Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   reverse vmprotected function (https://forum.exetools.com/showthread.php?t=16808)

TrOn 05-03-2015 17:26
reverse vmprotected function
 
How can I reverse a vmprotected function from a sys file? I have unpacked the sys file. The .PAGE and .text section include the code i need. I opened the files as a bin file with ida pro. The unprotected functions will disassembles. Can I convert the protected code into unprotected code?

Thank you

Syoma 05-03-2015 18:29
Write DeVM plug-in or tool like Sweeper and get VM CFG trace. Analyze trace and convert to native unprotected code.


All times are GMT +8. The time now is 21:48.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX