working on readme's and new profiles...

merge-requests/13/head
_xeroxz 4 years ago
parent c1cc281a07
commit a0dca0bc5b

@ -0,0 +1,3 @@
# Introduction
This page contains the steps needed to add additional VMProtect 2 virtual instruction profiles to VMProfiler. Understand that these instructions are for version 1.8 and may be different in later versions.

@ -117,6 +117,63 @@ vm::util::print( vmctx.vm_entry );
> 0x00007FF7911A7954 jmp rdx > 0x00007FF7911A7954 jmp rdx
``` ```
You can also loop through all vm handlers easily. Below is an example of looping through the vm handler vector inside of `vm::ctx_t::vm_handlers`.
```cpp
for ( auto idx = 0u; idx < vmctx.vm_handlers.size(); ++idx )
{
std::printf( "======================== [%s #%d] ========================\n",
vmctx.vm_handlers[ idx ].profile ? vmctx.vm_handlers[ idx ].profile->name : "UNK", idx );
vm::util::print( vmctx.vm_handlers[ idx ].instrs );
// if there is no imm then there are no transforms...
if ( !vmctx.vm_handlers[ idx ].imm_size )
{
std::puts( "\n" );
continue;
}
std::puts( "======================== [transforms] ========================\n" );
for ( auto &[ mnemonic, instr ] : vmctx.vm_handlers[ idx ].transforms )
{
if ( instr.mnemonic == ZYDIS_MNEMONIC_INVALID )
continue;
vm::util::print( instr );
}
std::puts( "\n" );
}
```
***Output***
```
...
======================== [LCONSTBZXW #253] ========================
> 0x00007FF6DEA85C2C and al, 0x45
> 0x00007FF6DEA85C2E movzx eax, byte ptr [rsi]
> 0x00007FF6DEA85C82 add al, bl
> 0x00007FF6DEA85C85 add al, 0xD3
> 0x00007FF6DEA86FC7 not al
> 0x00007FF6DEA84D23 inc al
> 0x00007FF6DEA85633 add bl, al
> 0x00007FF6DEA853D5 sub rsi, 0xFFFFFFFFFFFFFFFF
> 0x00007FF6DEA85CD1 sub rbp, 0x02
> 0x00007FF6DEA862F8 mov [rbp], ax
> 0x00007FF6DEA844A7 rol ah, 0x07
======================== [transforms] ========================
add al, bl
add al, 0xD3
not al
inc al
add bl, al
...
```
### License & Copyright ### License & Copyright
Copyright (c) 2021 _xeroxz, Independent Researcher @back.engineering Copyright (c) 2021 _xeroxz, Independent Researcher @back.engineering

Loading…
Cancel
Save