Zodiac : Jumlah posting : 158
Points : 329
REPUTATION : 0
Join date : 2011-10-03
Age : 46
Lokasi : BRAZILLIAN SAO PAOLO
|Subject: Themida 188.8.131.52 + XBundler + LICENSE KEY Tue Nov 15, 2011 3:26 am|| |
When an application is being created, the Compiler will compile the
application source code into several object files made of machine
language code. Then the object files are linked together to create the
Figure 1: Compilation of your source code
In the same manner that the source code of an application is
converted into machine code at compilation time, there are tools that
can convert a compiled application into assembly language or a higher
programming language. These tools are known as dissemblers and
Figure 2: Decompilation of your application
An attacker can use a dissembler or de-compiler to study how a
specific application works and what a specific routine does. When the
attacker has a good knowledge of the target application, he can modify
the compiled application to alter his behavior. For example, the
attacker could bypass the routine that checks for the trial period in
an application and make it run forever or even worse, cause the
application to behave as if it was registered.
Software protectors where created to keep an attacker from directly
inspecting or modifying a compiled application. A software protector is
like a shield that keeps an application encrypted and protected against
possible attacks. When a protected application is going to be run by
the operating system, the software protector will first take control of
the CPU and check for possible cracking tools (dissemblers or
de-compilers) that may be running on the system. If everything is safe
the software protector will proceed to decrypting the protected
application and giving it the control of the CPU to be executed as
The advantages of using a Software Protector are:
- Protect an application against piracy.
- Prevents attackers from studying how an application is implemented.
- Will not allow attackers to modify an application to change its behavior .
Since software protectors were born, many attackers have centered
most of their efforts on attacking the software protectors themselves
instead of the applications. Many tools have been developed that aid in
the attacking of software protectors. These attacks often result in
the attacker obtaining the original application that is decrypted and
has the protection wrapper removed.
Figure 3: Common software protectors philosophy
The main problem with software protectors is that they use
protection techniques very well known by crackers, so they can be
easily bypassed with traditional cracking tools.
Another important problem in software protectors is that they have
restricted execution by the operating system, that is, they run with
normal application privileges. Because of this attackers can use
cracking tools that run at the same priority level as the operating
system allowing them to fully supervise what a software protector is
doing at a certain time and attack it in specific places.
With Themida® , we have centered in the main
weakness that software protectors have thus providing a complete
solution to overcome those problems. Themida® uses the SecureEngine®
protection technology that, when running in the highest priority level,
implements never seen before protection techniques to protect
applications against advanced software cracking.
Figure 4: Themida® protection procedure
Click here to see all Themida® features.
SecureEngine® defeats all current cracking tools
that can be used against protected applications and it will make sure
that your protected applications are only run in safe environments.
Figure 5: SecureEngine® technology adds more strength to the existing protection
Click here to learn more about SecureEngine®
Software protection programming is not a very well known field for
most programmers. Software protection techniques are not like “visible”
features that can be seen and compared. Because of this most software
protection authors could talk about impressive techniques that are
included deep inside the protection scheme, when many times most of
these techniques hardly exist or they are much simpler than what they
Most software protectors reiterate a lot about using very strong
cryptographic algorithms like RSA, Elliptic curves and AES hoping that
the final user will believe that those protectors and the cryptic
algorithms are unbreakable. This if far from the truth as software
protection is very different from data protection. Even if a software
protector encrypts the protected application with the most robust
cryptographic algorithm, sooner or later the protected application needs
to be decrypted in order to be run by the CPU. It is in this phase
when most attackers will start their work by dumping the decrypted
application from memory to disk thus not having to deal with the
cryptographic algorithm and reconstructing of the original application.
In Themida® we want to be realistic about which
weakness can be exploiting by attackers and what we really need to pay
attention to protect an application with the highest security possible
against software cracking.