Jump to content
Tuts 4 You

Themida x64 architecture decision vulnerability exploit to unpack protected targets

loggedout

By loggedout
in Reverse Engineering Articles

 Share

Recommended Posts

loggedout

loggedout

Posted
Posted

I just came across to this video on YouTube and thought it will not be a bad idea to share it with the community, and I don't know if this is new for some people or not but...

 

  • Like 2
Aesculapius

Aesculapius

Posted
Posted (edited)

hello, this is not a vulnerability of themida, its a vulnerability of process hollowing procedure if you don't take the precaution of protecting the injected process itself. If you use the protection in a wrong way, then it stops being secure. Themida is alright. This is a rare example of one very bad implementation of themida and it can happen to any other protector if bad implemented.

Edited by Aesculapius
  • Like 1
samoray

samoray

Posted
Posted

Very interesting technique

cachito

cachito

Posted
Posted

It is easier with megadumper...

collins

collins

Posted
Posted

yes, the app add Themida x64 protected is weakness.  Just megadumper + de4dot .:lol:

  • 2 months later...
V65j

V65j

Posted
Posted

where is the video?

any one can upload it again?

jameswoods

jameswoods

Posted
Posted

No sure if it is the same video but its the same idea

 

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...