You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
38 lines
1.5 KiB
38 lines
1.5 KiB
#pragma once
|
|
#include <transform.hpp>
|
|
#include <vmprofiles.hpp>
|
|
|
|
namespace vm
|
|
{
|
|
namespace handler
|
|
{
|
|
struct handler_t
|
|
{
|
|
u8 imm_size; // size in bits...
|
|
vm::transform::map_t transforms;
|
|
vm::handler::profile_t *profile;
|
|
zydis_routine_t instrs;
|
|
std::uintptr_t address;
|
|
};
|
|
|
|
bool has_imm( const zydis_routine_t &vm_handler );
|
|
std::optional< std::uint8_t > imm_size( const zydis_routine_t &vm_handler );
|
|
bool get( zydis_routine_t &vm_entry, zydis_routine_t &vm_handler, std::uintptr_t handler_addr );
|
|
|
|
bool get_all( std::uintptr_t module_base, std::uintptr_t image_base, zydis_routine_t &vm_entry,
|
|
std::uintptr_t *vm_handler_table, std::vector< handler_t > &vm_handlers );
|
|
|
|
bool get_operand_transforms( zydis_routine_t &vm_handler, transform::map_t &transforms );
|
|
vm::handler::profile_t *get_profile( handler_t &vm_handler );
|
|
vm::handler::profile_t *get_profile( vm::handler::mnemonic_t mnemonic );
|
|
|
|
namespace table
|
|
{
|
|
std::uintptr_t *get( const zydis_routine_t &vm_entry );
|
|
bool get_transform( const zydis_routine_t &vm_entry, zydis_decoded_instr_t *transform_instr );
|
|
|
|
std::uint64_t encrypt( zydis_decoded_instr_t &transform_instr, std::uint64_t val );
|
|
std::uint64_t decrypt( zydis_decoded_instr_t &transform_instr, std::uint64_t val );
|
|
} // namespace table
|
|
} // namespace handler
|
|
} // namespace vm
|