Jump to content
Tuts 4 You
Sign in to follow this  
T-Mixer

Engima Protector X64 or VMProtect

Recommended Posts

T-Mixer

I'm a software coder. I'm so confused. So hard to choose between Enigma Protector X64 or VMProtect... Which protector is more reliable ?


I'm coding for X64 platform !


Thanks.


Share this post


Link to post
m0rpheus

I think VMProtect is better


  • Like 1

Share this post


Link to post
GIV

I will go to VMProtect too.


  • Like 1

Share this post


Link to post
T-Mixer

So VMProtect for X64 is harder to crack no ? because X86 is somewhat easy to unpack (specially using scripts)


Edited by T-Mixer (see edit history)

Share this post


Link to post
Loki

Just keep in mind that if you dont use them properly, both are trivial to crack.


  • Like 1

Share this post


Link to post
T-Mixer

Just keep in mind that if you dont use them properly, both are trivial to crack.

No, I'm using the SDK + Markers.

Also I'm codinf for X64 that is harder than X86 to crack, because crackers are more familiar with X86 app.

Edited by T-Mixer (see edit history)

Share this post


Link to post
GIV

X86 is somewhat easy to unpack (specially using scripts)

Here you are wrong.

Each Protection have his unique features and if is well coded and projected it will be hard for a cracked to get trough.

This will be done in one day or another. It depends of interest.

My bet is to a system driver witch have access to ring0.

Well implemented will give you expected result.

  • Like 1

Share this post


Link to post
DimitarSerg

Use UPX !

  • Like 2
  • Haha 1

Share this post


Link to post
simple

My bet is to a system driver witch have access to ring0.

Well implemented will give you expected result.

 

I disagree. Past few days I've been trying to write a kernel protection for my CrackMe, but what can you protect w/driver for anti-reversing purpose?

 

The stable kernel protection features do stuff like stop file deletion, hide file, stop process kill, stop registry key delete, block process/thread execution, disk crypto, and a few others - ie only designed to protect security softwares. 

 

IMHO kernel drivers are useless for anti-reversing (unless you have the kernel's source code and can mod/recompile it, which u dont for Win).

  • Like 1

Share this post


Link to post
kuazi GA

I think Safengine is better


Share this post


Link to post
GIV

It slows lots of your application response your SafeEngine.


And if you use the .NET protection is useless.


Edited by GIV (see edit history)

Share this post


Link to post
Nemo

Your best protection would be to encrypt parts of the code or features you do not want people to use on a trial or demo version. Also using the same theory only release a demo version without the feature or code for a full version. Also many others also create fake registration keys that expire, or use a very cunning check against carders.. Make sure keys used are tied to the computer its for.. (in other words validate it as legitimate person buying it.. ) keep that in mind!


  • Like 1

Share this post


Link to post
xSRTsect

I disagree. Past few days I've been trying to write a kernel protection for my CrackMe, but what can you protect w/driver for anti-reversing purpose?

 

The stable kernel protection features do stuff like stop file deletion, hide file, stop process kill, stop registry key delete, block process/thread execution, disk crypto, and a few others - ie only designed to protect security softwares. 

 

IMHO kernel drivers are useless for anti-reversing (unless you have the kernel's source code and can mod/recompile it, which u dont for Win).

If you like to play around with that, I can suggest you to write a driver that can execute a certain function outside the user mode pe file. Its allways annoying but easily broken since you can allways disassemble the driver code.

Share this post


Link to post
simple

If you like to play around with that, I can suggest you to write a driver that can execute a certain function outside the user mode pe file. Its allways annoying but easily broken since you can allways disassemble the driver code.

 

Thanks for suggesting, sure, even though I don't expect it to be difficult for you I will try that to see what happens.

Share this post


Link to post
RDGMax

latest "private exe protect" is better..


Share this post


Link to post
souyas309

Use UPX


Share this post


Link to post
portbinder

VMprotect or SafeEngine

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
×
×
  • Create New...