loggedout Posted February 1, 2018 Share Posted February 1, 2018 I just came across to this video on YouTube and thought it will not be a bad idea to share it with the community, and I don't know if this is new for some people or not but... 2 Link to comment Share on other sites More sharing options...
Aesculapius Posted February 1, 2018 Share Posted February 1, 2018 (edited) hello, this is not a vulnerability of themida, its a vulnerability of process hollowing procedure if you don't take the precaution of protecting the injected process itself. If you use the protection in a wrong way, then it stops being secure. Themida is alright. This is a rare example of one very bad implementation of themida and it can happen to any other protector if bad implemented. Edited February 1, 2018 by Aesculapius 1 Link to comment Share on other sites More sharing options...
samoray Posted February 1, 2018 Share Posted February 1, 2018 Very interesting technique Link to comment Share on other sites More sharing options...
cachito Posted February 1, 2018 Share Posted February 1, 2018 It is easier with megadumper... Link to comment Share on other sites More sharing options...
collins Posted February 2, 2018 Share Posted February 2, 2018 yes, the app add Themida x64 protected is weakness. Just megadumper + de4dot . Link to comment Share on other sites More sharing options...
V65j Posted April 9, 2018 Share Posted April 9, 2018 where is the video? any one can upload it again? Link to comment Share on other sites More sharing options...
jameswoods Posted April 9, 2018 Share Posted April 9, 2018 No sure if it is the same video but its the same idea Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now