Jump to content
Tuts 4 You
ThisIsM4R

Themida x64 architecture decision vulnerability exploit to unpack protected targets

Recommended Posts

ThisIsM4R

I just came across to this video on YouTube and thought it will not be a bad idea to share it with the community, and I don't know if this is new for some people or not but...

 

  • Like 2

Share this post


Link to post
Share on other sites
Aesculapius

hello, this is not a vulnerability of themida, its a vulnerability of process hollowing procedure if you don't take the precaution of protecting the injected process itself. If you use the protection in a wrong way, then it stops being secure. Themida is alright. This is a rare example of one very bad implementation of themida and it can happen to any other protector if bad implemented.

Edited by Aesculapius
  • Like 1

Share this post


Link to post
Share on other sites
samoray

Very interesting technique

Share this post


Link to post
Share on other sites
cachito

It is easier with megadumper...

Share this post


Link to post
Share on other sites
collins

yes, the app add Themida x64 protected is weakness.  Just megadumper + de4dot .:lol:

Share this post


Link to post
Share on other sites
V65j

where is the video?

any one can upload it again?

Share this post


Link to post
Share on other sites
jameswoods

No sure if it is the same video but its the same idea

 

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×