gmh5225
/
vmemu
forked from vmp3/vmemu
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

updated vmprofiler dep, still adding profiles...

Browse Source
main
John Doe 2 years ago
parent 891a925be4
commit a4ac24111e
3 changed files with 27 additions and 23 deletions
Show Stats Download Patch File Download Diff File

2
deps/vmprofiler vendored

@ -1 +1 @@
Subproject commit 599a685b9e1b8e2f36526a61a2f77ecdc49a7288 Subproject commit dcb8e1c96a2ea2c026929aacd8d6a39ee9948587

43
src/main.cpp
Unescape View File

@ -32,6 +32,7 @@ int __cdecl main(int argc, const char* argv[]) {
"scan for all vm enters and trace all of them... this may take a few " "scan for all vm enters and trace all of them... this may take a few "
"minutes..."); "minutes...");
vm::utils::init();
parser.enable_help(); parser.enable_help();
auto result = parser.parse(argc, argv); auto result = parser.parse(argc, argv);
@ -112,26 +113,28 @@ int __cdecl main(int argc, const char* argv[]) {
} }
if (parser.exists("vmentry")) { if (parser.exists("vmentry")) {
const auto vm_entry_rva = const auto vm_entries = vm::locate::get_vm_entries(module_base, image_size);
std::strtoull(parser.get<std::string>("vmentry").c_str(), nullptr, 16); std::printf("> number of vm entries = %d\n", vm_entries.size());
vm::vmctx_t vmctx(module_base, image_base, image_size, vm_entry_rva); for (const auto& [vm_entry_rva, encrypted_rva] : vm_entries) {
if (!vmctx.init()) { vm::vmctx_t vmctx(module_base, image_base, image_size, vm_entry_rva);
std::printf( if (!vmctx.init()) {
"[!] failed to init vmctx... this can be for many reasons..." std::printf(
" try validating your vm entry rva... make sure the binary is " "[!] failed to init vmctx... this can be for many reasons..."
"unpacked and is" " try validating your vm entry rva... make sure the binary is "
"protected with VMProtect 3...\n"); "unpacked and is"
return -1; "protected with VMProtect 3...\n");
return -1;
}
vm::emu_t emu(&vmctx);
if (!emu.init()) {
std::printf(
"[!] failed to init vm::emu_t... read above in the console for the "
"reason...\n");
return -1;
}
emu.emulate();
} }
vm::emu_t emu(&vmctx);
if (!emu.init()) {
std::printf(
"[!] failed to init vm::emu_t... read above in the console for the "
"reason...\n");
return -1;
}
emu.emulate();
} }
} }

5
src/vmemu_t.cpp
Unescape View File

@ -179,8 +179,6 @@ bool emu_t::code_exec_callback(uc_engine* uc,
inst_stream.push_back({instr.m_instr}); inst_stream.push_back({instr.m_instr});
}); });
vm::utils::print(inst_stream);
if (vinstr.mnemonic != vm::instrs::mnemonic_t::unknown) { if (vinstr.mnemonic != vm::instrs::mnemonic_t::unknown) {
if (vinstr.imm.has_imm) if (vinstr.imm.has_imm)
std::printf("> %s %p\n", std::printf("> %s %p\n",
@ -189,6 +187,9 @@ bool emu_t::code_exec_callback(uc_engine* uc,
else else
std::printf("> %s\n", std::printf("> %s\n",
vm::instrs::get_profile(vinstr.mnemonic)->name.c_str()); vm::instrs::get_profile(vinstr.mnemonic)->name.c_str());
} else {
vm::utils::print(inst_stream);
std::getchar();
} }
if (vinstr.mnemonic == vm::instrs::mnemonic_t::jmp) { if (vinstr.mnemonic == vm::instrs::mnemonic_t::jmp) {

Write Preview
Loading…
Cancel
Save