Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

C++ application protector

Guest Steve
Guest Steve
in Software Security

Featured Replies

Posted

Hi all,

What is the best protector for c++ applications in your opinion?

I was using vmp 3.0.9, but I guess Themida is better...

What do you think guys?

  • 2 weeks later...

UPX :)

20 minutes ago, recrc said:

UPX :)

UPX is utter shit, lol...

VMProtect and Themida both has its strengths. VMProtect is heavy in obfuscation, but the virtual protection machines are super simply, while Themida has somewhat heavy obfuscation (not as heavy as VMProtect), but their virtual machine protection are millenia ahead.

Edited by VirtualPuppet

UPX is not a protector at all, it is simply a packer.

As for VMProtect and Themida that VirtualPuppet recommended, those are your best two options on the market currently, however, keep in mind there are scripts to decompile the 32bit versions of both the packers. 

I know it was just a joke :+

  • 2 months later...

If you dont already know how to use a debugger then you should learn it so you manually can set vm start/end on vital functions and not least sub functions. Dont have the entire registration check in one function, split it up in many parts and virtualize them all. Have more than one registration check.

I would probably go for Themida because of its virtual machine.

Both protections are simple to patch without unpacking, both x86 and x64 binaries, so if you dont virtualize the proper functions your program could be a easy target.

@JohnWho

so if the proper functions are virtualized then it will be impossible to make a memory patch? like a loader.

 

 

Salam.

37 minutes ago, icarusdc said:

@JohnWho

so if the proper functions are virtualized then it will be impossible to make a memory patch? like a loader.

 

 

Salam.

No, everything is possible. You can hook the VM handlers.

2 hours ago, VirtualPuppet said:

No, everything is possible. You can hook the VM handlers.

Probably would be easier to just devirtualize and hook the result instead of hooking mid-VM and having to reverse engineer the VM state structure (idk how Themida's VM works, but I would guess that is a basic idea) for that specific handler and modifying there.

1 hour ago, 3dsboy08 said:

Probably would be easier to just devirtualize and hook the result instead of hooking mid-VM and having to reverse engineer the VM state structure (idk how Themida's VM works, but I would guess that is a basic idea) for that specific handler and modifying there.

Yes, it is extremely tedious, but my point was that everything can be done ;)

  • 1 month later...

I know this is old but i still wanna reply. Most virtualized targets i've worked on was solved by

1). skipping virtualized function(s) all together, done that a lot

2). changing result of virtualized function, a basic approach

3). patching/hooking the VM itself

Create an account or sign in to comment

Go to topic listing

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.