From e266d0fa8c4bf57cf8fe7127ef11d44952fac9b6 Mon Sep 17 00:00:00 2001 From: _xeroxz Date: Tue, 1 Jun 2021 15:11:51 -0700 Subject: [PATCH] added inverse transform code for virt instr rva --- dependencies/vmprofiler | 2 +- src/main.cpp | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/dependencies/vmprofiler b/dependencies/vmprofiler index 11d60b1..317dc46 160000 --- a/dependencies/vmprofiler +++ b/dependencies/vmprofiler @@ -1 +1 @@ -Subproject commit 11d60b144047eb8aa5ba4d1bbd029bdd95907662 +Subproject commit 317dc4673bb790c2dccb4d1b4d4dcbbf76b05a3c diff --git a/src/main.cpp b/src/main.cpp index a9d2d89..a33586a 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -116,6 +116,18 @@ int __cdecl main( int argc, const char *argv[] ) } std::printf( "> virtual instruction rva decryption instructions:\n" ); + for ( auto &transform : vinstr_rva_decrypt_instrs ) + { + std::printf( "\t" ); + vm::util::print( transform ); + } + std::printf( "> virtual instruction rva encryption instructions:\n" ); + if (!vm::transform::inverse_transforms(vinstr_rva_decrypt_instrs)) + { + std::printf( "> failed to inverse rva encryption instructions...\n" ); + return -1; + } + for ( auto &transform : vinstr_rva_decrypt_instrs ) { std::printf( "\t" ); @@ -130,6 +142,8 @@ int __cdecl main( int argc, const char *argv[] ) return -1; } + + if ( parser.exists( "showhandlers" ) ) { for ( auto idx = 0u; idx < vm_handlers.size(); ++idx )