You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
160 lines
8.6 KiB
160 lines
8.6 KiB
4 years ago
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
|
||
|
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
|
||
|
<meta name="generator" content="Doxygen 1.9.1"/>
|
||
|
<meta name="viewport" content="width=device-width, initial-scale=1"/>
|
||
|
<title>VMProfiler: vm::calc_jmp Namespace Reference</title>
|
||
|
<link href="tabs.css" rel="stylesheet" type="text/css"/>
|
||
|
<script type="text/javascript" src="jquery.js"></script>
|
||
|
<script type="text/javascript" src="dynsections.js"></script>
|
||
|
<link href="search/search.css" rel="stylesheet" type="text/css"/>
|
||
|
<script type="text/javascript" src="search/searchdata.js"></script>
|
||
|
<script type="text/javascript" src="search/search.js"></script>
|
||
|
<link href="doxygen.css" rel="stylesheet" type="text/css" />
|
||
|
</head>
|
||
|
<body>
|
||
|
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
|
||
|
<div id="titlearea">
|
||
|
<table cellspacing="0" cellpadding="0">
|
||
|
<tbody>
|
||
|
<tr style="height: 56px;">
|
||
|
<td id="projectlogo"><img alt="Logo" src="icon.png"/></td>
|
||
|
<td id="projectalign" style="padding-left: 0.5em;">
|
||
|
<div id="projectname">VMProfiler
|
||
|
 <span id="projectnumber">v1.8</span>
|
||
|
</div>
|
||
|
<div id="projectbrief">vmprofiler is a c++ library which is used to statically analyze VMProtect 2 polymorphic virtual machines. This project is inherited in vmprofiler-qt, vmprofiler-cli, and vmemu.</div>
|
||
|
</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<!-- end header part -->
|
||
|
<!-- Generated by Doxygen 1.9.1 -->
|
||
|
<script type="text/javascript">
|
||
|
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-v2 */
|
||
|
var searchBox = new SearchBox("searchBox", "search",false,'Search','.html');
|
||
|
/* @license-end */
|
||
|
</script>
|
||
|
<script type="text/javascript" src="menudata.js"></script>
|
||
|
<script type="text/javascript" src="menu.js"></script>
|
||
|
<script type="text/javascript">
|
||
|
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&dn=gpl-2.0.txt GPL-v2 */
|
||
|
$(function() {
|
||
|
initMenu('',true,false,'search.php','Search');
|
||
|
$(document).ready(function() { init_search(); });
|
||
|
});
|
||
|
/* @license-end */</script>
|
||
|
<div id="main-nav"></div>
|
||
|
<!-- window showing the filter options -->
|
||
|
<div id="MSearchSelectWindow"
|
||
|
onmouseover="return searchBox.OnSearchSelectShow()"
|
||
|
onmouseout="return searchBox.OnSearchSelectHide()"
|
||
|
onkeydown="return searchBox.OnSearchSelectKey(event)">
|
||
|
</div>
|
||
|
|
||
|
<!-- iframe showing the search results (closed by default) -->
|
||
|
<div id="MSearchResultsWindow">
|
||
|
<iframe src="javascript:void(0)" frameborder="0"
|
||
|
name="MSearchResults" id="MSearchResults">
|
||
|
</iframe>
|
||
|
</div>
|
||
|
|
||
|
<div id="nav-path" class="navpath">
|
||
|
<ul>
|
||
|
<li class="navelem"><a class="el" href="namespacevm.html">vm</a></li><li class="navelem"><a class="el" href="namespacevm_1_1calc__jmp.html">calc_jmp</a></li> </ul>
|
||
|
</div>
|
||
|
</div><!-- top -->
|
||
|
<div class="header">
|
||
|
<div class="summary">
|
||
|
<a href="#func-members">Functions</a> </div>
|
||
|
<div class="headertitle">
|
||
|
<div class="title">vm::calc_jmp Namespace Reference</div> </div>
|
||
|
</div><!--header-->
|
||
|
<div class="contents">
|
||
|
<table class="memberdecls">
|
||
|
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a>
|
||
|
Functions</h2></td></tr>
|
||
|
<tr class="memitem:a20adb0aacf7a4ccf90484540c8004a30"><td class="memItemLeft" align="right" valign="top">bool </td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1calc__jmp.html#a20adb0aacf7a4ccf90484540c8004a30">get</a> (<a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &vm_entry, <a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &calc_jmp)</td></tr>
|
||
|
<tr class="memdesc:a20adb0aacf7a4ccf90484540c8004a30"><td class="mdescLeft"> </td><td class="mdescRight">extracts <a class="el" href="namespacevm_1_1calc__jmp.html">calc_jmp</a> out of vm_entry... you can learn about <a class="el" href="namespacevm_1_1calc__jmp.html">calc_jmp</a> <a href="https://back.engineering/17/05/2021/#calc_jmp">here</a>. <a href="namespacevm_1_1calc__jmp.html#a20adb0aacf7a4ccf90484540c8004a30">More...</a><br /></td></tr>
|
||
|
<tr class="separator:a20adb0aacf7a4ccf90484540c8004a30"><td class="memSeparator" colspan="2"> </td></tr>
|
||
|
<tr class="memitem:a963e598b01968c61ef992a9c7235cf8e"><td class="memItemLeft" align="right" valign="top">std::optional< <a class="el" href="namespacevmp2.html#ab2b6fa03f63a776a5c68007f89b140b5">vmp2::exec_type_t</a> > </td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1calc__jmp.html#a963e598b01968c61ef992a9c7235cf8e">get_advancement</a> (const <a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &calc_jmp)</td></tr>
|
||
|
<tr class="memdesc:a963e598b01968c61ef992a9c7235cf8e"><td class="mdescLeft"> </td><td class="mdescRight">gets the advancement of the virtual instruction pointer... iterates over <a class="el" href="namespacevm_1_1calc__jmp.html">calc_jmp</a> for LEA, MOV, INC, DEC, SUB, ADD, ETC instructions and then decides which way VIP advances based upon this information... <a href="namespacevm_1_1calc__jmp.html#a963e598b01968c61ef992a9c7235cf8e">More...</a><br /></td></tr>
|
||
|
<tr class="separator:a963e598b01968c61ef992a9c7235cf8e"><td class="memSeparator" colspan="2"> </td></tr>
|
||
|
</table>
|
||
|
<h2 class="groupheader">Function Documentation</h2>
|
||
|
<a id="a20adb0aacf7a4ccf90484540c8004a30"></a>
|
||
|
<h2 class="memtitle"><span class="permalink"><a href="#a20adb0aacf7a4ccf90484540c8004a30">◆ </a></span>get()</h2>
|
||
|
|
||
|
<div class="memitem">
|
||
|
<div class="memproto">
|
||
|
<table class="memname">
|
||
|
<tr>
|
||
|
<td class="memname">bool vm::calc_jmp::get </td>
|
||
|
<td>(</td>
|
||
|
<td class="paramtype"><a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> & </td>
|
||
|
<td class="paramname"><em>vm_entry</em>, </td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td class="paramkey"></td>
|
||
|
<td></td>
|
||
|
<td class="paramtype"><a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> & </td>
|
||
|
<td class="paramname"><em>calc_jmp</em> </td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td></td>
|
||
|
<td>)</td>
|
||
|
<td></td><td></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</div><div class="memdoc">
|
||
|
|
||
|
<p>extracts <a class="el" href="namespacevm_1_1calc__jmp.html">calc_jmp</a> out of vm_entry... you can learn about <a class="el" href="namespacevm_1_1calc__jmp.html">calc_jmp</a> <a href="https://back.engineering/17/05/2021/#calc_jmp">here</a>. </p>
|
||
|
<dl class="params"><dt>Parameters</dt><dd>
|
||
|
<table class="params">
|
||
|
<tr><td class="paramname">vm_entry</td><td>pass by reference vm entry...</td></tr>
|
||
|
<tr><td class="paramname"><a class="el" href="namespacevm_1_1calc__jmp.html">calc_jmp</a></td><td>zydis_routine_t filled up with native instructions by this routine...</td></tr>
|
||
|
</table>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl class="section return"><dt>Returns</dt><dd>returns truee if no errors happen...</dd></dl>
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
<a id="a963e598b01968c61ef992a9c7235cf8e"></a>
|
||
|
<h2 class="memtitle"><span class="permalink"><a href="#a963e598b01968c61ef992a9c7235cf8e">◆ </a></span>get_advancement()</h2>
|
||
|
|
||
|
<div class="memitem">
|
||
|
<div class="memproto">
|
||
|
<table class="memname">
|
||
|
<tr>
|
||
|
<td class="memname">std::optional< <a class="el" href="namespacevmp2.html#ab2b6fa03f63a776a5c68007f89b140b5">vmp2::exec_type_t</a> > vm::calc_jmp::get_advancement </td>
|
||
|
<td>(</td>
|
||
|
<td class="paramtype">const <a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> & </td>
|
||
|
<td class="paramname"><em>calc_jmp</em></td><td>)</td>
|
||
|
<td></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</div><div class="memdoc">
|
||
|
|
||
|
<p>gets the advancement of the virtual instruction pointer... iterates over <a class="el" href="namespacevm_1_1calc__jmp.html">calc_jmp</a> for LEA, MOV, INC, DEC, SUB, ADD, ETC instructions and then decides which way VIP advances based upon this information... </p>
|
||
|
<dl class="params"><dt>Parameters</dt><dd>
|
||
|
<table class="params">
|
||
|
<tr><td class="paramname"><a class="el" href="namespacevm_1_1calc__jmp.html">calc_jmp</a></td><td></td></tr>
|
||
|
</table>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl class="section return"><dt>Returns</dt><dd></dd></dl>
|
||
|
|
||
|
</div>
|
||
|
</div>
|
||
|
</div><!-- contents -->
|
||
|
<!-- start footer part -->
|
||
|
<hr class="footer"/><address class="footer"><small>
|
||
|
Generated by <a href="https://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.9.1
|
||
|
</small></address>
|
||
|
</body>
|
||
|
</html>
|