Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   Code Virtualization Help (https://forum.exetools.com/showthread.php?t=11943)

tokk350 01-12-2009 01:36
Code Virtualization Help
 
Helo, i have a little question about virtual machines which uses PE protectors. I google a lot, but I don't find any idea to create my own code protecting VM. Have you any ideas ? (...SORRY FOR MY ENGLISH...)

Finite 01-12-2009 07:59
Study other VM protectors and steal their ideas. You have Themida, Securom, VMProtect to study...

Sabor 01-12-2009 10:29
check rewolfs release, really a good start; read the readme.

tokk350 01-18-2009 17:38
yeah study, but studiing some unpacked Protectors or Virtualizers is really hard :( and rewolfs ??? I don't hear about it. and goolge don't help me with rewolfs. Have you something else idea ? :)

scherzo 01-19-2009 19:46
Maybe this could help you to have some ideas... not well written but well... that's from a comercial protector ;)

http://www.codebreakers-journal.com/content/view/290/97/

scherzo

Evilcry 01-25-2009 00:01
Take also a look to libemu

Code:
http://libemu.carnivore.it/
Regards

Externalist 02-08-2009 17:45
Here you can understand the basic workings of a VM.
_http://rapidshare.com/files/16968098/Inside_Code_Virtualizer.rar

And here is a VM compiler source code by 0rp posted a long time ago.
_http://www.woodmann.com/forum/showthread.php?t=10003

Cheers

dubya 03-06-2009 22:00
^Thanks for those links!

Aren't there any open-source examples available? (Irony, I know -- OSS on an RE forum :D)

tokk350 03-08-2009 05:21
Here you can find the Rewolf's x86 Virtualizer Source code :) it's very simple but very easy to know how :)...
Code:
http://www.rewolf.pl/
AND all users thanx for good reasons on this post :)

peexe 03-19-2009 15:35
learn cv inside

ahmadmansoor 03-19-2009 21:38
@peexe : can u explain more ....... ???!!!!!

gunterg 03-19-2009 23:18
I think he refer at Inside Code Virtualizer by scherzo

Regards

wtbw 03-22-2009 09:11
Rolf's posts might also interest you.

http://www.openrce.org/blog/view/123...art_0:__Basics

OHPen 03-26-2009 17:57
It is not that difficult to write an own vm based protector. as the others explained read papers about commercial products. but you can also start with a minimum set of requirements.

- C/C++
- Disassembler Library

And there you go. First step could be just to virtualize only a single type of instruction, for example an arithmetic one like

add eax, 0x12345678

This will keep your code very small. There is no need to support hundereds of different opcodes if you just want to understand the concept.

Regards,
OHPen


All times are GMT +8. The time now is 19:53.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX