vmassembler/include/compiler.h

#pragma once
#include <Windows.h>
#include <algorithm>
#include <vmprofiler.hpp>
#include <xtils.hpp>

#include "parser.h"

namespace vm
{
    /// <summary>
    /// struct containing encoded data for a given virtual instruction...
    /// </summary>
    struct vinstr_data
    {
        /// <summary>
        /// vm handler index also known as the opcode...
        /// </summary>
        std::uint8_t vm_handler;

        /// <summary>
        /// this field contains the second operand if any...
        /// </summary>
        std::uint64_t operand;

        /// <summary>
        /// size in bits of the second operand if any... zero if none...
        /// </summary>
        std::uint8_t imm_size;
    };

    /// <summary>
    /// struct containing all information for a label...
    /// </summary>
    struct vlabel_data
    {
        /// <summary>
        /// name of the label...
        /// </summary>
        std::string label_name;

        /// <summary>
        /// vector of encoded virtual instructions...
        /// </summary>
        std::vector< vinstr_data > vinstrs;
    };

    /// <summary>
    /// struct containing compiled virtual instructions (encoded and encrypted) for a given label...
    /// </summary>
    struct compiled_label_data
    {
        /// <summary>
        /// label name...
        /// </summary>
        std::string label_name;

        /// <summary>
        /// relative virtual address from vm_entry to the virtual instructions...
        /// </summary>
        std::uintptr_t alloc_rva;

        /// <summary>
        /// encrypted relative virtual address from vm_entry to virtual instructions...
        /// </summary>
        std::uintptr_t enc_alloc_rva;

        /// <summary>
        /// vector of bytes containing the raw, encrypted virtual instructions...
        /// </summary>
        std::vector< std::uint8_t > vinstrs;
    };

    /// <summary>
    /// class containing member functions used to encode and encrypted virtual instructions...
    /// </summary>
    class compiler_t
    {
      public:
        /// <summary>
        /// default constructor
        /// </summary>
        /// <param name="vmctx">pointer to a vm context object which has already been init...</param>
        explicit compiler_t( vm::ctx_t *vmctx );

        /// <summary>
        /// encode virtual instructions from parser::virt_labels
        /// </summary>
        /// <returns>returns a vector of labels containing encoded virtual instructions</returns>
        std::vector< vlabel_data > *encode();

        /// <summary>
        /// encrypt virtual instructions from parser::virt_labels
        /// </summary>
        /// <returns>returns a vector of compiled labels containing encoded and encrypted virtual
        /// instructions...</returns>
        std::vector< compiled_label_data > encrypt();

      private:
        /// <summary>
        /// encrypt virtual instructions rva... <a href="https://back.engineering/17/05/2021/#vm_entry">read more
        /// here...</a>
        /// </summary>
        /// <param name="rva">relative virtual address to encrypted virtual instructions...</param>
        /// <returns></returns>
        std::uint64_t encrypt_rva( std::uint64_t rva );

        /// <summary>
        /// pointer to the vmctx passed in by the constructor...
        /// </summary>
        vm::ctx_t *vmctx;

        /// <summary>
        /// transformations used to decrypt the opcode operand extracted from calc_jmp...
        /// you can read more <a href="https://back.engineering/17/05/2021/#calc_jmp">here...</a>
        /// </summary>
        transform::map_t calc_jmp_transforms;

        /// <summary>
        /// vector of encoded labels...
        /// </summary>
        std::vector< vlabel_data > virt_labels;

        /// <summary>
        /// vector of decoded zydis instructions containing the native instructions to encrypt the virtual instruction
        /// rva which will be pushed onto the stack prior to jmping to vm entry...
        /// </summary>
        std::vector< zydis_decoded_instr_t > encrypt_vinstrs_rva;
    };
} // namespace vm
added source code, gitignore, gitmodules, etc 4 years ago			`#pragma once`
			`#include <Windows.h>`
			`#include <algorithm>`
added vmprofiler v1.5, still needs some work 4 years ago			`#include <vmprofiler.hpp>`
removed yacc and lex generated files, added doxygen comments... 3 years ago			`#include <xtils.hpp>`
added vmprofiler v1.5, still needs some work 4 years ago
added source code, gitignore, gitmodules, etc 4 years ago			`#include "parser.h"`

			`namespace vm`
			`{`
removed yacc and lex generated files, added doxygen comments... 3 years ago			`/// <summary>`
			`/// struct containing encoded data for a given virtual instruction...`
			`/// </summary>`
added vmprofiler v1.5, still needs some work 4 years ago			`struct vinstr_data`
			`{`
removed yacc and lex generated files, added doxygen comments... 3 years ago			`/// <summary>`
			`/// vm handler index also known as the opcode...`
			`/// </summary>`
added vmprofiler v1.5, still needs some work 4 years ago			`std::uint8_t vm_handler;`
removed yacc and lex generated files, added doxygen comments... 3 years ago
			`/// <summary>`
			`/// this field contains the second operand if any...`
			`/// </summary>`
added vmprofiler v1.5, still needs some work 4 years ago			`std::uint64_t operand;`
removed yacc and lex generated files, added doxygen comments... 3 years ago
			`/// <summary>`
			`/// size in bits of the second operand if any... zero if none...`
			`/// </summary>`
			`std::uint8_t imm_size;`
added vmprofiler v1.5, still needs some work 4 years ago			`};`
added source code, gitignore, gitmodules, etc 4 years ago
removed yacc and lex generated files, added doxygen comments... 3 years ago			`/// <summary>`
			`/// struct containing all information for a label...`
			`/// </summary>`
preparing to add labels to the virtual assembly language.. 4 years ago			`struct vlabel_data`
			`{`
removed yacc and lex generated files, added doxygen comments... 3 years ago			`/// <summary>`
			`/// name of the label...`
			`/// </summary>`
preparing to add labels to the virtual assembly language.. 4 years ago			`std::string label_name;`
removed yacc and lex generated files, added doxygen comments... 3 years ago
			`/// <summary>`
			`/// vector of encoded virtual instructions...`
			`/// </summary>`
preparing to add labels to the virtual assembly language.. 4 years ago			`std::vector< vinstr_data > vinstrs;`
			`};`

removed yacc and lex generated files, added doxygen comments... 3 years ago			`/// <summary>`
			`/// struct containing compiled virtual instructions (encoded and encrypted) for a given label...`
			`/// </summary>`
preparing to add labels to the virtual assembly language.. 4 years ago			`struct compiled_label_data`
			`{`
removed yacc and lex generated files, added doxygen comments... 3 years ago			`/// <summary>`
			`/// label name...`
			`/// </summary>`
preparing to add labels to the virtual assembly language.. 4 years ago			`std::string label_name;`
removed yacc and lex generated files, added doxygen comments... 3 years ago
			`/// <summary>`
			`/// relative virtual address from vm_entry to the virtual instructions...`
			`/// </summary>`
			`std::uintptr_t alloc_rva;`

			`/// <summary>`
			`/// encrypted relative virtual address from vm_entry to virtual instructions...`
			`/// </summary>`
			`std::uintptr_t enc_alloc_rva;`

			`/// <summary>`
			`/// vector of bytes containing the raw, encrypted virtual instructions...`
			`/// </summary>`
preparing to add labels to the virtual assembly language.. 4 years ago			`std::vector< std::uint8_t > vinstrs;`
			`};`

removed yacc and lex generated files, added doxygen comments... 3 years ago			`/// <summary>`
			`/// class containing member functions used to encode and encrypted virtual instructions...`
			`/// </summary>`
added vmprofiler v1.5, still needs some work 4 years ago			`class compiler_t`
			`{`
			`public:`
removed yacc and lex generated files, added doxygen comments... 3 years ago			`/// <summary>`
			`/// default constructor`
			`/// </summary>`
			`/// <param name="vmctx">pointer to a vm context object which has already been init...</param>`
preparing to add labels to the virtual assembly language.. 4 years ago			`explicit compiler_t( vm::ctx_t *vmctx );`
removed yacc and lex generated files, added doxygen comments... 3 years ago
			`/// <summary>`
			`/// encode virtual instructions from parser::virt_labels`
			`/// </summary>`
			`/// <returns>returns a vector of labels containing encoded virtual instructions</returns>`
preparing to add labels to the virtual assembly language.. 4 years ago			`std::vector< vlabel_data > *encode();`
removed yacc and lex generated files, added doxygen comments... 3 years ago
			`/// <summary>`
			`/// encrypt virtual instructions from parser::virt_labels`
			`/// </summary>`
			`/// <returns>returns a vector of compiled labels containing encoded and encrypted virtual`
			`/// instructions...</returns>`
preparing to add labels to the virtual assembly language.. 4 years ago			`std::vector< compiled_label_data > encrypt();`
added source code, gitignore, gitmodules, etc 4 years ago
added vmprofiler v1.5, still needs some work 4 years ago			`private:`
removed yacc and lex generated files, added doxygen comments... 3 years ago			`/// <summary>`
			`/// encrypt virtual instructions rva... <a href="https://back.engineering/17/05/2021/#vm_entry">read more`
			`/// here...</a>`
			`/// </summary>`
			`/// <param name="rva">relative virtual address to encrypted virtual instructions...</param>`
			`/// <returns></returns>`
added labels to the source code.. 4 years ago			`std::uint64_t encrypt_rva( std::uint64_t rva );`

removed yacc and lex generated files, added doxygen comments... 3 years ago			`/// <summary>`
			`/// pointer to the vmctx passed in by the constructor...`
			`/// </summary>`
fixed some code and upgraded to vmprofiler v1.7 4 years ago			`vm::ctx_t *vmctx;`
removed yacc and lex generated files, added doxygen comments... 3 years ago
			`/// <summary>`
			`/// transformations used to decrypt the opcode operand extracted from calc_jmp...`
			`/// you can read more <a href="https://back.engineering/17/05/2021/#calc_jmp">here...</a>`
			`/// </summary>`
added vmprofiler v1.5, still needs some work 4 years ago			`transform::map_t calc_jmp_transforms;`
removed yacc and lex generated files, added doxygen comments... 3 years ago
			`/// <summary>`
			`/// vector of encoded labels...`
			`/// </summary>`
added labels to the source code.. 4 years ago			`std::vector< vlabel_data > virt_labels;`
removed yacc and lex generated files, added doxygen comments... 3 years ago
			`/// <summary>`
			`/// vector of decoded zydis instructions containing the native instructions to encrypt the virtual instruction`
			`/// rva which will be pushed onto the stack prior to jmping to vm entry...`
			`/// </summary>`
added vmprofiler v1.5, still needs some work 4 years ago			`std::vector< zydis_decoded_instr_t > encrypt_vinstrs_rva;`
			`};`
			`} // namespace vm`