You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
_xeroxz
5fb01835d7
|
4 years ago | |
---|---|---|
dependencies | 4 years ago | |
refbuilds | 4 years ago | |
src | 4 years ago | |
.gitignore | 4 years ago | |
.gitmodules | 4 years ago | |
LICENSE | 4 years ago | |
README.md | 4 years ago |
README.md
um-hook - Usermode Virtual Instruction Hook Demo
um-hook is a demo project/repo which contains an example of how to hook a virtual instruction and alter its results. The binaries in this repo are not packed for simplicity sake, however in later demo's I will be applying packing to the executable.
Contents
- dependencies/ - this project is dependent on
vmhook
. - refbuilds/ - binaries protected with
ultra virtualization
and no packing. These bins are for you to mess with! - src/ - source code for the usermode tracer.
- vmptest/ - source code for the the test bins
- um-hook/ - source code for usermode hook, includes a hook on
LCONSTBZX
.
Usage
First download the repo with git clone --recursive https://githacks.org/vmp2/um-hook.git
, then compile the um-hook
by opening demo.sln
inside of src/
. There should be an executable called um-hook.exe
in x64/Release
. This hook demo program is compiled for the first vmptest
binary in the refbuilds
directly.
To create a trace file simply run the following:
um-hook.exe --bin vmptest.vmp.exe --table 0x6473 --base 0x140000000 --out test.vmp2