You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
95 lines
3.1 KiB
95 lines
3.1 KiB
3 years ago
|
#include "qvm_handlers.h"
|
||
3 years ago
|
|
||
3 years ago
|
qvm_handlers::qvm_handlers( qvm_inspector *g_main_window )
|
||
|
: g_main_window( g_main_window ), ui( &g_main_window->ui )
|
||
3 years ago
|
{
|
||
3 years ago
|
connect( ui->virt_handlers_tree, &QTreeWidget::itemSelectionChanged, this, &qvm_handlers::on_select );
|
||
3 years ago
|
}
|
||
|
|
||
3 years ago
|
void qvm_handlers::update_transforms( vm::handler::handler_t &vm_handler )
|
||
3 years ago
|
{
|
||
|
char buffer[ 256 ];
|
||
|
ZydisFormatter formatter;
|
||
|
ZydisFormatterInit( &formatter, ZYDIS_FORMATTER_STYLE_INTEL );
|
||
|
|
||
|
ui->virt_handler_transforms_tree->clear();
|
||
|
const auto &vm_handler_transforms = vm_handler.transforms;
|
||
|
|
||
|
for ( auto [ transform_type, transform_instr ] : vm_handler_transforms )
|
||
|
{
|
||
|
if ( transform_type == vm::transform::type::generic0 && transform_instr.mnemonic == ZYDIS_MNEMONIC_INVALID )
|
||
|
continue;
|
||
|
|
||
3 years ago
|
auto new_transform_entry = new QTreeWidgetItem();
|
||
3 years ago
|
|
||
|
switch ( transform_type )
|
||
|
{
|
||
|
case vm::transform::type::rolling_key:
|
||
|
{
|
||
|
new_transform_entry->setText( 0, "Key Transform" );
|
||
|
break;
|
||
|
}
|
||
|
case vm::transform::type::generic0:
|
||
|
case vm::transform::type::generic1:
|
||
|
case vm::transform::type::generic2:
|
||
|
case vm::transform::type::generic3:
|
||
|
{
|
||
|
new_transform_entry->setText( 0, "Generic" );
|
||
|
break;
|
||
|
}
|
||
|
case vm::transform::type::update_key:
|
||
|
{
|
||
|
new_transform_entry->setText( 0, "Update Key" );
|
||
|
break;
|
||
|
}
|
||
|
default:
|
||
|
throw std::invalid_argument( "invalid transformation type..." );
|
||
|
}
|
||
|
|
||
|
ZydisFormatterFormatInstruction( &formatter, &transform_instr, buffer, sizeof( buffer ), NULL );
|
||
|
|
||
|
new_transform_entry->setText( 1, buffer );
|
||
|
ui->virt_handler_transforms_tree->addTopLevelItem( new_transform_entry );
|
||
|
}
|
||
|
}
|
||
|
|
||
3 years ago
|
void qvm_handlers::update_instrs( vm::handler::handler_t &vm_handler )
|
||
3 years ago
|
{
|
||
|
char buffer[ 256 ];
|
||
|
ZydisFormatter formatter;
|
||
|
ZydisFormatterInit( &formatter, ZYDIS_FORMATTER_STYLE_INTEL );
|
||
|
|
||
|
ui->virt_handler_instrs_tree->clear();
|
||
|
const auto &vm_handler_instrs = vm_handler.instrs;
|
||
|
|
||
|
// display vm handler instructions...
|
||
|
for ( const auto &instr : vm_handler_instrs )
|
||
|
{
|
||
3 years ago
|
auto new_instr = new QTreeWidgetItem();
|
||
3 years ago
|
new_instr->setText( 0, QString::number( ( instr.addr - g_main_window->module_base ) + g_main_window->img_base, 16 ) );
|
||
3 years ago
|
|
||
|
ZydisFormatterFormatInstruction( &formatter, &instr.instr, buffer, sizeof( buffer ),
|
||
3 years ago
|
( instr.addr - g_main_window->module_base ) + g_main_window->img_base );
|
||
3 years ago
|
|
||
|
new_instr->setText( 1, buffer );
|
||
|
ui->virt_handler_instrs_tree->addTopLevelItem( new_instr );
|
||
|
}
|
||
|
}
|
||
|
|
||
3 years ago
|
void qvm_handlers::on_select()
|
||
3 years ago
|
{
|
||
3 years ago
|
if ( ui->virt_handlers_tree->selectedItems().empty() )
|
||
|
return;
|
||
|
|
||
3 years ago
|
auto item = ui->virt_handlers_tree->selectedItems()[ 0 ];
|
||
|
|
||
|
if ( !item )
|
||
|
return;
|
||
|
|
||
3 years ago
|
if ( !g_main_window->g_vm_ctx )
|
||
3 years ago
|
return;
|
||
|
|
||
|
const auto handler_idx = item->data( 0, Qt::UserRole ).value< std::uint8_t >();
|
||
3 years ago
|
update_instrs( g_main_window->g_vm_ctx->vm_handlers[ handler_idx ] );
|
||
|
update_transforms( g_main_window->g_vm_ctx->vm_handlers[ handler_idx ] );
|
||
3 years ago
|
}
|