Deleted the retarded stuff I added

pull/1/head
xtremegamer1 2 years ago
parent f72850f31b
commit 943de5b10c

@ -22,7 +22,6 @@ namespace reg_names
} }
class emu_t { class emu_t {
public: public:
explicit emu_t(vm::vmctx_t* vm_ctx, bool log);
explicit emu_t(vm::vmctx_t* vm_ctx); explicit emu_t(vm::vmctx_t* vm_ctx);
~emu_t(); ~emu_t();
bool init(); bool init();
@ -59,11 +58,6 @@ class emu_t {
/// </summary> /// </summary>
uc_hook code_exec_hook, invalid_mem_hook, int_hook, branch_pred_hook; uc_hook code_exec_hook, invalid_mem_hook, int_hook, branch_pred_hook;
bool log_bytecode;
// Logged bytecode for lifting
std::vector<uint8_t> il_bytecode;
/// <summary> /// <summary>
/// code execution callback for executable memory ranges of the vmprotect'ed /// code execution callback for executable memory ranges of the vmprotect'ed
/// module... essentially used to single step the processor over virtual /// module... essentially used to single step the processor over virtual

@ -1,8 +1,6 @@
#include <string> #include <string>
#include <vmemu_t.hpp> #include <vmemu_t.hpp>
namespace vm { namespace vm {
emu_t::emu_t(vm::vmctx_t* vm_ctx, bool log) : m_vm(vm_ctx),
log_bytecode(log) {}
emu_t::emu_t(vm::vmctx_t* vm_ctx) : m_vm(vm_ctx) {}; emu_t::emu_t(vm::vmctx_t* vm_ctx) : m_vm(vm_ctx) {};
emu_t::~emu_t() { emu_t::~emu_t() {
@ -405,21 +403,7 @@ bool emu_t::code_exec_callback(uc_engine* uc, uint64_t address, uint32_t size,
uc_context_free(backup); uc_context_free(backup);
} else { } else {
const auto vinstr = vm::instrs::determine(obj->cc_trace); const auto vinstr = vm::instrs::determine(obj->cc_trace);
if (vinstr.mnemonic != vm::instrs::mnemonic_t::unknown) { //TODO: Remove and add this after the code block is made if (vinstr.mnemonic != vm::instrs::mnemonic_t::unknown) {
if (obj->log_bytecode)
{
obj->il_bytecode.emplace_back(static_cast<uint8_t>(vinstr.mnemonic));
if (vinstr.imm.has_imm)
{
obj->il_bytecode.emplace_back(vinstr.imm.size);
for(int i = 0; i < (vinstr.imm.size / 8); ++i)
{
obj->il_bytecode.emplace_back(*(reinterpret_cast<const uint8_t*>(&vinstr.imm.val) + i));
}
}
else
obj->il_bytecode.emplace_back<uint8_t>(0);
}
std::printf("%p: ", obj->cc_trace.m_begin + obj->m_vm->m_image_base - obj->m_vm->m_module_base); std::printf("%p: ", obj->cc_trace.m_begin + obj->m_vm->m_image_base - obj->m_vm->m_module_base);
if (vinstr.imm.has_imm) if (vinstr.imm.has_imm)
if (vinstr.mnemonic == instrs::mnemonic_t::lreg || vinstr.mnemonic == instrs::mnemonic_t::sreg) if (vinstr.mnemonic == instrs::mnemonic_t::lreg || vinstr.mnemonic == instrs::mnemonic_t::sreg)
@ -446,7 +430,8 @@ bool emu_t::code_exec_callback(uc_engine* uc, uint64_t address, uint32_t size,
"> err: please define the following vm handler (at = %p):\n", "> err: please define the following vm handler (at = %p):\n",
(obj->cc_trace.m_begin - obj->m_vm->m_module_base) + (obj->cc_trace.m_begin - obj->m_vm->m_module_base) +
obj->m_vm->m_image_base); obj->m_vm->m_image_base);
std::printf("vsp: %s, vip: %s\n", ZydisRegisterGetString(obj->cc_blk->m_vm.vsp),
ZydisRegisterGetString(obj->cc_blk->m_vm.vip));
vm::utils::print(inst_stream); vm::utils::print(inst_stream);
uc_emu_stop(uc); uc_emu_stop(uc);
return false; return false;
@ -619,9 +604,4 @@ std::optional<std::pair<std::uintptr_t, std::uintptr_t>> emu_t::could_have_jcc(
return {{lconst1->imm.val, lconst2->imm.val}}; return {{lconst1->imm.val, lconst2->imm.val}};
} }
std::vector<uint8_t>& emu_t::get_il_bytecode()
{
return il_bytecode;
}
} // namespace vm } // namespace vm
Loading…
Cancel
Save