Themida 126.96.36.199 Multilingual (x86/x64) | 51.6 MB
Software developers are often confronted with some real nuisances that affects many payed applications, as well as free ones: reverse engineering and cracks. To avoid having their code vulnerable to such threats, programmers will secure their software using dedicated protection tools. One such utility is called Themida and it aims to provide strong security and great ease of use. Thanks to an intuitive interface, not too attractive but definitely practical, this app can safeguard any executable (EXE), library (DLL, BPL), OLE Control Extension (OCX) or screensaver file (SCR). For every item loaded in Themida, the encryption keys and algorithms differ, while debuggers are also rendered ineffective. To fool the cracking tools and other similar devices, the application will add some junk code among the real instructions in your code. This makes it virtually impossible for disassemblers to discern and interpret correctly the real bits.
These are the key features of Themida:
* Anti-debugger techniques that detect/fool any kind of debugger
* Anti-memory dumpers techniques for any Ring3 and Ring0 dumpers
* Different encryption algorithms and keys in each protected application
* Anti-API scanners techniques that avoids reconstruction of original import table
* Automatic decompilation and scrambling techniques in target application
* Virtual Machine emulation in specific blocks of code
* Advanced Mutator engine
* SDK communication with protection layer
* Anti-disassember techniques for any static and interactive disassemblers
* Multiple polymorphic layers with more than 50.000 permutations
* Advanced API-Wrapping techniques
* Anti-monitors techniques against file and registry monitors
* Random garbage code insertion between real instructions
* Specialized protection threads
* Advanced Threads network communication
* Anti-Memory patching and CRC techniques in target application
* Metamorphic engine to scramble original instructions
* Advanced Entry point protection
* Dynamic encryption in target application
* Anti-tracing code insertion between real instructions
* Advanced Anti-breakpoint manager
* Real time protection in target application
* Compression of target application, resources and protection code
* Anti-“debugger hiders” techniques
* Full mutation in protection code to avoid pattern recognition
* Real-time simulation in target application
* Intelligent protection code insertion inside target application
* Random internal data relocation
* Possibility to customize dialogs in protected application
* Support of command line
* Many many more…
Understanding the risks:
When an application is being created, the Compiler will compile the application source code into several object files made of machine language code. Then the object files are linked together to create the final executable. In the same manner that the source code of an application is converted into machine code at compilation time, there are tools that can convert a compiled application into assembly language or a higher programming language. These tools are known as dissemblers and de-compilers.
An attacker can use a dissembler or de-compiler to study how a specific application works and what a specific routine does. When the attacker has a good knowledge of the target application, he can modify the compiled application to alter his behavior. For example, the attacker could bypass the routine that checks for the trial period in an application and make it run forever or even worse, cause the application to behave as if it was registered.
Software protectors where created to keep an attacker from directly inspecting or modifying a compiled application. A software protector is like a shield that keeps an application encrypted and protected against possible attacks. When a protected application is going to be run by the operating system, the software protector will first take control of the CPU and check for possible cracking tools (dissemblers or de-compilers) that may be running on the system. If everything is safe the software protector will proceed to decrypting the protected application and giving it the control of the CPU to be executed as normal.
The advantages of using a Software Protector are:
– Protect an application against piracy.
– Prevents attackers from studying how an application is implemented.
– Will not allow attackers to modify an application to change its behavior.
Since software protectors were born, many attackers have centered most of their efforts on attacking the software protectors themselves instead of the applications. Many tools have been developed that aid in the attacking of software protectors. These attacks often result in the attacker obtaining the original application that is decrypted and has the protection wrapper removed.
The revolutionary system:
With ThemidaÃÂ® , we have centered in the main weakness that software protectors have thus providing a complete solution to overcome those problems. ThemidaÃÂ® uses the SecureEngineÃÂ® protection technology that, when running in the highest priority level, implements never seen before protection techniques to protect applications against advanced software cracking.
Current protectors claim the best:
Software protection programming is not a very well known field for most programmers. Software protection techniques are not like “visible” features that can be seen and compared. Because of this most software protection authors could talk about impressive techniques that are included deep inside the protection scheme, when many times most of these techniques hardly exist or they are much simpler than what they seem.
Most software protectors reiterate a lot about using very strong cryptographic algorithms like RSA, Elliptic curves and AES hoping that the final user will believe that those protectors and the cryptic algorithms are unbreakable. This if far from the truth as software protection is very different from data protection. Even if a software protector encrypts the protected application with the most robust cryptographic algorithm, sooner or later the protected application needs to be decrypted in order to be run by the CPU. It is in this phase when most attackers will start their work by dumping the decrypted application from memory to disk thus not having to deal with the cryptographic algorithm and reconstructing of the original application.
Home Page –
Code: Select all