multi-vm
_xeroxz 4 years ago
parent b89b029504
commit f132d361e0

@ -85,10 +85,10 @@ namespace vm
}; };
} }
class tracer_t class hook_t
{ {
public: public:
explicit tracer_t( explicit hook_t(
u64 module_base, u64 module_base,
u64 image_base, u64 image_base,
decrypt_handler_t decrypt_handler, decrypt_handler_t decrypt_handler,
@ -112,7 +112,7 @@ namespace vm
const encrypt_handler_t encrypt_handler; const encrypt_handler_t encrypt_handler;
}; };
inline vm::tracer_t* g_vmctx = nullptr; inline vm::hook_t* g_vmctx = nullptr;
} }
extern "C" void vtrap_wrapper(vm::registers * regs, u8 handler_idx); extern "C" void vtrap_wrapper(vm::registers * regs, u8 handler_idx);

@ -1,72 +0,0 @@
#pragma once
#include "vmtracer.hpp"
namespace vmp2
{
enum class exec_type_t
{
forward,
backward
};
enum class version_t
{
invalid,
v1 = 0x101
};
struct file_header
{
u32 magic; // VMP2!
u64 epoch_time;
u64 module_base;
exec_type_t advancement;
version_t version;
u32 entry_count;
u32 entry_offset;
};
struct entry_t
{
u8 handler_idx;
u64 decrypt_key;
u64 vip;
union
{
struct
{
u64 r15;
u64 r14;
u64 r13;
u64 r12;
u64 r11;
u64 r10;
u64 r9;
u64 r8;
u64 rbp;
u64 rdi;
u64 rsi;
u64 rdx;
u64 rcx;
u64 rbx;
u64 rax;
u64 rflags;
};
u64 raw[16];
} regs;
union
{
u64 qword[0x28];
u8 raw[0x140];
} vregs;
union
{
u64 qword[0x20];
u8 raw[0x100];
} vsp;
};
}

@ -1,4 +1,4 @@
#include "vmtracer.hpp" #include "vmhook.hpp"
namespace vm namespace vm
{ {
@ -36,7 +36,7 @@ namespace vm
} }
} }
tracer_t::tracer_t( hook_t::hook_t(
u64 module_base, u64 module_base,
u64 image_base, u64 image_base,
decrypt_handler_t decrypt_handler, decrypt_handler_t decrypt_handler,
@ -67,29 +67,29 @@ namespace vm
&__vtrap) - module_base) + image_base); &__vtrap) - module_base) + image_base);
} }
u64 tracer_t::encrypt(u64 val) const u64 hook_t::encrypt(u64 val) const
{ {
return encrypt_handler(val); return encrypt_handler(val);
} }
u64 tracer_t::decrypt(u64 val) const u64 hook_t::decrypt(u64 val) const
{ {
return decrypt_handler(val); return decrypt_handler(val);
} }
void tracer_t::set_trap(u64 val) const void hook_t::set_trap(u64 val) const
{ {
for (auto idx = 0u; idx < 256; ++idx) for (auto idx = 0u; idx < 256; ++idx)
handler_table->set_entry(idx, val); handler_table->set_entry(idx, val);
} }
void tracer_t::start() const void hook_t::start() const
{ {
for (auto idx = 0u; idx < 256; ++idx) for (auto idx = 0u; idx < 256; ++idx)
handler_table->set_entry(idx, vtrap_encrypted); handler_table->set_entry(idx, vtrap_encrypted);
} }
void tracer_t::stop() const void hook_t::stop() const
{ {
for (auto idx = 0u; idx < 256; ++idx) for (auto idx = 0u; idx < 256; ++idx)
{ {

@ -24,7 +24,7 @@
<ProjectGuid>{D257C9F6-C705-49D5-84ED-64C9C513C419}</ProjectGuid> <ProjectGuid>{D257C9F6-C705-49D5-84ED-64C9C513C419}</ProjectGuid>
<RootNamespace>vmtracer</RootNamespace> <RootNamespace>vmtracer</RootNamespace>
<WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion> <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
<ProjectName>vmtracer</ProjectName> <ProjectName>vmhook</ProjectName>
</PropertyGroup> </PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" /> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration"> <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
@ -143,7 +143,7 @@
</Link> </Link>
</ItemDefinitionGroup> </ItemDefinitionGroup>
<ItemGroup> <ItemGroup>
<ClCompile Include="vmtracer.cpp" /> <ClCompile Include="vmhook.cpp" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<MASM Include="vtrap.asm"> <MASM Include="vtrap.asm">
@ -151,8 +151,7 @@
</MASM> </MASM>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<ClInclude Include="..\include\vmp2.hpp" /> <ClInclude Include="..\include\vmhook.hpp" />
<ClInclude Include="..\include\vmtracer.hpp" />
</ItemGroup> </ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets"> <ImportGroup Label="ExtensionTargets">

@ -10,22 +10,19 @@
<Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions> <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
</Filter> </Filter>
</ItemGroup> </ItemGroup>
<ItemGroup>
<ClCompile Include="vmtracer.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup> <ItemGroup>
<MASM Include="vtrap.asm"> <MASM Include="vtrap.asm">
<Filter>Source Files</Filter> <Filter>Source Files</Filter>
</MASM> </MASM>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<ClInclude Include="..\include\vmp2.hpp"> <ClInclude Include="..\include\vmhook.hpp">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="..\include\vmtracer.hpp">
<Filter>Header Files</Filter> <Filter>Header Files</Filter>
</ClInclude> </ClInclude>
</ItemGroup> </ItemGroup>
<ItemGroup>
<ClCompile Include="vmhook.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
</Project> </Project>
Loading…
Cancel
Save