17:51:27
|
UBOOL appIsDebuggerPresent()
{
UBOOL Result = 0;
OSVERSIONINFO WinVersion;
HINSTANCE KernLib = LoadLibraryEx( TEXT("kernel32.dll"), NULL, 0);
if( KernLib )
{
FARPROC lIsDebuggerPresent = GetProcAddress( KernLib,
"IsDebuggerPresent" );
if( lIsDebuggerPresent && lIsDebuggerPresent() )
Result = 1;
FreeLibrary( KernLib );
}
return Result;
}
-- Daniel, Epic Games Inc.
> -----Original Message-----
> From: gam...@li...
> [mailto:gam...@li...] On
> Behalf Of Colin Fahey
> Sent: Thursday, October 09, 2003 12:59 PM
> To: gam...@li...
> Subject: [GD-General] Is it possible to detect debugging?
>
>
>
> Can a Windows application determine if it is being debugged?
> Naturally it can't do anything if it has been suspended at a
> breakpoint,
> but I'm wondering if there is a way, during execution, to
> check for debugging.
>
> Sorry, it has been a while since I was in to Windows process
> information
> stuff, so I forget all the cool things a process can do.
>
> Anyhow, let's say the application is started. Meanwhile,
> something like
> Visual C++ has already been started, or is now started. Some time
> during the execution of the application, the user of Visual C++ uses
> the "Attach to Process..." option, and selects the application.
> Is there any way for the application to detect that it is
> being debugged,
> assuming it has not been immediately paused?
>
> The method cannot depend on any particular debugger (like
> checking for
> certain states of, say, Visual Studio). But I assume that
> many debuggers
> work the same way -- although the 1337 haX0r might run the
> whole app in
> an 80x86 emulator...
>
> I don't really have any particular objective, like popping up a dialog
> to embarrass the first haX0r who attempts to crack my application.
> I'm just making conversation. Relax! Talk amongst yourselves!
>
> --- Colin
>
> cp...@ea...
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: SF.net Giveback Program.
> SourceForge.net hosts over 70,000 Open Source Projects.
> See the people who have HELPED US provide better services:
> Click here: http://sourceforge.net/supporters.php
> _______________________________________________
> Gamedevlists-general mailing list
> Gam...@li...
> https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
> Archives:
> http://sourceforge.net/mailarchive/forum.php?forum_id=557
>
|
|
From: brian s. <pud...@po...> - 2003-10-09 18:10:50
|
I'm guessing that you're going through these hoops because IsDebuggerPresent isn't available in Win95? Surely this can't really prevent Someone Evil from having their way with your app. *Seems to me I could easily use http://research.microsoft.com/sn/detours/ to hook your call to GetProcAddress. --brian * Daniel Vogel wrote: >UBOOL appIsDebuggerPresent() >{ > UBOOL Result = 0; > OSVERSIONINFO WinVersion; > > HINSTANCE KernLib = LoadLibraryEx( TEXT("kernel32.dll"), NULL, 0); > if( KernLib ) > { > FARPROC lIsDebuggerPresent = GetProcAddress( KernLib, >"IsDebuggerPresent" ); > if( lIsDebuggerPresent && lIsDebuggerPresent() ) > Result = 1; > > FreeLibrary( KernLib ); > } > return Result; >} > >-- Daniel, Epic Games Inc. > > |
|
From: Daniel V. <vo...@ep...> - 2003-10-09 18:34:05
|
> I'm guessing that you're going through these hoops because > IsDebuggerPresent isn't available in Win95? Yes. > Surely this can't really prevent Someone Evil from having > their way with your app. It isn't mean to :) We only detect the presence of a debugger to determine whether to use use ::DebugBreak on error instead of bringing up an error crash dialog box. -- Daniel, Epic Games Inc. |
|
From: Colin F. <cp...@ea...> - 2003-10-09 22:46:13
|
[1] IsDebuggerPresent()
[2] [...] WinDBG and kd can attach in noninvasive mode and generate a full
minidump [...]
As I suspected: Developers can check for obvious debugging (e.g., to handle
errors differently), but circumventing the check requires a very modest effort
(e.g., intercept IsDebuggerPresent() call, or use noninvasive debuggers).
Also, I suppose one could run the whole application within the context of an
80x86 emulator, so that it isn't running on the CPU as native instructions,
in which case the state of the code is totally exposed and there is no way
in the world the app could possibly detect that it was running in virtual
reality! (Much as we can't tell that we're living in the Matrix --
without pills, I mean.)
--- Colin
|
|
From: Aaron D. <ri...@in...> - 2003-10-10 00:09:44
|
I don't remember too much about it but I do recall reading a while back an ezine (phrack or similar) describing how to avoid debuggers (well, I think it was actuall on how to stop crackers). They listed a few techniques such as: - Modifying your code during execution to confuse any debugger and/or third party. - Kind of like the way executable packers work. - Small assembly language segments like "mov ax, 0x9090; jmp 0xfe" that do nothing important but then jump back into their data and execute it. - Checking for an int 3 handler (the one that gets called at breakpoints) or replacing the int 3 handler with your own (with extreme care). I'm sure there were more but I forget them. - Aaroin On Fri, 10 Oct 2003 08:34 am, Colin Fahey wrote: > [1] IsDebuggerPresent() > > [2] [...] WinDBG and kd can attach in noninvasive mode and generate a full > minidump [...] > > As I suspected: Developers can check for obvious debugging (e.g., to handle > errors differently), but circumventing the check requires a very modest > effort (e.g., intercept IsDebuggerPresent() call, or use noninvasive > debuggers). Also, I suppose one could run the whole application within the > context of an 80x86 emulator, so that it isn't running on the CPU as native > instructions, in which case the state of the code is totally exposed and > there is no way in the world the app could possibly detect that it was > running in virtual reality! (Much as we can't tell that we're living in > the Matrix -- without pills, I mean.) > > --- Colin > > > > > ------------------------------------------------------- > This SF.net email is sponsored by: SF.net Giveback Program. > SourceForge.net hosts over 70,000 Open Source Projects. > See the people who have HELPED US provide better services: > Click here: http://sourceforge.net/supporters.php > _______________________________________________ > Gamedevlists-general mailing list > Gam...@li... > https://lists.sourceforge.net/lists/listinfo/gamedevlists-general > Archives: > http://sourceforge.net/mailarchive/forum.php?forum_id=557 -- - Aaron "Today's mighty oak is just yesterday's nut that held its ground." |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X