Bypassing ptrace calls with LD_PRELOAD on Linux

Hello, Here's a quick article on how to bypass calls to ptrace when debugging a Linux executable. By calling ptrace with the PTRACE_TRACEME option, a process can detect if it's being debugged and execute different instructions. This an effective anti-debugging technique. For example, take the following C program: #include <stdio.h> #include <sys/ptrace.h> int main() { … Continue reading Bypassing ptrace calls with LD_PRELOAD on Linux

Hack The Box – Reversing: Debug Me

Hello, Here are some hints for solving the Debug Me challenge on HackThebox: Use a good debugger like x64dbgUse an anti-anti-debugging plugin like Scylla Hide. (read the instructions on how to install it)Step through the challenge and see where it takes you. Write-up: Debug Me Thanks!