Get Demo
  • Windows
  • MacOS
  • Linux

Console version

After you created a project in the GUI mode you can use the console version (VMProtect_Con.exe). You can execute it as follows:

VMProtect_Con File [Output File] [-pf Project File] [-sf Script File] [-lf Licensing Parameters File] [-bd Build Date (yyyy-mm-dd)] [-wm Watermark Name] [-we]
  • File – the file name of the executable you want to protect (*.exe, *.dll and so on), or the file name of a (*.vmp) project. If a project file name is specified, the file name of the executable is taken from the project file.
  • Output File – the file name and path to the protected file that should be created after processing the original file. If this parameter is not set, the value is taken from the project file.
  • Project File – the file name and path to the project file created in the GUI mode. If the parameter is not set, the program searches for a *.vmp file in the folder of the executable.
  • Script file – the file name of the script the protected file is processed with. If the parameter is not set, the script from the current project file is used.
  • Licensing Parameters File – the name of a file containing licensing parameters. If this parameter is not set, licensing parameters are taken from the current project file.
  • Build Date – Application build date in the following format: “yyyy-mm-dd”. If this parameter is not set, the current date is used. The build date is inscribed into the protected application and is used by the licensing system to check serial numbers against the “Maximum build date” field.
  • Watermark Name – the name of a watermark inserted into the protected file. If the name of a watermark is not set, the watermark specified in the project settings is used.
  • we – when this parameter is set, all warnings are displayed as errors.

Dump section

Displays the memory dump of the protected application as machine language codes and assembler instructions:

The “Go To Address” button on the toolbar allows you to go to a specified address of the protected application:

To quickly go to a certain function, start typing its name in the quick search box. You can also enter its exact address.

Resources section

Displays information about resources:

Options

  • Excluded from packing – a resource can be excluded from packing.

Exports section

Displays information about exports the file has:

Imports section

Displays information about imported functions and libraries:

Segments section

Displays information about segments:

Options

  • Excluded from memory protection – a segment can be excluded from memory protection.
  • Excluded from packing – a segment can be excluded from packing.

Directories section

Displays information about file directories:

Details section

The “Details” section displays various information about the protected application. It also allows you to exclude certain segments of data or resources from packing. Changes you make in this section are saved to the project file.

“Details” section contains the following subsections:

Functions section

The “Functions” section lists all functions available for protection:

When a function is selected, you can see its properties and protection options on the main panel. For each function you can specify a compilation type and enable lock to a serial number.

Options section

The “Options” subsection of the “Project” section allows you to configure various protection parameters:

File

  • Memory Protection – this option allows you to secure the image of the file in memory from any changes (data integrity is checked for all sections that do not have the WRITABLE attribute). Image integrity check is performed before passing the control to the original entry point of the program. If integrity is violated, a corresponding message is shown and the program stops execution.
  • Import Protection – this option allows hiding the list of API the protected program uses from a cracker. We recommend using this option along with packing of the output file.
  • Resource Protection – this option encrypts resources of the program (except icons, manifests and other service resources).
  • Pack the Output File – this option allows you to pack the protected file to reduce its size. The application is unpacked automatically when the protected file is executed. The entire unpacking goes without any disk writing, completely in RAM. When using this option, we also recommend to include EntryPoint to the list of protected objects.

    Important!

    When the program starts, after the code is unpacked the control is passed to EntryPoint. If the code of EntryPoint is virtualized, this code will be executed on the same VM interpreter as the code of the unpacker itself. Virtualization of EntryPoint combined with packing of the protected file prevents manual unpacking of the protected file, as in this case an intruder has to restore EntryPoint code to get a working file image.

Additional

  • Watermarks – allows adding watermarks to the project.
  • VM Segments – When the file is compiled, new segments will be added to it to the place where various system data are stored (virtualized and mutated code, VM interpreters, watermarks etc.). This option allows you to specify names for these new segments. We recommend changing the standard “.vmp” name of segments to something else (for example “.UPX”).
  • Strip Debug Information – removing of debug information impedes analysis of the code by a cracker.
  • Strip Relocations – some compilers (i.e. Delphi) create a relocation table for EXE files that are not used by the operating system to load EXE files. If the option is enabled, the space occupied by relocation table is be used for VM needs.

Detection

  • Debugger – this option prevents debugging of the protected file. There are 2 types of debuggers: User-mode debuggers (OllyDBG, WinDBG etc.) and Kernel-mode debuggers(SoftICE, Syser and others). Debugger detection is performed before passing control to the entry point of the program. If a debugger is detected, a corresponding message is shown and the program stops execution.
  • Virtualiztion Tools – this option prohibits executing the protected file in various virtual environments: VMware, Virtual PC, VirtualBox, Sandboxie. Detection of virtualization is performed before passing control to the entry point of the program. If a virtual environment is detected, a corresponding message is shown and the program stops execution.

Messages

Here you can customize messages the program displays when it detects a debugger, a virtualization tool, if the file is corrupted or when there’s an attempt to execute the code protected by a serial number.

Licensing parameters

  • File Name - choose a project file created in the license manager as a licensing parameter file. By default, the current project file is used.
  • Activation Server - this option is required for activation system.