“Functions for Protection” section
This section is for choosing which functions must be protected.
Adding a function
To add a new object to the project, click the “Add Function” button on the toolbar, or select the corresponding item in the context menu:
A new function dialog appears:
Specify the address of the function, or start typing function’s name to the quick search box to select the function directly from the list on the “Functions” tab. Use multi-selection if you want to add several functions at once. All selected functions are added with the chosen protection options.
Options
- Compilation type – select the way the object is compiled. Selecting a proper way to protect each object (procedure, function, code fragment) from examination and hacking results in optimal balance between performance and security of the code. VMProtect allows the developer to set the following compilation types for each protected object:
- Mutation. The executable code is modified at the level of CPU commands – existing commands are mutated, various “garbage” commands are added and so on. This type of compilation is relatively weak in terms of protecting the code from hack or analysis. Its main purpose is to prevent detection of processed functions with automated signature analysers (PEiD+KANAL, IDA+FLIRT etc.). This type of compilation is worthwhile to protect library functions as they usually do not require strong protection from cracking and analysis. So it is enough to modify signatures so that a potential cracker couldn’t automatically detect particular libraries used in the application. Mutation provides low level of protection and analysis, but high performance of code execution.
- Virtualization. The executable code is translated to the bytecode executed on a virtual machine. This compilation type should be applied to all critical parts of code that require both serious hacking and analysis countermeasures and high performance. Virtualization provides average protection from hacking and analysis and average execution speed.
- Ultra (mutation + virtualization). The executable code is mutated on the processor instruction level and then is translated to the bytecode executed on a virtual machine. This type of compilation should be applied to all fragments of code when the speed of execution is not critical. Ultra protection provides high protection and is executed slowly.
- Lock to Serial Number – if this option is enable, the protected function become unavailable without a valid serial number entered. In such a way you can limit access to certain functions of the application in the unregistered version.
Search
You can locate objects you need by their name using the quick search box:
You can use the following wildcard symbols in the search box:
- * – replaces any number of symbols;
- ? – replaces one symbol.
Adding a folder
You can add a folder to the project using the context menu:
Folders group protected objects and allow changing protection parameters (exclusion from compilation, type of compilation) of all objects in a folder at once.
Enter the name of a new folder:
Editing objects
The right side of the window displays contents of the selected object. If a protected object is selected in the project tree, the right part displays a disassembled representation of this object:
Right-clicking a line of code brings up the context menu:
- External address – Add the chosen address to the list of external addresses;
- End of function – limit the list of command that should be processed during compilation;
If a folder is selected in the project tree, the right side displays the list of functions in that folder:
You can move functions to and from folders with simple drag-n-drop.