[0xNOP]

Hello,

Basically I'm initiating myself on VMProtect because someone came to me looking for help to see if I could help him reversing a program with VMProtect, yeah I know it's crazy... well I checked on PiD and shows VMProtect 3 detected.

So, I'm not that familiar with protectors like VMProtect except for Armadillo, but that was like for a project I was working on like a month ago or so, never got too deep in it neither.

The thing is, that I need some pointers on how to work with VMProtect, I've got past the anti-debugging protections at the beginning of execution (same ol' anti-debugger techinques to detect debugers, etc, etc.) but I'm failing in particularly one, and it's when I get into the VM, the inline polymorphic VM Handlers undo whatever I do to the Virtualized P-Code, but I'm getting kinda lost here...

I was reading this article -> http://lille1tv.univ-lille1.fr/telecharge.aspx?id=d5b2487e-cacc-4596-ab37-dab2b362cb9e that mainly gives a thorough explanation of what you will find inside a program protected with VMProtect, now the thing is that, I've tried reading but like I said, I'm not familiar with some of the concepts, or I don't even know if most of the concepts are up-to-date (guide was written in 2015 and now the latest version is VMProtect 3), mainly because I haven't yet understood how the underlying VM really works, just yet, and only knowing that the VM is always different after each compilation, it makes me cringe...

I will really appreciate any help anyone could bring to me and aid me on this clash of protected code vs reversing.