Exetools

Exetools (https://forum.exetools.com/index.php)
-   Source Code (https://forum.exetools.com/forumdisplay.php?f=46)
-   -   VMProtect Devirtualization - Experimental dynamic approach (https://forum.exetools.com/showthread.php?t=20084)

Zeokat 02-16-2022 21:56

VMProtect Devirtualization - Experimental dynamic approach
 
VMProtect Devirtualization

An experimental dynamic approach to devirtualize pure functions protected by VMProtect 3.x

Credits: Jonathan Salwan

Github link:
Code:

https://github.com/JonathanSalwan/VMProtect-devirtualization

user1 02-17-2022 00:32

vmprotect is under attack from all.

no thanks !

Trit0n 02-17-2022 04:30

@User1
Because of vmprotect :
- Actually protects intellectual property.
- Protects software developers.
- But also protects all software crackers who may have something to hide:confused:.
So a double edged sword, if you know what I mean.

user1 02-17-2022 19:02

developer of vmprotect NOT taken yet any legal steps for github.

val2032 02-17-2022 21:54

Quote:

Originally Posted by Trit0n (Post 124817)
@User1
Because of vmprotect :
- Actually protects intellectual property.
- Protects software developers.
- But also protects all software crackers who may have something to hide:confused:.
So a double edged sword, if you know what I mean.

Also many viruses/malwares are protected with vmp...
When all the security companies will be able to devirtualize vmp (of course with the license from vmp), then we can definitely say "no thanks" as @user1 says.

deepzero 02-17-2022 22:29

There was a recent talk where the MS antivirus team showed they can devirtualize, I think.

user1 02-18-2022 15:05

but why not devirtualize Chinese packers and Chinese protections?

why vmp? people paid good genuine $ to have such protection,

now all you protected is going to trash.

not ok in github over 10 reps that suppose to host legitimate genuine src NOT copyrighted protections.

is NOT fine, destroy it so all genuine protected VMP software companies bankrupt all.

Conquest 02-18-2022 16:23

Unvirtualization is not impossible and some organizations already have such tools. Its just that they are hiding the big guns. what made you guys think that the vmpsoft doesnt have an unvirtualizer of their own?

DavidXanatos 02-18-2022 18:44

IMHO no legitimate company selling a legitimate product, has any legitimate busyness protecting their product with such tools. DRM is anti consumer and should be made illegal, as simple as that.
Protection that's why we have laws for, tools like VMP are a sort of vigilantism.

Kerlingen 02-18-2022 20:24

Quote:

Originally Posted by user1 (Post 124830)
but why not devirtualize Chinese packers and Chinese protections?

why vmp? people paid good genuine $ to have such protection,

now all you protected is going to trash.

When you sell stolen dongle emulators (for software not owned by or licensed to you), then all the time and money invested into the dongle protection by the software's legitimate owners goes to trash.

Why don't you use "Chinese packers and Chinese protections" instead? There is really no need to revolt every time somebody posts anything about VMProtect just because you fear your revenue from selling stolen software decreases?

b30wulf 02-19-2022 06:57

It very good project. Does the work efficiently and its a great challenge to vmpsoft to update protection.
For anyone interested into devitalization is very good starting point

Fyyre 02-22-2022 17:00

Quote:

Originally Posted by DavidXanatos (Post 124833)
IMHO no legitimate company selling a legitimate product, has any legitimate busyness protecting their product with such tools. DRM is anti consumer and should be made illegal, as simple as that.
Protection that's why we have laws for, tools like VMP are a sort of vigilantism.

VMP is not vigilantism... it just creates another hoop for any dedicated reverse engineer to jump through.

sh3dow 02-23-2022 04:22

Quote:

Originally Posted by user1 (Post 124830)
but why not devirtualize Chinese packers and Chinese protections?
.

Because VMP is quite popular and used everywhere from legit use such as software protection to shady use such as cheats and malware protection.
Fame is like a curse, it's like asking why people still passionately waiting for IDA pro leaks while good alternative like Ghidra/binary ninja exist.

CryptXor 02-24-2022 15:54

I mean its not the first anti-vmp project, eg NoVmp (https://github.com/can1357/NoVmp), dunno why this one is upsetting people so much :P

Quote:

Originally Posted by user1 (Post 124830)
but why not devirtualize Chinese packers and Chinese protections?

Which ones specifically, asking for a friend :D

niculaita 02-25-2022 03:32

##############################################################################
# NoVmp Copyright (C) 2020 Can Boluk #
# This program comes with absolutely no warranty, and it is free software. #
# You are welcome to redistribute it under certain conditions--for which you #
# can refer to the GNU General Public License v3. #
##############################################################################

[!] Warning: This image has relocations stripped, NoVmp is not 100% compatible with this switch yet.
Press any key to continue . . .


All times are GMT +8. The time now is 17:32.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX