From a4ac24111e2f644e3f4fa84486b10d6c2ea6ef10 Mon Sep 17 00:00:00 2001
From: John Doe <xerox@hacks.ltd>
Date: Sun, 26 Dec 2021 09:15:05 -0800
Subject: [PATCH] updated vmprofiler dep, still adding profiles...

---
 deps/vmprofiler |  2 +-
 src/main.cpp    | 43 +++++++++++++++++++++++--------------------
 src/vmemu_t.cpp |  5 +++--
 3 files changed, 27 insertions(+), 23 deletions(-)

diff --git a/deps/vmprofiler b/deps/vmprofiler
index 599a685..dcb8e1c 160000
--- a/deps/vmprofiler
+++ b/deps/vmprofiler
@@ -1 +1 @@
-Subproject commit 599a685b9e1b8e2f36526a61a2f77ecdc49a7288
+Subproject commit dcb8e1c96a2ea2c026929aacd8d6a39ee9948587
diff --git a/src/main.cpp b/src/main.cpp
index fe9c2ad..7b852d4 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -32,6 +32,7 @@ int __cdecl main(int argc, const char* argv[]) {
           "scan for all vm enters and trace all of them... this may take a few "
           "minutes...");
 
+  vm::utils::init();
   parser.enable_help();
   auto result = parser.parse(argc, argv);
 
@@ -112,26 +113,28 @@ int __cdecl main(int argc, const char* argv[]) {
   }
 
   if (parser.exists("vmentry")) {
-    const auto vm_entry_rva =
-        std::strtoull(parser.get<std::string>("vmentry").c_str(), nullptr, 16);
-
-    vm::vmctx_t vmctx(module_base, image_base, image_size, vm_entry_rva);
-    if (!vmctx.init()) {
-      std::printf(
-          "[!] failed to init vmctx... this can be for many reasons..."
-          " try validating your vm entry rva... make sure the binary is "
-          "unpacked and is"
-          "protected with VMProtect 3...\n");
-      return -1;
+    const auto vm_entries = vm::locate::get_vm_entries(module_base, image_size);
+    std::printf("> number of vm entries = %d\n", vm_entries.size());
+
+    for (const auto& [vm_entry_rva, encrypted_rva] : vm_entries) {
+      vm::vmctx_t vmctx(module_base, image_base, image_size, vm_entry_rva);
+      if (!vmctx.init()) {
+        std::printf(
+            "[!] failed to init vmctx... this can be for many reasons..."
+            " try validating your vm entry rva... make sure the binary is "
+            "unpacked and is"
+            "protected with VMProtect 3...\n");
+        return -1;
+      }
+
+      vm::emu_t emu(&vmctx);
+      if (!emu.init()) {
+        std::printf(
+            "[!] failed to init vm::emu_t... read above in the console for the "
+            "reason...\n");
+        return -1;
+      }
+      emu.emulate();
     }
-
-    vm::emu_t emu(&vmctx);
-    if (!emu.init()) {
-      std::printf(
-          "[!] failed to init vm::emu_t... read above in the console for the "
-          "reason...\n");
-      return -1;
-    }
-    emu.emulate();
   }
 }
\ No newline at end of file
diff --git a/src/vmemu_t.cpp b/src/vmemu_t.cpp
index 0c23c17..6696972 100644
--- a/src/vmemu_t.cpp
+++ b/src/vmemu_t.cpp
@@ -179,8 +179,6 @@ bool emu_t::code_exec_callback(uc_engine* uc,
                     inst_stream.push_back({instr.m_instr});
                   });
 
-    vm::utils::print(inst_stream);
-
     if (vinstr.mnemonic != vm::instrs::mnemonic_t::unknown) {
       if (vinstr.imm.has_imm)
         std::printf("> %s %p\n",
@@ -189,6 +187,9 @@ bool emu_t::code_exec_callback(uc_engine* uc,
       else
         std::printf("> %s\n",
                     vm::instrs::get_profile(vinstr.mnemonic)->name.c_str());
+    } else {
+      vm::utils::print(inst_stream);
+      std::getchar();
     }
 
     if (vinstr.mnemonic == vm::instrs::mnemonic_t::jmp) {