updated deps as well as added --devirt option...

merge-requests/3/head
_xeroxz 4 years ago
parent 44095eedda
commit 6022154a55

@ -1 +1 @@
Subproject commit 2d3b22a7acf5edba40cff6ef6432ee523ce599fb
Subproject commit 28e50e7b0c425f078d9b4ced850435616852ec4e

@ -1,7 +1,9 @@
#define NOMINMAX
#include <Windows.h>
#include <filesystem>
#include <fstream>
#include <iostream>
#include <vtil/vtil>
#include <ZydisExportConfig.h>
#include <cli-parser.hpp>
@ -24,6 +26,9 @@ int __cdecl main( int argc, const char *argv[] )
.name( "--showblockinstrs" )
.description( "show the virtual instructions of a specific code block..." );
parser.add_argument().name( "--showallblocks" ).description( "shows all information for all code blocks..." );
parser.add_argument()
.name( "--devirt" )
.description( "lift to VTIL IR and apply optimizations, then display the output..." );
parser.enable_help();
auto err = parser.parse( argc, argv );
@ -180,6 +185,61 @@ int __cdecl main( int argc, const char *argv[] )
}
}
if ( parser.exists( "devirt" ) )
{
vtil::basic_block *rtn = nullptr;
for ( auto [ code_block, code_block_num ] = std::tuple{ first_block, 0u };
code_block_num < file_header->code_block_count;
code_block = reinterpret_cast< vmp2::v3::code_block_t * >(
reinterpret_cast< std::uintptr_t >( code_block ) + code_block->next_block_offset ),
++code_block_num )
{
rtn = rtn ? rtn->fork(
ABS_TO_IMG( code_block->vip_begin, file_header->module_base, file_header->image_base ) )
: vtil::basic_block::begin(
ABS_TO_IMG( code_block->vip_begin, file_header->module_base, file_header->image_base ) );
for ( auto idx = 0u; idx < code_block->vinstr_count; ++idx )
{
auto vinstr = &code_block->vinstr[ idx ];
if ( vinstr->mnemonic_t == vm::handler::INVALID )
{
std::printf(
"> unable to lift to VTIL... unknown virtual instruction handler #%d... "
"please define a vm handler profile for this virtual instruction and try again..."
" you can also create your first contribution to this open source project by submitting"
" a merge request with your changes! :)\n",
vinstr->opcode );
return -1;
}
const auto result = std::find_if(
vm::lifters::all.begin(), vm::lifters::all.end(),
[ & ]( vm::lifters::lifter_t *lifter ) -> bool { return lifter->first == vinstr->mnemonic_t; } );
if ( result == vm::lifters::all.end() )
{
std::printf(
"> unable to lift to VTIL... unknown virtual instruction handler lifter for #%d... "
"please define a vm handler lifter for this vm handler and try again..."
" you can also create your first contribution to this open source project by submitting"
" a merge request with your changes! :)\n",
vinstr->opcode );
return -1;
}
// lift the virtual instruction...
( *result )->second( rtn, vinstr );
}
}
vtil::optimizer::apply_all( rtn );
vtil::debug::dump( rtn );
return {};
}
if ( parser.exists( "showblockinstrs" ) )
{
const auto block_img_addr = parser.get< std::string >( "showblockinstrs" );

@ -33,7 +33,7 @@
<PropertyGroup Label="UserMacros" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<LinkIncremental>false</LinkIncremental>
<IncludePath>$(ProjectDir)dependencies\vmprofiler\include\;$(ProjectDir)dependencies\vmprofiler\dependencies\zydis\include;$(ProjectDir)dependencies\vmprofiler\dependencies\zydis\msvc;$(ProjectDir)dependencies\vmprofiler\dependencies\zydis\dependencies\zycore\include;$(ProjectDir)dependencies\cli-parser\;$(ProjectDir)dependencies\xtils\;$(IncludePath)</IncludePath>
<IncludePath>$(ProjectDir)dependencies\vmprofiler\include\;$(ProjectDir)dependencies\vmprofiler\dependencies\zydis\include;$(ProjectDir)dependencies\vmprofiler\dependencies\zydis\msvc;$(ProjectDir)dependencies\vmprofiler\dependencies\zydis\dependencies\zycore\include;$(ProjectDir)dependencies\cli-parser\;$(ProjectDir)dependencies\xtils\;$(ProjectDir)dependencies\vmprofiler\dependencies\vtil\VTIL\includes\;$(ProjectDir)dependencies\vmprofiler\dependencies\vtil\VTIL-Architecture\includes\;$(ProjectDir)dependencies\vmprofiler\dependencies\vtil\VTIL-Common\includes\;$(ProjectDir)dependencies\vmprofiler\dependencies\vtil\VTIL-Compiler\includes\;$(ProjectDir)dependencies\vmprofiler\dependencies\vtil\VTIL-SymEx\includes\;$(ProjectDir)dependencies\vmprofiler\dependencies\vtil\dependencies\capstone\include;$(ProjectDir)dependencies\vmprofiler\dependencies\vtil\dependencies\keystone\include;$(IncludePath)</IncludePath>
</PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
@ -45,6 +45,7 @@
<ConformanceMode>true</ConformanceMode>
<LanguageStandard>stdcpplatest</LanguageStandard>
<Optimization>Disabled</Optimization>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
@ -52,9 +53,14 @@
<OptimizeReferences>true</OptimizeReferences>
<GenerateDebugInformation>true</GenerateDebugInformation>
<AdditionalDependencies>$(ProjectDir)..\libs\*;%(AdditionalDependencies)</AdditionalDependencies>
<StackReserveSize>4194304 </StackReserveSize>
<StackCommitSize>4194304</StackCommitSize>
</Link>
</ItemDefinitionGroup>
<ItemGroup>
<ProjectReference Include="dependencies\vmprofiler\dependencies\vtil\VTIL\VTIL.vcxproj">
<Project>{8163e74c-dde4-4507-bd3d-064cd95ff33b}</Project>
</ProjectReference>
<ProjectReference Include="dependencies\vmprofiler\dependencies\zydis\msvc\zydis\Zydis.vcxproj">
<Project>{88a23124-5640-35a0-b890-311d7a67a7d2}</Project>
</ProjectReference>

@ -205,9 +205,6 @@
<ClInclude Include="dependencies\vmprofiler\include\vmprofiles.hpp">
<Filter>Header Files\vmprofiler</Filter>
</ClInclude>
<ClInclude Include="dependencies\vmprofiler\include\vmutils.hpp">
<Filter>Header Files\vmprofiler</Filter>
</ClInclude>
<ClInclude Include="dependencies\vmprofiler\include\vmlifters.hpp">
<Filter>Header Files\vmprofiler</Filter>
</ClInclude>

Loading…
Cancel
Save