Informative Information for the Uninformed | ||||||||||||||
|
||||||||||||||
Next: Attacks (and Counter-Attacks) on
Up: Protection Schemes of the
Previous: Multiple Flavors of the
Authenticity Check Performed on Lockdown Module CallerAn additional new protection scheme introduced in the Lockdown module is a rudimentary check on the authenticity of the caller of the module's export, the CheckRevision routine. Specifically, the module attempts to ascertain whether the return address of the call to the CheckRevision routine points to a code location within the Battle.snp module. If the return pointer for the call to CheckRevision is not within the expected range, then an error is deliberately introduced into the checksum calculations, ultimately resulting in the result returned by the Lockdown module becoming invalidated.
|