Page 1 of 1

Anti Dump

Posted: Sat Feb 18, 2017 11:05 pm
by mal
So,

i just got used to the sdk. But i am worrying are there any good methods to protect from people dumping my software from memory?

Also i am using VMProtectBeginUltra for areas where i communicate with my server. However important strings can be seen if someone decides to dump my client. What can i do against that?

Re: Anti Dump

Posted: Sun Feb 19, 2017 4:04 am
by Admin
For important strings we can recommentd to use VMProtectDecryptString/VMProtectFreeString

Re: Anti Dump

Posted: Sun Feb 19, 2017 10:19 am
by mal
alright.

One more question and Mutation and Virtualization.

Example:

VMProtectBeginMutation("Hi);
if("check" = "check")
std::cout << "hi";
VmProtectEnd();

So does the mutation part is also on the memory present or just compile-time? So if i run my program will it mutate the code between "beginmutate" and "end"?
Same question for Virtualization.

Re: Anti Dump

Posted: Sun Feb 19, 2017 10:26 am
by Admin
Of course the code between VMProtectBeginMutation and VMProtectEnd modifies only at compile-time.

Re: Anti Dump

Posted: Sun Feb 19, 2017 12:16 pm
by mal
Oh i think i miswrite. What i mean is lets say i mutate a block. Now i looked it in ida and in fact the assembly changes. However if i run my program will the assembly go back to the original non-mutated code or the mutated code?

Example:

Original:
Push
Mov
Cmp
Jmp

Mutated
Cmp
Call
Jmp

Now in memory which of them is present?

Re: Anti Dump

Posted: Sun Feb 19, 2017 12:47 pm
by Admin
However if i run my program will the assembly go back to the original non-mutated code or the mutated code?
OMG. Look at IDA again.