updated vmprofiler dep, still adding profiles...

master
John Doe 3 years ago
parent 891a925be4
commit a4ac24111e

2
deps/vmprofiler vendored

@ -1 +1 @@
Subproject commit 599a685b9e1b8e2f36526a61a2f77ecdc49a7288
Subproject commit dcb8e1c96a2ea2c026929aacd8d6a39ee9948587

@ -32,6 +32,7 @@ int __cdecl main(int argc, const char* argv[]) {
"scan for all vm enters and trace all of them... this may take a few "
"minutes...");
vm::utils::init();
parser.enable_help();
auto result = parser.parse(argc, argv);
@ -112,26 +113,28 @@ int __cdecl main(int argc, const char* argv[]) {
}
if (parser.exists("vmentry")) {
const auto vm_entry_rva =
std::strtoull(parser.get<std::string>("vmentry").c_str(), nullptr, 16);
vm::vmctx_t vmctx(module_base, image_base, image_size, vm_entry_rva);
if (!vmctx.init()) {
std::printf(
"[!] failed to init vmctx... this can be for many reasons..."
" try validating your vm entry rva... make sure the binary is "
"unpacked and is"
"protected with VMProtect 3...\n");
return -1;
const auto vm_entries = vm::locate::get_vm_entries(module_base, image_size);
std::printf("> number of vm entries = %d\n", vm_entries.size());
for (const auto& [vm_entry_rva, encrypted_rva] : vm_entries) {
vm::vmctx_t vmctx(module_base, image_base, image_size, vm_entry_rva);
if (!vmctx.init()) {
std::printf(
"[!] failed to init vmctx... this can be for many reasons..."
" try validating your vm entry rva... make sure the binary is "
"unpacked and is"
"protected with VMProtect 3...\n");
return -1;
}
vm::emu_t emu(&vmctx);
if (!emu.init()) {
std::printf(
"[!] failed to init vm::emu_t... read above in the console for the "
"reason...\n");
return -1;
}
emu.emulate();
}
vm::emu_t emu(&vmctx);
if (!emu.init()) {
std::printf(
"[!] failed to init vm::emu_t... read above in the console for the "
"reason...\n");
return -1;
}
emu.emulate();
}
}

@ -179,8 +179,6 @@ bool emu_t::code_exec_callback(uc_engine* uc,
inst_stream.push_back({instr.m_instr});
});
vm::utils::print(inst_stream);
if (vinstr.mnemonic != vm::instrs::mnemonic_t::unknown) {
if (vinstr.imm.has_imm)
std::printf("> %s %p\n",
@ -189,6 +187,9 @@ bool emu_t::code_exec_callback(uc_engine* uc,
else
std::printf("> %s\n",
vm::instrs::get_profile(vinstr.mnemonic)->name.c_str());
} else {
vm::utils::print(inst_stream);
std::getchar();
}
if (vinstr.mnemonic == vm::instrs::mnemonic_t::jmp) {

Loading…
Cancel
Save