diff options
Diffstat (limited to 'md/writeup/linux_antidebug_5.md')
| -rw-r--r-- | md/writeup/linux_antidebug_5.md | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/md/writeup/linux_antidebug_5.md b/md/writeup/linux_antidebug_5.md new file mode 100644 index 0000000..fc71e6e --- /dev/null +++ b/md/writeup/linux_antidebug_5.md @@ -0,0 +1,56 @@ +title:Linux antidebug 5 +keywords:math,statistics + +# Linux antidebug 5 + +Content: When debugging program line by line or when running it +in some debugger then there can be some time delays when you +pressing buttons. We can measure them with asm command + +```asm +rdtsc +``` + +this instruction read time-stamp counter into edx:eax in our +program will be enough values from +eax + +function for c that uses rdtsc is + +```c +extern int get_timer() +``` + +in fasm it looks like + +```asm +get_timer: + rdtsc + ret +``` + +there is written code + +```c +s = get_timer(); +for (i=0;i<10000;i++) +{ +} +e = get_timer(); +d = e - s; +``` + +average time to execute 10000 is 70069 ticks for value +on with we detecting how fast working code i have choose +twice of average 120000 if execution time is larger then +probably it is debuged. + +## Compile +``` +make +``` + +## Download + +http://archive.main.lv/files/writeup/linux_antidebug_5/antidebug5.zip + |