10:32 CheckProtection | |
In the demo version of Themida this macro is not available. It is used to verify the correctness of security applications. Its use is best illustrated by an example taken from Themida SDK. Procedure TForm1.Button4Click (Sender: TObject); var StatusProtection: Integer; begin {$ I CheckProtection_Prolog.inc} asm push $ 33,333,333 pop StatusProtection end; {$ I CheckProtection_Epilog.inc} if StatusProtection = $ 33333333 then MessageBox (0, 'Protection OK.', 'The macro security checks', MB_OK + MB_ICONINFORMATION) else MessageBox (0, 'Protection of the application violated', 'Warning!', MB_OK + MB_ICONERROR); end; You specify the number (of type Integer / Cardinal), which the macro should return if the protection is all right. In this example, 0x33333333. When applying the protection assembler instructions push and pop will be removed from the program. Instead, they will be inserted into a complex test procedure, which will return in the specified variable (in this example StatusProtection) you specify a number, unless you detect a security breach. In the event of a security breach, the number will be random. Of course, in real life as it is shown, use the macro can not. The simplest - is to take any, used in the project an important constant, whose value is not too obvious in context, and replace it with a variable. Then use the macro on this new variable somewhere earlier in the code. If the defense will be removed, the value of this constant / variable turns out to be incorrect, it is likely to lead to the collapse of applications in the most unexpected places. Within the macro block should not be anything other than these assembly instructions. | |
|
Total comments: 0 | |