SizeOfStackReserve As Anti-Attach Trick

1. //http://waleedassar.blogspot.com
2. //http://www.twitter.com/waleedassar
3. //A simple trick that can be as anti-attaching trick under Windows 7.
4. #include "stdafx.h"
5. #include "windows.h"
6. #include "stdio.h"
7.  
8. extern "C"
9. {
10.     IMAGE_NT_HEADERS* __stdcall RtlImageNtHeader(unsigned long ImageBase);
11. }
12.  
13. int main(int argc, char* argv[])
14. {
15.  
16.     //----------------------------------------------------------------
17.     unsigned long IB=(unsigned long)GetModuleHandle(0);
18.     unsigned long old=0;
19.     VirtualProtect((void*)IB,0x1000,PAGE_READWRITE,&old);
20.     IMAGE_NT_HEADERS* pNt=RtlImageNtHeader(IB);
21.     pNt->OptionalHeader.SizeOfStackReserve=0xFFFFFED7;
22.     VirtualProtect((void*)IB,0x1000,old,&old);
23.     //-----------------------------------------------------------------
24.     int i=0;
25.     while(8)
26.     {
27.         printf("Now try to attach a debugger to me (Win7) %x\r\n",i++);
28.         Sleep(1000);
29.     }
30.     return 0;
31. }