Description

Armadillo Nanomits, also known as SoftwarePassport, is a commercial software protection system that utilizes a technique called "nanomites" to protect Windows applications. This method involves modifying the application's binary code by replacing short instructions (like a 2-5 byte jump) with a single-byte instruction (int 3, 0xcc). The original instruction is then stored elsewhere and restored when needed, making it more difficult for reverse engineers to analyze and crack the software. In essence, Armadillo uses this technique to obfuscate and protect the code by making it appear fragmented and difficult to follow.

Nanomites:
This technique involves breaking up code into small, seemingly insignificant pieces (nanomites) that are then reassembled at runtime.

Code Modification:
Armadillo modifies the original code, replacing instructions with smaller ones and storing the original instructions separately.

Runtime Restoration:
When the protected code needs to be executed, the original instructions are restored, effectively "reassembling" the code temporarily.

Reverse Engineering Difficulty:
By fragmenting the code and requiring runtime restoration, Armadillo makes it harder for reverse engineers to understand the program's logic and functionality.

Debug Blocker:
Armadillo also uses a "Debug Blocker" technique, where it creates a child process and attaches a debugger to it, making it more challenging to debug the protected application.

Developer Marks:
Armadillo allows the application developer to mark specific code segments for protection, enabling them to selectively protect critical parts of their application.

Additional Information