From d2da38cad1547afa3a227040999fbd5bf9710622 Mon Sep 17 00:00:00 2001 From: _xeroxz Date: Tue, 31 Aug 2021 22:08:09 -0700 Subject: [PATCH] added more lifters... --- include/vm_lifters.hpp | 4 ++++ src/lifters/div.cpp | 19 +++++++++++++++++++ src/lifters/imul.cpp | 2 ++ src/lifters/mul.cpp | 16 ++++++++++++++++ src/main.cpp | 5 +++++ 5 files changed, 46 insertions(+) diff --git a/include/vm_lifters.hpp b/include/vm_lifters.hpp index 7e37a80..835d2e1 100644 --- a/include/vm_lifters.hpp +++ b/include/vm_lifters.hpp @@ -35,6 +35,7 @@ namespace vm static lifter_callback_t sregq, sregdw, sregw, sregb; static lifter_callback_t lregq, lregdw; static lifter_callback_t imulq, imuldw; + static lifter_callback_t mulq; static lifter_callback_t pushvsp; static lifter_callback_t popvsp; static lifter_callback_t writeq, writedw, writew, writeb; @@ -49,6 +50,7 @@ namespace vm static lifter_callback_t vmexit; static lifter_callback_t readcr8; static lifter_callback_t readgsq; + static lifter_callback_t divdw; std::map< vm::handler::mnemonic_t, lifter_callback_t * > lifters = { { vm::handler::LCONSTQ, &lconstq }, { vm::handler::LCONSTDW, &lconstdw }, @@ -59,6 +61,7 @@ namespace vm { vm::handler::LCONSTBSXQ, &lconstbsxq }, { vm::handler::LCONSTWSXDW, &lconstwsxdw }, { vm::handler::LCONSTBSXDW, &lconstbsxdw }, + { vm::handler::DIVDW, &divdw }, { vm::handler::ADDQ, &addq }, { vm::handler::ADDDW, &adddw }, { vm::handler::ADDW, &addw }, @@ -72,6 +75,7 @@ namespace vm { vm::handler::SHRDQ, &shrdq }, { vm::handler::IMULQ, &imulq }, { vm::handler::IMULDW, &imuldw }, + { vm::handler::MULQ, &mulq }, { vm::handler::PUSHVSPQ, &pushvsp }, { vm::handler::POPVSPQ, &popvsp }, { vm::handler::SREGQ, &sregq }, diff --git a/src/lifters/div.cpp b/src/lifters/div.cpp index e69de29..72cf65f 100644 --- a/src/lifters/div.cpp +++ b/src/lifters/div.cpp @@ -0,0 +1,19 @@ +#include + +namespace vm +{ + lifters_t::lifter_callback_t lifters_t::divdw = + [ & ]( vm::devirt_t *rtn, const vm::instrs::code_block_t &vm_code_block, const vm::instrs::virt_instr_t &vinstr, + llvm::IRBuilder<> *ir_builder ) { + auto t1 = rtn->pop( 4 ); + auto t2 = rtn->pop( 4 ); + auto t3 = rtn->pop( 4 ); + ir_builder->CreateUDiv( t2, t3 ); + rtn->push( 4, t1 ); + rtn->push( 4, t2 ); + + auto &vmp_rtn = rtn->vmp_rtns.back(); + // TODO: compute flags... + rtn->push( 8, rtn->load_value( 8, vmp_rtn->flags ) ); + }; +} \ No newline at end of file diff --git a/src/lifters/imul.cpp b/src/lifters/imul.cpp index 74d60c2..506f54e 100644 --- a/src/lifters/imul.cpp +++ b/src/lifters/imul.cpp @@ -9,6 +9,8 @@ namespace vm llvm::IRBuilder<> *ir_builder ) { auto t1 = rtn->pop( 8 ); auto t2 = rtn->pop( 8 ); + + // TODO: this is wrong... still need to do some more research into this... auto t3 = ir_builder->CreateMul( t1, t2 ); auto t4 = ir_builder->CreateAShr( t3, llvm::APInt( 64, 32 ) ); auto t5 = ir_builder->CreateAnd( t3, 0xFFFFFFFF00000000 ); diff --git a/src/lifters/mul.cpp b/src/lifters/mul.cpp index 7fa5903..32f6618 100644 --- a/src/lifters/mul.cpp +++ b/src/lifters/mul.cpp @@ -2,5 +2,21 @@ namespace vm { + lifters_t::lifter_callback_t lifters_t::mulq = + [ & ]( vm::devirt_t *rtn, const vm::instrs::code_block_t &vm_code_block, const vm::instrs::virt_instr_t &vinstr, + llvm::IRBuilder<> *ir_builder ) { + auto t1 = rtn->pop( 8 ); + auto t2 = rtn->pop( 8 ); + // TODO: this is wrong... still need to do some more research into this... + auto t3 = ir_builder->CreateMul( t1, t2 ); + auto t4 = ir_builder->CreateAShr( t3, llvm::APInt( 64, 32 ) ); + auto t5 = ir_builder->CreateAnd( t3, 0xFFFFFFFF00000000 ); + rtn->push( 8, t4 ); + rtn->push( 8, t5 ); + + // TODO: compute flags for IMULQ + auto &vmp_rtn = rtn->vmp_rtns.back(); + rtn->push( 8, rtn->load_value( 8, vmp_rtn->flags ) ); + }; } \ No newline at end of file diff --git a/src/main.cpp b/src/main.cpp index 89f8f81..60f0e3c 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -60,6 +60,9 @@ int main( int argc, const char *argv[] ) for ( auto &[ vm_enter_offset, vmp2_code_blocks ] : virt_rtns ) { + if ( vmp2_code_blocks.empty() ) + continue; + if ( !vmp_devirt.lift( vm_enter_offset + file_header->image_base, vmp2_code_blocks ) ) { std::printf( "[!] failed to lift rtn_0x%p, please review the console...\n", @@ -67,6 +70,8 @@ int main( int argc, const char *argv[] ) return -1; } + + std::printf( "> lifted rtn_0x%p\n", vm_enter_offset + file_header->image_base ); } llvm::LLVMInitializeX86TargetInfo();