updated vmprofiler dep. preparing to add virtual branch recovery...

main
John Doe 3 years ago
parent 0ea8230f9a
commit 8f691a29f1

2
deps/vmprofiler vendored

@ -1 +1 @@
Subproject commit 703245ffc98f151e2ee197c509dd12a9ab05b8bd
Subproject commit 4c4bcf8a1836eaa2b9e295b46caf67857b726f03

@ -21,6 +21,8 @@ class emu_t {
uc_engine* uc;
const vm::vmctx_t* m_vm;
zydis_reg_t vip, vsp;
std::vector<vm::instrs::vinstr_t> vinstrs;
vm::instrs::hndlr_trace_t cc_trace;
uc_hook code_exec_hook, invalid_mem_hook, int_hook;
@ -29,12 +31,13 @@ class emu_t {
uint32_t size,
emu_t* obj);
static void int_callback(uc_engine* uc, std::uint32_t intno, emu_t* obj);
static void invalid_mem(uc_engine* uc,
uc_mem_type type,
uint64_t address,
int size,
int64_t value,
emu_t* obj);
static void int_callback(uc_engine* uc, std::uint32_t intno, emu_t* obj);
};
} // namespace vm

@ -3,11 +3,8 @@
#include <iostream>
#include <thread>
#include <vmlocate.hpp>
#include "vmemu_t.hpp"
#define NUM_THREADS 20
int __cdecl main(int argc, const char* argv[]) {
argparse::argument_parser_t parser("VMEmu",
"VMProtect 3 VM Handler Emulator");
@ -116,8 +113,9 @@ int __cdecl main(int argc, const char* argv[]) {
const auto vm_entries = vm::locate::get_vm_entries(module_base, image_size);
std::printf("> number of vm entries = %d\n", vm_entries.size());
// TODO: rewrite this, just testing get_vm_entries...
for (const auto& [vm_entry_rva, encrypted_rva] : vm_entries) {
const auto vm_entry_rva =
std::strtoull(parser.get<std::string>("vmentry").c_str(), nullptr, 16);
vm::vmctx_t vmctx(module_base, image_base, image_size, vm_entry_rva);
if (!vmctx.init()) {
std::printf(
@ -140,4 +138,3 @@ int __cdecl main(int argc, const char* argv[]) {
emu.emulate();
}
}
}

@ -192,10 +192,9 @@ bool emu_t::code_exec_callback(uc_engine* uc,
std::getchar();
}
if (vinstr.mnemonic == vm::instrs::mnemonic_t::jmp) {
obj->cc_trace.m_vip = obj->vip;
obj->cc_trace.m_vsp = obj->vsp;
}
obj->vinstrs.push_back(vinstr);
// free the trace since we will start a new one...
std::for_each(obj->cc_trace.m_instrs.begin(), obj->cc_trace.m_instrs.end(),
@ -204,6 +203,10 @@ bool emu_t::code_exec_callback(uc_engine* uc,
});
obj->cc_trace.m_instrs.clear();
if (vinstr.mnemonic == vm::instrs::mnemonic_t::jmp ||
vinstr.mnemonic == vm::instrs::mnemonic_t::vmexit)
uc_emu_stop(obj->uc);
}
return true;
}

Loading…
Cancel
Save