The Enigma Protector x86: Anti DLL Injection, Anti-Trainer

Questions, downloads, issues related to plugins for Enigma Protector
YourWorstNightmare
Posts: 4
Joined: Sun May 29, 2011 10:29 am

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by YourWorstNightmare »

Okay Enigma, now I will give you some very important hint:
The problem is not the weakness of the plugin, but the implementation of the plugin system itself. I'm able to disable ANY plugin before it's even executed. ;)
So Sh4DoVV can code the most incredible Anti-Debug plugin of the world, it will be completely useless.

This a very huge lack of security and I hope you will reconsider this.


Greetz,
YourWorstNightmare
Enigma
Site Admin
Posts: 2992
Joined: Wed Aug 20, 2008 2:24 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Enigma »

YourWorstNightmare, Ok, thanks for the information, we will review the current implementation of the plugin system and will try to fix security problems!
Sh4DoVV
Posts: 16
Joined: Tue May 31, 2011 4:11 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Sh4DoVV »

Hi Friends :)
New release of my plugin
I protected notepad with my plugin , there is Anti Debug and Anti Dll injection method in this plugin
I active just Control sum of Enigma Protector ;)
I tested it in WinXP SP3 and Win7 X64
Please test it and report bugs
Go0d luck

Code: Select all

http://hotfile.com/dl/147273849/f2f40d1/NOTEPAD_protected.rar.html
Zymos
Posts: 2
Joined: Mon Jan 30, 2012 5:10 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Zymos »

and rename the dll. have a whitelist?
Sh4DoVV
Posts: 16
Joined: Tue May 31, 2011 4:11 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Sh4DoVV »

Hi dear Enigma
Do you test my protected file ?
Enigma
Site Admin
Posts: 2992
Joined: Wed Aug 20, 2008 2:24 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Enigma »

Hi Sh4DoVV, sorry, did not test it.

I think it would be better for protector users to test it!

I often get emails regarding this plugin, if somebody are interesting how this works and how is it effective, please contact to Sh4DoVV.

Sh4DoVV, maybe you can explain more about this plugin? For example, how to test it and so.
And if somebody will be interesting to purchase it, make a DEMO version of plugin and allow users to test it before purchasing. It is a good point!
Sh4DoVV
Posts: 16
Joined: Tue May 31, 2011 4:11 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Sh4DoVV »

Hi Friends
I update my plugin , and i create demo version of my plugin
In demo version there is a Nag message and terminate program after about 4 minutes ;)
Please test it and report bugs ;)
Go0d luck
You do not have the required permissions to view the files attached to this post.
johndoe
Posts: 25
Joined: Fri Feb 17, 2012 10:34 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by johndoe »

Sh4DoVV wrote:Hi Friends
I update my plugin , and i create demo version of my plugin
In demo version there is a Nag message and terminate program after about 4 minutes ;)
Please test it and report bugs ;)
Go0d luck
Hi Sh4DoVV,
I was tested here, and my protected executable (with your plugin) has 2 process with the same name.
When I try to inject in first process, it really closes.
But, when I try to inject in second process, the dll is injected sucessfully.
Enigma
Site Admin
Posts: 2992
Joined: Wed Aug 20, 2008 2:24 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Enigma »

johndoe wrote:I was tested here, and my protected executable (with your plugin) has 2 process with the same name.When I try to inject in first process, it really closes.But, when I try to inject in second process, the dll is injected sucessfully.
It is correct as far as I know..

One process is just dummy process. Even if you inject into it, it does not have any necessary code inside.

Another process - real process of your protected executable, and you can't inject into it.

Anyway, let's wait until Sh4DoVV reply!
Sh4DoVV
Posts: 16
Joined: Tue May 31, 2011 4:11 pm

Re: The Enigma Protector x86: Anti DLL Injection, Anti-Train

Post by Sh4DoVV »

hi johndoe
One process is just dummy process. Even if you inject into it, it does not have any necessary code inside.
Another process - real process of your protected executable, and you can't inject into it.
good luck
Post Reply