13

I'm trying to detect when gdb is attached to my app and I'm using this in JNI code

long x = ptrace(PTRACE_TRACEME, 0, 1, 0);    
char buffer[24];
sprintf(buffer, "ptrace = %ld", x);
return (*env)->NewStringUTF(env, buffer);

However, x is always -1 regardless of whether gdb is attached or not. Why is that? What can I do to figure out what I'm doing wrong?

Mirza Dobric
  • 1,467
  • 1
  • 14
  • 36
  • Hello Mirza, if your goal is to solely detect if a debugger is attached, have a look at slides 45-55 of the following presentation https://bluebox.com/wp-content/uploads/2013/05/AndroidREnDefenses201305.pdf. As for the ptrace issue, if have no idea why your result is always -1. The ptrace implementation of ARM Linux is different, probably the call you make is also affected in some way. – jmeinke Dec 30 '15 at 18:00
  • @jmeinke I've seen that article but that code is for detecting the Java debugger in native code. Also, I don't think DvmGlobals is available in ART anymore. What I was hoping to do is prevent gdb from attaching. – Mirza Dobric Dec 30 '15 at 20:03
  • Ever tried `perror("");` or something? – Jin-oh Kang Jan 23 '20 at 12:17
  • late to the party, but have you given root to the app since ptrace need root permission [reference](https://en.m.wikipedia.org/wiki/Ptrace#Uses) – KuhakuPixel Jun 27 '22 at 05:46

0 Answers0