Linux antidebug 2

Content: This is dirty solution it checks programms argv[0] name with your defined namewhen running debuger such as gdb or ald name is chaned to fullpath nameuser defined name from terminal is './main'.

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <sys/types.h>

int main( int argc , char **argv )
{
    pid_t pid,ppid;
    FILE *f;
    char str[128];
    char spid[10];

    //openfile and write ppid
    f = fopen( "pid.txt" , "w" );
    pid = getpid();
    fprintf(f,"%d ",pid);
    fclose( f );
    f = fopen( "pid.txt" , "r" );
    fscanf( f , "%s" , spid );
    fclose( f );

    strcpy( str , "cat /proc/" );
    strcat( str , &spid[0] );
    strcat( str , "/cmdline");
    printf( "[%s]\n", spid );
    system( str );

    printf("\n");
}

Dirty function that makes dirty solution at one place

int badppid( const char *real_name )
{
    pid_t pid,ppid;
    FILE *f;
    char str[128];
    char spid[10];
        f = fopen( "pid.txt" , "w" );
    pid = getpid();
    fprintf(f,"%d ",pid);
    fclose( f );


    f = fopen( "pid.txt" , "r" );
    fscanf( f , "%s" , spid );
    fclose( f );


    strcpy( str , "cat /proc/" );
    strcat( str , &spid[0] );
    strcat( str , "/cmdline > name.txt");
    system( str );

    f = fopen( "name.txt" , "r" );
    fscanf( f , "%s" , str );
    fclose( f );
    if ( strncmp(str,real_name,strlen(real_name)) != 0 )
    {
        return -1;
    }

    return 0;
}

Downloads

http://archive.main.lv/files/writeup/linux_antidebug_2/antidebug2.tar.gz