Topic created on: August 31, 2005 14:23 CDT by 0xebfe .
Hi, from SOTM33, Nicolas Brulez mentioned there's a way to patch the ntdll.dll to disallow writting into the debug registers from the user space. I guess that sort of functionality is invaluable to me and I guess to lots of other reversers out there. However, there's no public info on this available. Any one know how to do this? Or better yet, have a patch for WinXP's ntdll.dll? I am just tired of working around polymorphic code that erases DRxs which makes both software and hardware breaks really hard to set.
Any info would be nice!