_xeroxz
01cd5dc8ae
|
3 years ago | |
|---|---|---|
| dependencies | 4 years ago | |
| include | 3 years ago | |
| src | 3 years ago | |
| .clang-format | 4 years ago | |
| .gitignore | 4 years ago | |
| .gitmodules | 4 years ago | |
| LICENSE | ||
| README.md | 3 years ago | |
| vmprofiler.sln | 3 years ago | |
| vmprofiler.vcxproj | 4 years ago | |
| vmprofiler.vcxproj.filters | 4 years ago | |
README.md
VMProfiler - Library To Profile VMProtect 2 Virtual Machines
VMProfiler is a c++ library which is used to statically analyze VMProtect 2 polymorphic virtual machines. This project is inherited in vmprofiler-qt, vmprofiler-cli, and vmemu. This is the base project for all other VMProtect 2 projects inside of this group on githacks/vmp2.
Basic Usage - vm::ctx_t instantiation
In order to use VMProfiler you must create a vm::ctx_t. In order to instantiate a new instance of the vm::ctx_t class, you must first have a protected binary loaded into memory. You must also know its image base which can be located by parsing it from IMAGE_OPTIONAL_HEADER64 structure. The next bit of information you will need is the size of the image in memory which you can also get from IMAGE_OPTIONAL_HEADER64 structure. The last bit of information you will need to know is the relative virtual address (from the base of the module in memory) to a vm entry. This must include the push encrypted rva. Now you are ready to create your first vm::ctx_t object.
vm::ctx_t vmctx( module_base, image_base, image_size, vm_entry_rva );