vmp2
/
vmprofiler-qt
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cleaned the code some more... added some code for the new tab...

Browse Source
merge-requests/5/head
_xeroxz 3 years ago
parent e7e8433681
commit 82f17aba3a
12 changed files with 126 additions and 43 deletions
Show Stats Download Patch File Download Diff File

18
CMakeLists.txt
Unescape View File

@ -59,22 +59,24 @@ set(vmprofiler-qt_SOURCES "")
list(APPEND vmprofiler-qt_SOURCES list(APPEND vmprofiler-qt_SOURCES
"src/qvminspector.ui" "src/qvminspector.ui"
"src/qvminspector.qrc" "src/qvminspector.qrc"
"src/qvminspector.cpp" "src/QVMInspector.cpp"
"src/qvirt_instrs.cpp" "src/QVirtualMachineHandlers.cpp"
"src/qvirt_handlers.cpp" "src/QVirtualMachineInstructions.cpp"
"src/main.cpp" "src/QVirtualRoutines.cpp"
"src/qvirt_handlers.h"
"src/qvirt_instrs.h"
"src/qvminspector.h"
"src/icon.rc"
"src/darkstyle/DarkStyle.cpp" "src/darkstyle/DarkStyle.cpp"
"src/darkstyle/framelesswindow/framelesswindow.cpp" "src/darkstyle/framelesswindow/framelesswindow.cpp"
"src/darkstyle/framelesswindow/windowdragger.cpp" "src/darkstyle/framelesswindow/windowdragger.cpp"
"src/darkstyle/mainwindow.cpp" "src/darkstyle/mainwindow.cpp"
"src/main.cpp"
"src/QVMInspector.h"
"src/QVirtualMachineHandlers.h"
"src/QVirtualMachineInstructions.h"
"src/QVirtualRoutines.h"
"src/darkstyle/DarkStyle.h" "src/darkstyle/DarkStyle.h"
"src/darkstyle/framelesswindow/framelesswindow.h" "src/darkstyle/framelesswindow/framelesswindow.h"
"src/darkstyle/framelesswindow/windowdragger.h" "src/darkstyle/framelesswindow/windowdragger.h"
"src/darkstyle/mainwindow.h" "src/darkstyle/mainwindow.h"
"src/icon.rc"
"src/darkstyle/mainwindow.ui" "src/darkstyle/mainwindow.ui"
"src/darkstyle/framelesswindow.qrc" "src/darkstyle/framelesswindow.qrc"
"src/darkstyle/framelesswindow/framelesswindow.ui" "src/darkstyle/framelesswindow/framelesswindow.ui"

9
cmake.toml
Unescape View File

@ -19,14 +19,9 @@ compile-features = ["cxx_std_20"]
sources = [ sources = [
"src/qvminspector.ui", "src/qvminspector.ui",
"src/qvminspector.qrc", "src/qvminspector.qrc",
"src/qvminspector.cpp", "src/**.cpp",
"src/qvirt_instrs.cpp", "src/**.h",
"src/qvirt_handlers.cpp",
"src/main.cpp",
"src/*.h",
"src/icon.rc", "src/icon.rc",
"src/darkstyle/**.cpp",
"src/darkstyle/**.h",
"src/darkstyle/mainwindow.ui", "src/darkstyle/mainwindow.ui",
"src/darkstyle/framelesswindow.qrc", "src/darkstyle/framelesswindow.qrc",
"src/darkstyle/framelesswindow/framelesswindow.ui", "src/darkstyle/framelesswindow/framelesswindow.ui",

8
src/qvirt_handlers.cpp → src/QVirtualMachineHandlers.cpp
Unescape View File

@ -1,4 +1,4 @@
#include "qvirt_handlers.h" #include "QVirtualMachineHandlers.h"
QVirtualMachineHandlers::QVirtualMachineHandlers( QVMInspector *MainWindow ) QVirtualMachineHandlers::QVirtualMachineHandlers( QVMInspector *MainWindow )
: MainWindow( MainWindow ), ui( &MainWindow->ui ) : MainWindow( MainWindow ), ui( &MainWindow->ui )
@ -86,10 +86,10 @@ void QVirtualMachineHandlers::OnSelect()
if ( !item ) if ( !item )
return; return;
if ( !MainWindow->vmctx ) if ( !MainWindow->g_vm_ctx )
return; return;
const auto handler_idx = item->data( 0, Qt::UserRole ).value< std::uint8_t >(); const auto handler_idx = item->data( 0, Qt::UserRole ).value< std::uint8_t >();
UpdateInstrs( MainWindow->vmctx->vm_handlers[ handler_idx ] ); UpdateInstrs( MainWindow->g_vm_ctx->vm_handlers[ handler_idx ] );
UpdateTransforms( MainWindow->vmctx->vm_handlers[ handler_idx ] ); UpdateTransforms( MainWindow->g_vm_ctx->vm_handlers[ handler_idx ] );
} }

3
src/qvirt_handlers.h → src/QVirtualMachineHandlers.h
Unescape View File

@ -1,6 +1,5 @@
#pragma once #pragma once
#define NOMINMAX #include "QVMInspector.h"
#include "qvminspector.h"
class QVirtualMachineHandlers : public QObject class QVirtualMachineHandlers : public QObject
{ {

6
src/qvirt_instrs.cpp → src/QVirtualMachineInstructions.cpp
Unescape View File

@ -1,4 +1,4 @@
#include "qvirt_instrs.h" #include "QVirtualMachineInstructions.h"
QVirtualMachineInstructions::QVirtualMachineInstructions( QVMInspector *MainWindow ) QVirtualMachineInstructions::QVirtualMachineInstructions( QVMInspector *MainWindow )
: MainWindow( MainWindow ), ui( &MainWindow->ui ) : MainWindow( MainWindow ), ui( &MainWindow->ui )
@ -94,7 +94,7 @@ void QVirtualMachineInstructions::UpdateVMHandlerInfo( vm::instrs::virt_instr_t
ZydisFormatterInit( &formatter, ZYDIS_FORMATTER_STYLE_INTEL ); ZydisFormatterInit( &formatter, ZYDIS_FORMATTER_STYLE_INTEL );
ui->vm_handler_instrs->clear(); ui->vm_handler_instrs->clear();
const auto &vm_handler_instrs = MainWindow->vmctx->vm_handlers[ virt_instr->opcode ].instrs; const auto &vm_handler_instrs = MainWindow->g_vm_ctx->vm_handlers[ virt_instr->opcode ].instrs;
// display vm handler instructions... // display vm handler instructions...
for ( const auto &instr : vm_handler_instrs ) for ( const auto &instr : vm_handler_instrs )
@ -111,7 +111,7 @@ void QVirtualMachineInstructions::UpdateVMHandlerInfo( vm::instrs::virt_instr_t
// display vm handler transformations... // display vm handler transformations...
ui->vm_handler_transforms->clear(); ui->vm_handler_transforms->clear();
const auto &vm_handler_transforms = MainWindow->vmctx->vm_handlers[ virt_instr->opcode ].transforms; const auto &vm_handler_transforms = MainWindow->g_vm_ctx->vm_handlers[ virt_instr->opcode ].transforms;
for ( auto [ transform_type, transform_instr ] : vm_handler_transforms ) for ( auto [ transform_type, transform_instr ] : vm_handler_transforms )
{ {

3
src/qvirt_instrs.h → src/QVirtualMachineInstructions.h
Unescape View File

@ -1,6 +1,5 @@
#pragma once #pragma once
#define NOMINMAX #include "QVMInspector.h"
#include "qvminspector.h"
class QVirtualMachineInstructions : public QObject class QVirtualMachineInstructions : public QObject
{ {

66
src/QVirtualRoutines.cpp
Unescape View File

@ -0,0 +1,66 @@
#include "QVirtualRoutines.h"
QVirtualRoutines::QVirtualRoutines( QVMInspector *MainWindow ) : MainWindow( MainWindow ), ui( &MainWindow->ui )
{
connect( ui->virtual_machine_enters, &QTreeWidget::itemSelectionChanged, this, &QVirtualRoutines::OnSelect );
}
void QVirtualRoutines::UpdateVirtualMachineEnter( vm::ctx_t *g_vm_ctx )
{
char buffer[ 256 ];
ZydisFormatter formatter;
ZydisFormatterInit( &formatter, ZYDIS_FORMATTER_STYLE_INTEL );
ui->virtual_machine_enter_instrs->clear();
for ( auto [ instr, raw, addr ] : g_vm_ctx->vm_entry )
{
ZydisFormatterFormatInstruction( &formatter, &instr, buffer, sizeof( buffer ), addr );
auto newItem = new QTreeWidgetItem();
newItem->setText( 0, QString::number( addr, 16 ) );
newItem->setText( 1, buffer );
ui->virtual_machine_enter_instrs->addTopLevelItem( newItem );
}
}
void QVirtualRoutines::UpdateCalcJmp( vm::ctx_t *g_vm_ctx )
{
char buffer[ 256 ];
ZydisFormatter formatter;
ZydisFormatterInit( &formatter, ZYDIS_FORMATTER_STYLE_INTEL );
ui->virtual_machine_enter_calc_jmp->clear();
for ( auto [ instr, raw, addr ] : g_vm_ctx->calc_jmp )
{
ZydisFormatterFormatInstruction( &formatter, &instr, buffer, sizeof( buffer ), addr );
auto newItem = new QTreeWidgetItem();
newItem->setText( 0, QString::number( addr, 16 ) );
newItem->setText( 1, buffer );
ui->virtual_machine_enter_calc_jmp->addTopLevelItem( newItem );
}
}
void QVirtualRoutines::OnSelect()
{
if ( ui->virtual_machine_enters->selectedItems().empty() )
return;
if ( MainWindow->g_vm_ctx )
delete MainWindow->g_vm_ctx;
auto item = ui->virtual_machine_enters->selectedItems()[ 0 ];
if ( !item )
return;
auto EntryRva = item->data( 0, Qt::UserRole ).value< std::uint32_t >();
MainWindow->g_vm_ctx = new vm::ctx_t( MainWindow->ModuleBase, MainWindow->ImgBase, MainWindow->ImgSize, EntryRva );
if ( !MainWindow->g_vm_ctx->init() )
{
MainWindow->DbgMsg( "[!] failed to init vm::ctx_t...\n" );
return;
}
UpdateVirtualMachineEnter( MainWindow->g_vm_ctx );
UpdateCalcJmp( MainWindow->g_vm_ctx );
}

18
src/QVirtualRoutines.h
Unescape View File

@ -0,0 +1,18 @@
#pragma once
#include "QVMInspector.h"
class QVirtualRoutines : public QObject
{
Q_OBJECT
public:
explicit QVirtualRoutines( QVMInspector *MainWindow );
private:
Ui::QVMProfilerClass *ui;
QVMInspector *MainWindow;
void UpdateVirtualMachineEnter(vm::ctx_t* g_vm_ctx);
void UpdateCalcJmp( vm::ctx_t *g_vm_ctx );
private slots:
void OnSelect();
};

23
src/main.cpp
Unescape View File

@ -3,23 +3,26 @@
#include <QTextStream> #include <QTextStream>
#include <QtWidgets/QApplication> #include <QtWidgets/QApplication>
#include "QVMInspector.h"
#include "QVirtualMachineHandlers.h"
#include "QVirtualMachineInstructions.h"
#include "QVirtualRoutines.h"
#include "darkstyle/DarkStyle.h" #include "darkstyle/DarkStyle.h"
#include "darkstyle/framelesswindow/framelesswindow.h" #include "darkstyle/framelesswindow/framelesswindow.h"
#include "qvirt_handlers.h"
#include "qvirt_instrs.h"
#include "qvminspector.h"
int WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd ) int WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd )
{ {
QApplication app( __argc, __argv ); QApplication app( __argc, __argv );
QApplication::setStyle( new DarkStyle ); QApplication::setStyle( new DarkStyle );
FramelessWindow frameless_window; FramelessWindow FW;
const auto window = new QVMInspector;
QVirtualMachineInstructions virt_instr( window );
QVirtualMachineHandlers virt_handlers( window );
frameless_window.setContent( window ); const auto MainWindow = new QVMInspector;
frameless_window.setWindowIcon( QIcon( "icon.ico" ) ); QVirtualMachineInstructions VirtInstrsPanel( MainWindow );
frameless_window.show(); QVirtualMachineHandlers VirtHandlerPanel( MainWindow );
QVirtualRoutines VirtualRoutinesPanel( MainWindow );
FW.setContent( MainWindow );
FW.setWindowIcon( QIcon( "icon.ico" ) );
FW.show();
return app.exec(); return app.exec();
} }

5
src/qvminspector.cpp
Unescape View File

@ -1,6 +1,6 @@
#include "qvminspector.h" #include "QVMInspector.h"
QVMInspector::QVMInspector( QWidget *parent ) : QMainWindow( parent ), FileHeader( nullptr ), vmctx( nullptr ) QVMInspector::QVMInspector( QWidget *parent ) : QMainWindow( parent ), FileHeader( nullptr ), g_vm_ctx( nullptr )
{ {
ui.setupUi( this ); ui.setupUi( this );
ui.virt_instrs->setColumnWidth( 0, 180 ); ui.virt_instrs->setColumnWidth( 0, 180 );
@ -124,6 +124,7 @@ void QVMInspector::UpdateUI()
new_item->setText( 0, QString( "rtn_%1" ).arg( rtn_rva + FileHeader->ImgBase, 0, 16 ) ); new_item->setText( 0, QString( "rtn_%1" ).arg( rtn_rva + FileHeader->ImgBase, 0, 16 ) );
new_item->setText( 1, QString( "%1" ).arg( rtn_rva + FileHeader->ImgBase, 0, 16 ) ); new_item->setText( 1, QString( "%1" ).arg( rtn_rva + FileHeader->ImgBase, 0, 16 ) );
new_item->setText( 2, QString( "%1" ).arg( rtn_blks.size() ) ); new_item->setText( 2, QString( "%1" ).arg( rtn_blks.size() ) );
new_item->setData( 0, Qt::UserRole, QVariant( rtn_rva ) );
std::for_each( rtn_blks.begin(), rtn_blks.end(), [ & ]( vm::instrs::code_block_t &code_blk ) { std::for_each( rtn_blks.begin(), rtn_blks.end(), [ & ]( vm::instrs::code_block_t &code_blk ) {
auto new_child = new QTreeWidgetItem(); auto new_child = new QTreeWidgetItem();

4
src/qvminspector.h
Unescape View File

@ -1,5 +1,4 @@
#pragma once #pragma once
#define NOMINMAX
#include <QtWidgets/QFileDialog> #include <QtWidgets/QFileDialog>
#include <QtWidgets/QInputDialog.h> #include <QtWidgets/QInputDialog.h>
#include <QtWidgets/QMainWindow> #include <QtWidgets/QMainWindow>
@ -29,6 +28,7 @@ class QVMInspector : public QMainWindow
{ {
friend class QVirtualMachineInstructions; friend class QVirtualMachineInstructions;
friend class QVirtualMachineHandlers; friend class QVirtualMachineHandlers;
friend class QVirtualRoutines;
Q_OBJECT Q_OBJECT
public: public:
QVMInspector( QWidget *parent = Q_NULLPTR ); QVMInspector( QWidget *parent = Q_NULLPTR );
@ -48,7 +48,7 @@ class QVMInspector : public QMainWindow
QString file_path; QString file_path;
std::uint64_t ImgBase, ModuleBase, ImgSize; std::uint64_t ImgBase, ModuleBase, ImgSize;
vm::ctx_t *vmctx; vm::ctx_t *g_vm_ctx;
vmp2::v4::FileHeader *FileHeader; vmp2::v4::FileHeader *FileHeader;
std::vector< rtn_data_t > VirtRtns; std::vector< rtn_data_t > VirtRtns;

6
src/qvminspector.ui
Unescape View File

@ -6,8 +6,8 @@
<rect> <rect>
<x>0</x> <x>0</x>
<y>0</y> <y>0</y>
<width>1414</width> <width>1089</width>
<height>1093</height> <height>849</height>
</rect> </rect>
</property> </property>
<property name="acceptDrops"> <property name="acceptDrops">
@ -703,7 +703,7 @@
<rect> <rect>
<x>0</x> <x>0</x>
<y>0</y> <y>0</y>
<width>1414</width> <width>1089</width>
<height>21</height> <height>21</height>
</rect> </rect>
</property> </property>

Write Preview
Loading…
Cancel
Save