The Enigma Protector x86: Anti DLL Injection, Anti-Trainer

Questions, downloads, issues related to plugins for Enigma Protector
YourWorstNightmare
Posts: 4
Joined: Sun May 29, 2011 10:29 am

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by YourWorstNightmare » Wed Nov 02, 2011 1:43 pm

Okay Enigma, now I will give you some very important hint:
The problem is not the weakness of the plugin, but the implementation of the plugin system itself. I'm able to disable ANY plugin before it's even executed. ;)
So Sh4DoVV can code the most incredible Anti-Debug plugin of the world, it will be completely useless.

This a very huge lack of security and I hope you will reconsider this.


Greetz,
YourWorstNightmare

Enigma
Site Admin
Posts: 2351
Joined: Wed Aug 20, 2008 2:24 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Enigma » Wed Nov 02, 2011 1:56 pm

YourWorstNightmare, Ok, thanks for the information, we will review the current implementation of the plugin system and will try to fix security problems!

Sh4DoVV
Posts: 16
Joined: Tue May 31, 2011 4:11 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Sh4DoVV » Tue Feb 21, 2012 7:25 am

Hi Friends :)
New release of my plugin
I protected notepad with my plugin , there is Anti Debug and Anti Dll injection method in this plugin
I active just Control sum of Enigma Protector ;)
I tested it in WinXP SP3 and Win7 X64
Please test it and report bugs
Go0d luck

Code: Select all

http://hotfile.com/dl/147273849/f2f40d1/NOTEPAD_protected.rar.html

Zymos
Posts: 2
Joined: Mon Jan 30, 2012 5:10 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Zymos » Tue Feb 21, 2012 4:17 pm

and rename the dll. have a whitelist?

Sh4DoVV
Posts: 16
Joined: Tue May 31, 2011 4:11 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Sh4DoVV » Wed Feb 22, 2012 9:34 am

Hi dear Enigma
Do you test my protected file ?

Enigma
Site Admin
Posts: 2351
Joined: Wed Aug 20, 2008 2:24 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Enigma » Mon Feb 27, 2012 8:47 am

Hi Sh4DoVV, sorry, did not test it.

I think it would be better for protector users to test it!

I often get emails regarding this plugin, if somebody are interesting how this works and how is it effective, please contact to Sh4DoVV.

Sh4DoVV, maybe you can explain more about this plugin? For example, how to test it and so.
And if somebody will be interesting to purchase it, make a DEMO version of plugin and allow users to test it before purchasing. It is a good point!

Sh4DoVV
Posts: 16
Joined: Tue May 31, 2011 4:11 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Sh4DoVV » Fri Mar 09, 2012 10:56 am

Hi Friends
I update my plugin , and i create demo version of my plugin
In demo version there is a Nag message and terminate program after about 4 minutes ;)
Please test it and report bugs ;)
Go0d luck
You do not have the required permissions to view the files attached to this post.

johndoe
Posts: 25
Joined: Fri Feb 17, 2012 10:34 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by johndoe » Tue Mar 13, 2012 12:41 pm

Sh4DoVV wrote:Hi Friends
I update my plugin , and i create demo version of my plugin
In demo version there is a Nag message and terminate program after about 4 minutes ;)
Please test it and report bugs ;)
Go0d luck


Hi Sh4DoVV,
I was tested here, and my protected executable (with your plugin) has 2 process with the same name.
When I try to inject in first process, it really closes.
But, when I try to inject in second process, the dll is injected sucessfully.

Enigma
Site Admin
Posts: 2351
Joined: Wed Aug 20, 2008 2:24 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Enigma » Tue Mar 13, 2012 2:22 pm

johndoe wrote:I was tested here, and my protected executable (with your plugin) has 2 process with the same name.When I try to inject in first process, it really closes.But, when I try to inject in second process, the dll is injected sucessfully.


It is correct as far as I know..

One process is just dummy process. Even if you inject into it, it does not have any necessary code inside.

Another process - real process of your protected executable, and you can't inject into it.

Anyway, let's wait until Sh4DoVV reply!

Sh4DoVV
Posts: 16
Joined: Tue May 31, 2011 4:11 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Sh4DoVV » Tue Mar 13, 2012 9:32 pm

hi johndoe
One process is just dummy process. Even if you inject into it, it does not have any necessary code inside.
Another process - real process of your protected executable, and you can't inject into it.
good luck

Post Reply