diff --git a/CMakeLists.txt b/CMakeLists.txt index 585830e..c351b21 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -25,6 +25,16 @@ endif() project(vmprofiler) +# deps +set(CMKR_CMAKE_FOLDER ${CMAKE_FOLDER}) +if(CMAKE_FOLDER) + set(CMAKE_FOLDER "${CMAKE_FOLDER}/deps") +else() + set(CMAKE_FOLDER deps) +endif() +add_subdirectory(deps) +set(CMAKE_FOLDER ${CMKR_CMAKE_FOLDER}) + # Target vmprofiler set(CMKR_TARGET vmprofiler) set(vmprofiler_SOURCES "") diff --git a/cmake.toml b/cmake.toml index 47fe57d..e9c5b15 100644 --- a/cmake.toml +++ b/cmake.toml @@ -21,4 +21,6 @@ link-libraries = [ compile-definitions = [ "NOMINMAX" -] \ No newline at end of file +] + +[subdir.deps] \ No newline at end of file diff --git a/deps/CMakeLists.txt b/deps/CMakeLists.txt new file mode 100644 index 0000000..afc8594 --- /dev/null +++ b/deps/CMakeLists.txt @@ -0,0 +1,43 @@ +# This file is automatically generated from cmake.toml - DO NOT EDIT +# See https://github.com/build-cpp/cmkr for more information + +# Create a configure-time dependency on cmake.toml to improve IDE support +if(CMKR_ROOT_PROJECT) + configure_file(cmake.toml cmake.toml COPYONLY) +endif() + +# Options +option(ZYDIS_BUILD_SHARED_LIB OFF) +option(ZYDIS_BUILD_EXAMPLES OFF) +option(ZYDIS_BUILD_TOOLS OFF) +option(ZYDIS_FUZZ_AFL_FAST OFF) +option(ZYDIS_LIBFUZZER OFF) + +# zydis +set(CMKR_CMAKE_FOLDER ${CMAKE_FOLDER}) +if(CMAKE_FOLDER) + set(CMAKE_FOLDER "${CMAKE_FOLDER}/zydis") +else() + set(CMAKE_FOLDER zydis) +endif() +add_subdirectory(zydis) +set(CMAKE_FOLDER ${CMKR_CMAKE_FOLDER}) + +# Target linux-pe +set(CMKR_TARGET linux-pe) +set(linux-pe_SOURCES "") + +set(CMKR_SOURCES ${linux-pe_SOURCES}) +add_library(linux-pe INTERFACE) + +if(linux-pe_SOURCES) + target_sources(linux-pe INTERFACE ${linux-pe_SOURCES}) +endif() + +target_include_directories(linux-pe INTERFACE + "linux-pe/includes/" +) + +unset(CMKR_TARGET) +unset(CMKR_SOURCES) + diff --git a/deps/zydis b/deps/zydis index 4756724..ce4a42f 160000 --- a/deps/zydis +++ b/deps/zydis @@ -1 +1 @@ -Subproject commit 4756724a505d5514eed1f2351336e4d77bfb406f +Subproject commit ce4a42ffaffe4a5ff615665e05177c4c69eb4683 diff --git a/include/vmutils.hpp b/include/vmutils.hpp index e69de29..a605799 100644 --- a/include/vmutils.hpp +++ b/include/vmutils.hpp @@ -0,0 +1,42 @@ +#pragma once +#include +#include +#include +#include +#include + +using u8 = unsigned char; +using u16 = unsigned short; +using u32 = unsigned int; +using u64 = unsigned long long; + +using zydis_decoded_instr_t = ZydisDecodedInstruction; +using zydis_register_t = ZydisRegister; +using zydis_mnemonic_t = ZydisMnemonic; +using zydis_decoded_operand_t = ZydisDecodedOperand; + +struct zydis_instr_t { + zydis_decoded_instr_t instr; + std::vector raw; + std::uintptr_t addr; +}; + +using zydis_routine_t = std::vector; + +namespace vm::utils { +inline thread_local std::shared_ptr g_decoder = nullptr; +inline thread_local std::shared_ptr g_formatter = nullptr; + +inline void init() { + if (!vm::utils::g_decoder && !vm::utils::g_formatter) { + vm::utils::g_decoder = std::make_shared(); + vm::utils::g_formatter = std::make_shared(); + + ZydisDecoderInit(vm::utils::g_decoder.get(), ZYDIS_MACHINE_MODE_LONG_64, + ZYDIS_ADDRESS_WIDTH_64); + + ZydisFormatterInit(vm::utils::g_formatter.get(), + ZYDIS_FORMATTER_STYLE_INTEL); + } +} +} // namespace vm::utils \ No newline at end of file diff --git a/src/vmlocate.cpp b/src/vmlocate.cpp index b1e0fd6..6f69306 100644 --- a/src/vmlocate.cpp +++ b/src/vmlocate.cpp @@ -53,7 +53,7 @@ std::vector get_vm_entries(std::uintptr_t module_base, if (!scn::executable(module_base, result)) continue; - if (!vm::util::flatten(rtn, result, false, 500, module_base)) + if (!vm::utils::flatten(rtn, result, false, 500, module_base)) continue; // the last instruction in the stream should be a JMP to a register or a