You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
IDontCode b7330ad02f
removed capture from lambdas in profiles... compiles on linux now. added readme for vm_entry_test...
3 years ago
..
src updated vmctx class a little... 3 years ago
CMakeLists.txt added test case stuff and added vmutils.. 3 years ago
README.md removed capture from lambdas in profiles... compiles on linux now. added readme for vm_entry_test... 3 years ago
cmake.toml added test case stuff and added vmutils.. 3 years ago

README.md

Example Output

> 0x7f4bd5fc8f8d push 0x6CBB0520
> 0x7f4bd5ed96a3 push r8
> 0x7f4bd5ed96ad push r9
> 0x7f4bd5f22602 push rdx
> 0x7f4bd5f22605 push r12
> 0x7f4bd5f2260c push r11
> 0x7f4bd5f22610 push rcx
> 0x7f4bd5f22619 push r10
> 0x7f4bd5fa22d2 push rsi
> 0x7f4bd5fa22d6 push r15
> 0x7f4bd5fa22de push rbp
> 0x7f4bd5fa22e8 push r13
> 0x7f4bd5fa22f2 push rdi
> 0x7f4bd5fa22f3 push rbx
> 0x7f4bd5f17ade push r14
> 0x7f4bd5f17ae6 push rax
> 0x7f4bd5f17aea pushfq
> 0x7f4bd5f786f3 mov r11, 0x7F4A95C90000
> 0x7f4bd5f786fd push r11
> 0x7f4bd5f78707 mov r8, [rsp+0x90]
> 0x7f4bd5f7870f not r8d
> 0x7f4bd5f78719 rol r8d, 0x01
> 0x7f4bd5f78722 bswap r8d
> 0x7f4bd5f78725 not r8d
> 0x7f4bd5f7872f lea r8, [r8+r11*1]
> 0x7f4bd5f78733 mov r11, 0x100000000
> 0x7f4bd5f7873f add r8, r11
> 0x7f4bd5f7874d mov r9, rsp
> 0x7f4bd5f78753 sub rsp, 0x180
> 0x7f4bd5f78763 and rsp, 0xFFFFFFFFFFFFFFF0
> 0x7f4bd5f7876c mov rbx, r8
> 0x7f4bd5f78775 mov rdx, 0x7F4A95C90000
> 0x7f4bd5f7877f sub rbx, rdx
> 0x7f4bd5f78782 lea rbp, [0x00007F4BD5F78782]
> 0x7f4bd5f7878e sub r8, 0x04
> 0x7f4bd5f7879a mov edx, [r8]
> 0x7f4bd5f787a1 xor edx, ebx
> 0x7f4bd5f50bcd inc edx
> 0x7f4bd5f50bd0 rol edx, 0x01
> 0x7f4bd5f50bda add edx, 0x50DE102C
> 0x7f4bd5f50be0 rol edx, 0x03
> 0x7f4bd5f50be4 push rbx
> 0x7f4bd5f50bee xor [rsp], edx
> 0x7f4bd5f50bf4 pop rbx
> 0x7f4bd5f50bf9 movsxd rdx, edx
> 0x7f4bd5f50c00 add rbp, rdx
> 0x7f4bd5ebab8f jmp rbp
> Starting Virtual Instruction Pointer Register: r8
> Starting Virtual Stack Pointer Register: r9