kvk1989 2 Posted April 15, 2022 Hi, I'm making a program and I want to add some sniffer tool detection function Like http debugger , ollydbg , x64dbg If detect these tools then program can force stop services Thanks !! Share this post Link to post
FPiette 383 Posted April 15, 2022 Do you already have an idea how to do it? Or are you asking that we code it for you? Share this post Link to post
Remy Lebeau 1394 Posted April 15, 2022 6 hours ago, kvk1989 said: I want to add some sniffer tool detection function Meaning what, exactly? Are you trying to detect when specific tools are installed on the machine your app is running on? If so, then do those tools even provide any means of detecting their installations? Do they create Registry keys for themselves? Do they create file system folders in predictable locations? Do you know how to detect these tools manually, before you code any logic for them? 6 hours ago, kvk1989 said: Like http debugger Is that a SPECIFIC tool? Because more than one HTTP debugger exist in the world. 6 hours ago, kvk1989 said: If detect these tools then program can force stop services What does detecting tools have to do with stopping services? Why can't you just stop the services without the tools? Please explain in more detail EXACTLY what you are trying to accomplish. Share this post Link to post
kvk1989 2 Posted April 15, 2022 8 hours ago, FPiette said: Do you already have an idea how to do it? Or are you asking that we code it for you? I don't have any idea I'm asking for codes Share this post Link to post
FPiette 383 Posted April 16, 2022 Quote I don't have any idea I'm asking for codes Then your request can't be satisfied because you don't provide any detail. There is no API that I am aware of the is generic across the kind of tool you ask. Please read again @Remy Lebeauanswer because it contain interesting hints. Share this post Link to post
Fr0sT.Brutal 900 Posted April 18, 2022 My crystal ball says he just wants to prevent users from examining his app's traffic. Use SSL with hostname verification and forget about sniffers. Share this post Link to post
dwrbudr 8 Posted April 18, 2022 function Find_Debugger_Window(): Boolean; var whWnd: DWORD; begin result := True; //ollydbg v1.1 whWnd := FindWindow('icu_dbg', nil); if whWnd <> 0 then Exit; //ollyice pe--diy whWnd := FindWindow('pe--diy', nil); if whWnd <> 0 then Exit; //ollydbg ?- whWnd := FindWindow('ollydbg', nil); if whWnd <> 0 then Exit; //windbg whWnd := FindWindow('WinDbgFrameClass', nil); if whWnd <> 0 then Exit; //dede3.50 whWnd := FindWindow('TDeDeMainForm', nil); if whWnd <> 0 then Exit; //IDA5.20 whWnd := FindWindow('TIdaWindow', nil); if whWnd <> 0 then Exit; result := False; end; You can add more captions if you use Spy++ to obtain the caption of tools you want to check for. Share this post Link to post
kvk1989 2 Posted April 20, 2022 On 4/18/2022 at 7:17 PM, dwrbudr said: function Find_Debugger_Window(): Boolean; var whWnd: DWORD; begin result := True; //ollydbg v1.1 whWnd := FindWindow('icu_dbg', nil); if whWnd <> 0 then Exit; //ollyice pe--diy whWnd := FindWindow('pe--diy', nil); if whWnd <> 0 then Exit; //ollydbg ?- whWnd := FindWindow('ollydbg', nil); if whWnd <> 0 then Exit; //windbg whWnd := FindWindow('WinDbgFrameClass', nil); if whWnd <> 0 then Exit; //dede3.50 whWnd := FindWindow('TDeDeMainForm', nil); if whWnd <> 0 then Exit; //IDA5.20 whWnd := FindWindow('TIdaWindow', nil); if whWnd <> 0 then Exit; result := False; end; You can add more captions if you use Spy++ to obtain the caption of tools you want to check for. Ohh great thank for this 🙂 Share this post Link to post
![Delphi-PRAXiS [en]](https://en.delphipraxis.net/uploads/monthly_2018_12/logo.png.be76d93fcd709295cb24de51900e5888.png){kind=logo}
