diff --git a/CodeVirtualizer/CodeVirtualizer.vcxproj b/CodeVirtualizer/CodeVirtualizer.vcxproj
index 8669c09..9976509 100644
--- a/CodeVirtualizer/CodeVirtualizer.vcxproj
+++ b/CodeVirtualizer/CodeVirtualizer.vcxproj
@@ -151,14 +151,18 @@
+
+
+
+
diff --git a/CodeVirtualizer/CodeVirtualizer.vcxproj.filters b/CodeVirtualizer/CodeVirtualizer.vcxproj.filters
index 5c89403..2dcec48 100644
--- a/CodeVirtualizer/CodeVirtualizer.vcxproj.filters
+++ b/CodeVirtualizer/CodeVirtualizer.vcxproj.filters
@@ -17,6 +17,12 @@
Virtualizer
+
+ VirtualMachine
+
+
+ Obfuscator
+
@@ -32,6 +38,12 @@
Virtualizer
+
+ VirtualMachine
+
+
+ Obfuscator
+
@@ -43,5 +55,14 @@
{f74192e7-2064-44d2-983c-fac92f468c0a}
+
+ {65f3fdd3-b851-4e50-8a48-d1ecb4af2f91}
+
+
+ {d784ddc8-2452-41ff-bc20-582ec03b3eb5}
+
+
+ {cc5b78db-cdf7-4b83-9652-2722cbdec89e}
+
\ No newline at end of file
diff --git a/CodeVirtualizer/CryptedCode.cpp b/CodeVirtualizer/CryptedCode.cpp
new file mode 100644
index 0000000..e9132fc
--- /dev/null
+++ b/CodeVirtualizer/CryptedCode.cpp
@@ -0,0 +1,3 @@
+#include "CryptedCode.h"
+
+PNATIVE_CODE_BLOCK RxEmitXorForInstruction(PNATIVE_CODE_LINK Link);
\ No newline at end of file
diff --git a/CodeVirtualizer/CryptedCode.h b/CodeVirtualizer/CryptedCode.h
new file mode 100644
index 0000000..d586418
--- /dev/null
+++ b/CodeVirtualizer/CryptedCode.h
@@ -0,0 +1,11 @@
+#ifndef __CRYPTED_CODE_H
+#define __CRYPTED_CODE_H
+
+#include "Windas.h"
+#include "XedWrap.h"
+#include "NativeCode.h"
+
+PNATIVE_CODE_BLOCK RxEmitXorForInstruction(PNATIVE_CODE_LINK Link);
+
+
+#endif
diff --git a/CodeVirtualizer/NativeCode.cpp b/CodeVirtualizer/NativeCode.cpp
index 39c8dbe..17b6aaf 100644
--- a/CodeVirtualizer/NativeCode.cpp
+++ b/CodeVirtualizer/NativeCode.cpp
@@ -4,16 +4,18 @@ _NATIVE_CODE_LINK::_NATIVE_CODE_LINK()
{
XedDecodedInstZero(&XedInst);
XedDecodedInstSetMode(&XedInst, XED_MACHINE_MODE_LONG_64, XED_ADDRESS_WIDTH_64b);
- Flags = 0;
+ Flags = 0UL;
Next = Prev = NULL;
- Label = 0;
+ Block = NULL;
+ Label = 0UL;
RawData = NULL;
RawDataSize = 0UL;
}
-_NATIVE_CODE_LINK::_NATIVE_CODE_LINK(ULONG LabelId)
+_NATIVE_CODE_LINK::_NATIVE_CODE_LINK(ULONG LabelId, _NATIVE_CODE_BLOCK* B)
: _NATIVE_CODE_LINK()
{
+ Block = B;
Label = LabelId;
Flags = CODE_FLAG_IS_LABEL;
}
@@ -59,14 +61,33 @@ VOID NcConcat(PNATIVE_CODE_BLOCK Block1, PNATIVE_CODE_BLOCK Block2)
//update the label names so that there are no conflicts between the two blocks
}
-VOID NcInsertBlockAfter(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block)
+BOOL NcInsertBlockAfter(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block)
{
}
-VOID NcInsertBlockBfore(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block)
+BOOL NcInsertBlockBefore(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block)
{
+ if (!Link || !Link->Block || !Block || !Block->Start || !Block->End)
+ return FALSE;
+ if (Block->HasRelativeJumps && Link->Block->HasRelativeJumps)
+ {
+ //TODO: increment all labels inside of the block being added
+ return FALSE;
+ }
+ else
+ {
+ if (Link->Prev)
+ Link->Prev->Next = Block->Start;
+ Block->Start->Prev = Link->Prev;
+
+ Block->End->Next = Link;
+ Link->Prev = Block->End;
+ return TRUE;
+ }
+
+ return FALSE;
}
BOOL NcCreateLabels(PNATIVE_CODE_BLOCK Block)
@@ -111,10 +132,11 @@ BOOL NcCreateLabels(PNATIVE_CODE_BLOCK Block)
}
else
{
- NcInsertLinkBefore(JmpPos, new NATIVE_CODE_LINK(CurrentLabelId));
+ NcInsertLinkBefore(JmpPos, new NATIVE_CODE_LINK(CurrentLabelId, Block));
T->Label = CurrentLabelId;
++CurrentLabelId;
}
+ Block->HasRelativeJumps = TRUE;
T->Flags |= CODE_FLAG_IS_REL_JMP;
}
return TRUE;
@@ -181,7 +203,7 @@ BOOL NcFromBuffer(PNATIVE_CODE_BLOCK Block, PVOID Buffer, ULONG BufferSize)
delete Link;
return FALSE;
}
-
+ Link->Block = Block;
Link->Prev = Block->End;
Block->End->Next = Link;
Block->End = Link;
@@ -236,4 +258,5 @@ VOID NcDebugPrint(PNATIVE_CODE_BLOCK Block)
}
}
}
-}
\ No newline at end of file
+}
+
diff --git a/CodeVirtualizer/NativeCode.h b/CodeVirtualizer/NativeCode.h
index 49f165e..820f276 100644
--- a/CodeVirtualizer/NativeCode.h
+++ b/CodeVirtualizer/NativeCode.h
@@ -5,24 +5,27 @@
#include "XedWrap.h"
#include "Code.h"
+struct _NATIVE_CODE_BLOCK;
+
typedef struct _NATIVE_CODE_LINK
{
_NATIVE_CODE_LINK* Next;
_NATIVE_CODE_LINK* Prev;
-
+ _NATIVE_CODE_BLOCK* Block;
ULONG Flags;
ULONG Label;
PUCHAR RawData;
ULONG RawDataSize;
XED_DECODED_INST XedInst;
_NATIVE_CODE_LINK();
- _NATIVE_CODE_LINK(ULONG LabelId);
+ _NATIVE_CODE_LINK(ULONG LabelId, _NATIVE_CODE_BLOCK* B);
}NATIVE_CODE_LINK, *PNATIVE_CODE_LINK;
typedef struct _NATIVE_CODE_BLOCK
{
PNATIVE_CODE_LINK Start;
PNATIVE_CODE_LINK End;
+ BOOL HasRelativeJumps;
}NATIVE_CODE_BLOCK, *PNATIVE_CODE_BLOCK;
VOID NcInsertLinkAfter(PNATIVE_CODE_LINK Link1, PNATIVE_CODE_LINK Link2);
@@ -33,9 +36,9 @@ VOID NcUnlink(PNATIVE_CODE_LINK Link);
VOID NcConcat(PNATIVE_CODE_BLOCK Block1, PNATIVE_CODE_BLOCK Block2);
-VOID NcInsertBlockAfter(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block);
+BOOL NcInsertBlockAfter(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block);
-VOID NcInsertBlockBfore(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block);
+BOOL NcInsertBlockBefore(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block);
BOOL NcCreateLabels(PNATIVE_CODE_BLOCK Block);
@@ -48,4 +51,5 @@ VOID NcDelete(PNATIVE_CODE_BLOCK Block);
VOID NcDebugPrint(PNATIVE_CODE_BLOCK Block);
+
#endif
\ No newline at end of file
diff --git a/CodeVirtualizer/VirtualMachine.cpp b/CodeVirtualizer/VirtualMachine.cpp
new file mode 100644
index 0000000..4b8016d
--- /dev/null
+++ b/CodeVirtualizer/VirtualMachine.cpp
@@ -0,0 +1,11 @@
+#include "VirtualMachine.h"
+
+
+PUCHAR VmEmitVmEnter(PULONG Size)
+{
+ return NULL;
+}
+PUCHAR VmEmitVmExit(PULONG Size)
+{
+ return NULL;
+}
diff --git a/CodeVirtualizer/VirtualMachine.h b/CodeVirtualizer/VirtualMachine.h
new file mode 100644
index 0000000..92d4369
--- /dev/null
+++ b/CodeVirtualizer/VirtualMachine.h
@@ -0,0 +1,21 @@
+#ifndef __VIRTUAL_MACHINE_H
+#define __VIRTUAL_MACHINE_H
+
+#include "Windas.h"
+#include "XedWrap.h"
+
+typedef struct _VM_DATA
+{
+ PVOID RegisterFile[32];
+}VM_DATA, *PVM_DATA;
+
+/*
+* VmEnter:
+* Move all x86 8 byte registers into storage inside of VM_DATA structure.
+* Move address of VM_DATA structure into rcx
+* Move virtual instruction pointer into rdx
+*/
+PUCHAR VmEmitVmEnter(PULONG Size);
+PUCHAR VmEmitVmExit(PULONG Size);
+
+#endif
\ No newline at end of file
diff --git a/CodeVirtualizer/Virtualizer.cpp b/CodeVirtualizer/Virtualizer.cpp
index c3c2bdb..f596c5a 100644
--- a/CodeVirtualizer/Virtualizer.cpp
+++ b/CodeVirtualizer/Virtualizer.cpp
@@ -1 +1,15 @@
-#include "Virtualizer.h"
\ No newline at end of file
+#include "Virtualizer.h"
+
+BOOL ViCanHandleInst(PNATIVE_CODE_LINK Link)
+{
+ return TRUE;
+}
+BOOL ViValidateNativeCodeBlock(PNATIVE_CODE_BLOCK Block)
+{
+ for (PNATIVE_CODE_LINK T = Block->Start; T; T = T->Next)
+ {
+ if (!ViCanHandleInst(T))
+ return FALSE;
+ }
+ return TRUE;
+}
\ No newline at end of file
diff --git a/CodeVirtualizer/Virtualizer.h b/CodeVirtualizer/Virtualizer.h
index f0f7dc9..d5f03c8 100644
--- a/CodeVirtualizer/Virtualizer.h
+++ b/CodeVirtualizer/Virtualizer.h
@@ -6,6 +6,13 @@
#include "NativeCode.h"
+/*
+*
+*
+*
+*/
+
BOOL ViCanHandleInst(PNATIVE_CODE_LINK Link);
+BOOL ViValidateNativeCodeBlock(PNATIVE_CODE_BLOCK Block);
#endif
\ No newline at end of file
diff --git a/x64/Debug/CodeVirtualizer.ilk b/x64/Debug/CodeVirtualizer.ilk
index 6232401..c334703 100644
Binary files a/x64/Debug/CodeVirtualizer.ilk and b/x64/Debug/CodeVirtualizer.ilk differ