9/20/2023 0 Comments Folderplayer virtualizer![]() ![]() ![]() The following picture represents the image of an original compiled application (before being protected) and how it's transformed when it's protected by Code Virtualizer:įigure 5: Original Application versus Protected ApplicationĪs the image shows, Code Virtualizer needs to embed the generated virtual machine at the end of the protected application in order to emulate the virtual opcodes when they are going to be executed. It's only in protection-time when Code Virtualizer will recognize those areas of code and will covert them into unique virtual opcodes, which are then emulated by a virtual machine when the protected application is running. The VIRTUALIZER_START/VIRTUALIZER_END macros are dummy macros which do not interfere with the execution of the original application. VIRTUALIZER_END // end of area to protect VIRTUALIZER_START // the area to protect starts here ![]() The following example shows how you can protect a block of code in a C application. You just need to select which areas in your source code are going to be protected by Code Virtualizer. Code Virtualization in Real LifeĬode Virtualizer can be embedded inside your Win32 and Win64 applications and device drivers with ease. Code Virtualizer totally obfuscates the execution of the virtual opcodes and the study of each unique virtual machine in order to prevent someone from studying how the virtual opcodes are executed. This will force the attacker to go through the extremely hard work of identifying how each opcode is executed and how the specific virtual machine works for each protected application. Instead, he will find a completely new instruction set which is not recognized by him or any other special decompiler. When an attacker tries to decompile a block of code that was protected by Code Virtualizer, he will not find the original x86 instructions. The following picture represents how a block of Intel x86 instructions is converted into different kinds of virtual opcodes, which could be emulated by different virtual machines.įigure 4: Transformation from x86 to multiple Imaginary CPUs This means that a specific block of Intel x86 instructions can be converted into different instruction set for each machine, preventing an attacker from recognizing any generated virtual opcode after the transformation from x86 instructions. ![]() The following picture represents the transformation from a block of Intel x86 instructions into a new instruction set for another machine (specifically a RISC 32-bit CPU):įigure 3: Transformation from x86 to RISC 32-bit CPUĬode Virtualizer can generate multiple types of virtual machines with a different instruction set for each one. That is, the instruction set from a specific machine is converted into a new instruction set which is understood by a different machine. Code Virtualization against Reverse EngineeringĬode virtualization consists of the transformation of binary code from a specific machine into a different binary code that is understood by another machine. For example, the attacker could bypass the routine that checks for the trial period in an application and make it run forever, or, even worse, cause the application to behave as if it was registered. When the attacker has a good knowledge of the target application, he can modify the compiled application to alter its behavior. When an attacker tries to crack a compiled application, he will use a decompiler tool which will decompile the machine language code into a more comprehensive code (like assembly code or a higher programming language), doing his research over the decompiled code.įigure 2: Decompilation of your application Afterward, the object files are linked together to create the final executable.įigure 1: Compilation of your source code When an application is being created, the Compiler will compile the application source code into several object files made of machine language code. Those Virtual Opcodes and the Virtual Machine itself are unique for every protected application, avoiding a general attack over Code Virtualizer.Ĭode Virtualizer can protect your sensitive code areas in any x32 and 圆4 native PE/ELF/Mach-O files (like executable files/EXEs, system services, DLLs, OCXs, ActiveX controls, shared objects, screen savers and device drivers). Code Virtualizer is a powerful code obfuscation system for Windows applications that helps developers to protect their sensitive code areas against Reverse Engineering with very strong obfuscation code, based on code virtualization.Ĭode Virtualizer will convert your original code (Intel x86/圆4 instructions) into Virtual Opcodes that will only be understood by an internal Virtual Machine. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |