How do I bypass IsDebuggerPresent with OllyDbg?

Question

I don\'t really understand how to get around IsDebuggerPresent. I think I am supposed to find the registers used for debugging and then set it to 0 to trick IsDebuggerPresent, b

Answer 1

if you want your application never check it do this:

• Press Alt + e or open Executable modules window.
• Select C:\WINDOWS\system32\kernel32.dll and press ctrl + N
• select IsDebuggerPresent and press enter.
• press f2
• run the program and wait your program break on this op-code.
• press some f8 until come back to your code.
• looking up for something like TEST EAX,EAX and after some thing like je jnz and etc, beware the output of IsDebuggerPresent is saved in EAX.
• if jump happen on this op-code change it to nop and if doesn't happen change it to jmp.
• save your program. if you don't know how to save modifed code in ollyDBG just search it.