Page 2 of 5

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

PostPosted: Wed Nov 02, 2011 1:43 pm
by YourWorstNightmare
Okay Enigma, now I will give you some very important hint:
The problem is not the weakness of the plugin, but the implementation of the plugin system itself. I'm able to disable ANY plugin before it's even executed. ;)
So Sh4DoVV can code the most incredible Anti-Debug plugin of the world, it will be completely useless.

This a very huge lack of security and I hope you will reconsider this.


Greetz,
YourWorstNightmare

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

PostPosted: Wed Nov 02, 2011 1:56 pm
by Enigma
YourWorstNightmare, Ok, thanks for the information, we will review the current implementation of the plugin system and will try to fix security problems!

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

PostPosted: Tue Feb 21, 2012 7:25 am
by Sh4DoVV
Hi Friends :)
New release of my plugin
I protected notepad with my plugin , there is Anti Debug and Anti Dll injection method in this plugin
I active just Control sum of Enigma Protector ;)
I tested it in WinXP SP3 and Win7 X64
Please test it and report bugs
Go0d luck
Code: Select all
http://hotfile.com/dl/147273849/f2f40d1/NOTEPAD_protected.rar.html

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

PostPosted: Tue Feb 21, 2012 4:17 pm
by Zymos
and rename the dll. have a whitelist?

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

PostPosted: Wed Feb 22, 2012 9:34 am
by Sh4DoVV
Hi dear Enigma
Do you test my protected file ?

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

PostPosted: Mon Feb 27, 2012 8:47 am
by Enigma
Hi Sh4DoVV, sorry, did not test it.

I think it would be better for protector users to test it!

I often get emails regarding this plugin, if somebody are interesting how this works and how is it effective, please contact to Sh4DoVV.

Sh4DoVV, maybe you can explain more about this plugin? For example, how to test it and so.
And if somebody will be interesting to purchase it, make a DEMO version of plugin and allow users to test it before purchasing. It is a good point!

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

PostPosted: Fri Mar 09, 2012 10:56 am
by Sh4DoVV
Hi Friends
I update my plugin , and i create demo version of my plugin
In demo version there is a Nag message and terminate program after about 4 minutes ;)
Please test it and report bugs ;)
Go0d luck

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

PostPosted: Tue Mar 13, 2012 12:41 pm
by johndoe
Sh4DoVV wrote:Hi Friends
I update my plugin , and i create demo version of my plugin
In demo version there is a Nag message and terminate program after about 4 minutes ;)
Please test it and report bugs ;)
Go0d luck


Hi Sh4DoVV,
I was tested here, and my protected executable (with your plugin) has 2 process with the same name.
When I try to inject in first process, it really closes.
But, when I try to inject in second process, the dll is injected sucessfully.

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

PostPosted: Tue Mar 13, 2012 2:22 pm
by Enigma
johndoe wrote:I was tested here, and my protected executable (with your plugin) has 2 process with the same name.When I try to inject in first process, it really closes.But, when I try to inject in second process, the dll is injected sucessfully.


It is correct as far as I know..

One process is just dummy process. Even if you inject into it, it does not have any necessary code inside.

Another process - real process of your protected executable, and you can't inject into it.

Anyway, let's wait until Sh4DoVV reply!

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

PostPosted: Tue Mar 13, 2012 9:32 pm
by Sh4DoVV
hi johndoe
One process is just dummy process. Even if you inject into it, it does not have any necessary code inside.
Another process - real process of your protected executable, and you can't inject into it.
good luck