; INFO: Antidebugg funguje pod - OllyDbg v.1.0, 2.0;
;	pri stlaceni F8 na "call CHECKBREAKPOINT" sa na nasledovnu instrukciu ulozi
;	breakpoint (byte CC), ktory vo funkcii "CHECKBREAKPOINT" detekujeme.
;	Pripadne je mozne natvrdo nastavit na instrukciu  "cmp [DEBUGGER_FOUND], 1" SW breakpoint
; Nastavenie:
;	Vypnut "Options->Options Dbugging| Use HW breakpoints for stepping"
;


format PE GUI 4.0 at 0x400000

include 'win32a.inc'

section '.text' code readable executable
		mov dword [DEBUGGER_FOUND], 0 ; We clear information about debugger
		
		call CHECKBREAKPOINT
	BREAKPOINT_ADDR2:
		cmp [DEBUGGER_FOUND], 1
		je MSG_FOUND
	MSG_OK:
		invoke MessageBoxA, 0, message_ok	,message_caption, MB_OK+MB_ICONINFORMATION
		jmp EXIT
	MSG_FOUND:
		invoke MessageBoxA, 0, message_found,message_caption, MB_OK+MB_ICONINFORMATION
	EXIT:
		ret
	
	;--------------------------------------------------------------
	CHECKBREAKPOINT:
		cmp byte [BREAKPOINT_ADDR2], 0CCh ; kontrola break-pointu
		jne CHECKBREAKPOINT_EXIT
		mov dword [DEBUGGER_FOUND], 1
	CHECKBREAKPOINT_EXIT:
		ret
	;--------------------------------------------------------------


section '.bss' readable writeable
	DEBUGGER_FOUND   dd ?

section '.data' readable
	message_caption db 'MSG',0
	message_ok	    db 'OK',0
	message_found   db 'Debugger found!',0

section '.idata' import data readable writeable
	library \
		user32	,'USER32.DLL'
	import user32,\
		MessageBoxA	   ,'MessageBoxA'

;section '.reloc' fixups data readable discardable