I have successfully bypassed most of the anti-debugging checks mentioned in the provided sources while running in the Xcode debugger and under LLDB. However, I have not included a patch for the svc stuff; it might be possible to implement some kind of pattern scan for that.
I also implemented a hook for the task_get_exception_ports function and set *masksCnt to 0, effectively bypassing its behavior.
btw for the ptrace checks, they can still retrieve the function address from dlsym, and it ignores the current hook you have implemented.
Sources:
I have successfully bypassed most of the anti-debugging checks mentioned in the provided sources while running in the Xcode debugger and under LLDB. However, I have not included a patch for the
svcstuff; it might be possible to implement some kind of pattern scan for that.I also implemented a hook for the
task_get_exception_portsfunction and set*masksCntto 0, effectively bypassing its behavior.btw for the
ptracechecks, they can still retrieve the function address fromdlsym, and it ignores the current hook you have implemented.Syntax errors have been fixed in the code.