vmprofiler

VMProtect 2 Virtual Machines Profiler Library

Go to file

_xeroxz 01cd5dc8ae Update README.md		4 years ago
dependencies	fixed a spelling mistake...	4 years ago
include	i messed with transforms and vminstrs encrypt_operand, check to make	4 years ago
src	Merge branch 'master' of https://githacks.org/vmp2/vmprofiler into HEAD	4 years ago
.clang-format	added clang format, its 90% ok	4 years ago
.gitignore	added gitignore, testing it	4 years ago
.gitmodules	fixed a spelling mistake...	4 years ago
LICENSE	Add LICENSE	4 years ago
README.md	Update README.md	4 years ago
vmprofiler.sln	removed useless options in sln	4 years ago
vmprofiler.vcxproj	added vm::ctx_t which can be passed around >:)	4 years ago
vmprofiler.vcxproj.filters	added vm::ctx_t which can be passed around >:)	4 years ago

README.md

VMProfiler - Library To Profile VMProtect 2 Virtual Machines

VMProfiler is a c++ library which is used to statically analyze VMProtect 2 polymorphic virtual machines. This project is inherited in vmprofiler-qt, vmprofiler-cli, and vmemu. This is the base project for all other VMProtect 2 projects inside of this group on githacks/vmp2.

Basic Usage - vm::ctx_t instantiation

In order to use VMProfiler you must create a vm::ctx_t. In order to instantiate a new instance of the vm::ctx_t class, you must first have a protected binary loaded into memory. You must also know its image base which can be located by parsing it from IMAGE_OPTIONAL_HEADER64 structure. The next bit of information you will need is the size of the image in memory which you can also get from IMAGE_OPTIONAL_HEADER64 structure. The last bit of information you will need to know is the relative virtual address (from the base of the module in memory) to a vm entry. This must include the push encrypted rva. Now you are ready to create your first vm::ctx_t object.

vm::ctx_t vmctx( module_base, image_base, image_size, vm_entry_rva );