Enigma AutoUnpacker

Post here any topics that related to Enigma Protector, its functionality, your misunderstanding, offers to improvements etc etc etc
Enigma
Site Admin
Posts: 2526
Joined: Wed Aug 20, 2008 2:24 pm

Re: Enigma AutoUnpacker

Post by Enigma » Mon Jun 18, 2012 8:11 am

I'm very curious how can you defeat the option Encrypt with Encryption Constant? Or RegCrypt markers? If you do not have valid registration key then it is impossible (of course, everything is possible with bruteforce).

Anyway, new version of Enigma Protector will be soon released, no any tool/tutorial that trans noticed will be working there.
Current pre-release version already defeats all these methods, hope that final one will be even better.

scorillo7
Posts: 90
Joined: Mon May 11, 2009 11:16 am

Re: Enigma AutoUnpacker

Post by scorillo7 » Mon Jun 18, 2012 9:48 pm

YourWorstNightmare wrote:We don't talk about basic protections here.
All options except the "Encrypt target with HWID" is defeated but this feature can't be counted as a real protection feature. Even the Enigma Protector itself isn't protected with that feature so there seem to be some problems about using it.
You are right about the API. The better it's implemented the harder it becomes. But it's wrong to say that it becomes uncrackable. In most cases you can simply modify the return value of a certain function to the value the program wants to have. So that if you call i.e. the IsRegistred function you can simply set the return value to always true.
And since the VM is fully defeated too those VM macros inside your program don't have any effect.
Dude you are right but not entirely.
In fact even if Vm is cracked if the app is protected with HWID particular id any craker will fail because even the app not know what to expect,it is blind.The Enigma will grab the HWID and pass to decryption routine,if valid will execute program host, if not will end.

i assume the enigma use a function which will test if the code after decryption is valid or not,i do not know but i bet on some fingerprint(hash)inserted when program is encrypted and compared with hash from computer where is run it... i 'm only guessing here.
No cracker (who know very good assembly language)in the right mind will not reverse(jne to je or je to jne) that call ,simply because that will generate error on execution.

The only things which can be made against that type of protection is:
-to strip a valid/legit app and remove completely Enigma from that app and release that version to the public.That's it.It is the only solution.
I do not know or understand why developers complaining here don't use that option.STOP crying,implement a routine to get back the id from customer it is just a couple a minutes to do that,and all you're problem is solved.
YourWorstNightmare wrote: Enigma Protector itself isn't protected with that feature so there seem to be some problems about using it.
There is no problem with that feature,i used in every project,the only problem is time because you must have some cron app to generate protected app for every HWID from customers.So i'm guessing is not implemented from lack of time.It is time consuming when you do it manualy,if this can be automated that feature will be a kick a## feature.
REMEMBER this is just a Enigma user's opinion and is pure unofficial
Your freedom stops where another man freedom begin.

SpyEye
Posts: 3
Joined: Fri Apr 13, 2012 6:52 pm

Re: Enigma AutoUnpacker

Post by SpyEye » Thu Jul 19, 2012 11:26 am

Enigma, can you explain why this script working? It was posted a few days ago.
Enigma 1.x - 3.x VM Unpacker 1.0
****************************************************
( 1.) Unpacking of ENIGMA 1.x - 3.x
( 2.) Overlay Scan & Dump
( 3.) Enigma Version & Extra Data Scan
( 4.) Attached File Dumper
( 5.) Dumping of Clean & Fixed ENIGMA DLL_Loader
( 6.) Read - Log - Labeling of DLL_Loader Exports
( 7.) RegSheme Bypass for Old & New Versions
( 8.) HWID Changer for Old & New Versions
( 9.) Extra File Dumper - VBox
( 10.) VirtualMemory Fixer 1.96 - 3.7+
( 11.) Stolen Code Fixer
( 12.) VM OEP Scan & Move & Adjustment
( 13.) Advanced Code Redirector
( 14.) IAT Scanner
( 15.) Visual Basic API Fixer
( 16.) Visual Basic Dll Function Logger
( 17.) ENIGMA DLL_Loader SDK API Fixer
( 18.) Extra File SDK API Fixer
( 19.) TLS CB FIXER
( 20.) TLS Pointer Scan & Fixer
( 21.) PE Header Size Increase
( 22.) Main File Dumper
( 23.) GetStartupInfo Patcher
( 24.) Special Anti Patcher
( 25.) Supports Exe & Dll Files
( 26.) Supports Very Easy User Handling
****************************************************
will the new version of protector defeating this shit? I'm asking, because i want to buy a protector for my program. But i'm still thinking about other protectors, that don't have unpacking scripts and tools, can you tell me about a new version of protector? When wll it selling?

Enigma
Site Admin
Posts: 2526
Joined: Wed Aug 20, 2008 2:24 pm

Re: Enigma AutoUnpacker

Post by Enigma » Thu Jul 19, 2012 11:34 am

This is endless war between crackers and protection :) Btw, does this script work?

New version will be release today or tomorrow.

And I would say the protection will be updated more often in future to bypass all known unpacking methods.

Sh4DoVV
Posts: 16
Joined: Tue May 31, 2011 4:11 pm

Re: Enigma AutoUnpacker

Post by Sh4DoVV » Wed Sep 26, 2012 3:08 pm

Hi friends
This script written by by LCF-AT from tuts4you team
it unpack enigma protected file 3.x version and old version but can not unpack version 3.8
I write a plugin that bypass enigma auto unpacker and this script and debuggers
good luck

Enigma
Site Admin
Posts: 2526
Joined: Wed Aug 20, 2008 2:24 pm

Re: Enigma AutoUnpacker

Post by Enigma » Wed Sep 26, 2012 3:17 pm

Hi Sh4DoVV,

Thanks you for the information. For any details please write to Sh4DoVV directly using PM.

zfranco
Posts: 7
Joined: Fri Sep 28, 2012 6:13 am

Enigma AutoUnpacker

Post by zfranco » Fri Sep 28, 2012 8:05 am

Sh4doVV, You're showing a great partner projects ... I would say a faithful squire. Sorry can I not help, because I am a beginner in programming ... I like the enigma protector and always say that all help are welcome. I look forward to the success of the work! Good luck in your scripts!

Post Reply