From 387e02eb7b00b73a47b9fdd3d751ef7b2c518b9f Mon Sep 17 00:00:00 2001
From: _xeroxz <xerox@back.engineering>
Date: Wed, 30 Jun 2021 23:51:14 +0000
Subject: [PATCH] Update README.md

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 93487f9..17c1193 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,5 @@
+![](https://githacks.org/_xeroxz/vmhook-eac/-/raw/a2e38c76b1fb9a53527c2441b06bb25b768d9959/bin/running-with-patch.png)
+
 ### About
 
 This is a small POC to show an interesting design weakness in VMProtect 2 which can aid an attacker in such a way that reading memory can be manipulated in a centralized way. In this POC all `READQ/DW/B` virtual instructions are hooked, when virtualized integrity check routines try and read unwriteable sections, the pointer is changed to an untouched clone of the driver. This means all inlined virtualized integrity checks can be bypassed with a few lines of code. This is not possible without the aid of VMProtect 2's design... So im refering to having reusable vm handlers as a design weakness...