It is for educational purposes only and any misuse to cause damage, create malware, etc. is the responsibility of the user.
Record_2025_05_15_03_01_27_160.mp4
If you are familiar with the Software passport Armadillo program, you will remember that this software had a very interesting feature called "Nanomits", which was created to prevent dumps from being taken from protected processes. The source code below is actually a re-engineered version of the original product's behavior that is available to everyone.
- Emulate JMP Instruction
- Implemented Debug-Block Feature
- SampleApp.exe won't work till all stolen bytes recovered ( emulated with father process, The code will never be rewritten. )
You need Disassembler to modify specific area of binary for overwrite JMP instructions with INT 3. You can use any disassembler engine you want.
- X (aka Twitter) : [https://x.com/N_Nikjoo]
- Linkedin : [https://www.linkedin.com/in/nimanikjoo/]
- Telegram Channel : [https://t.me/VSEC_academy]