Thread: [Help] Reversing VMProtect 3?
View Single Post
  #2  
Old 05-12-2016, 15:11
TechLord TechLord is offline
Banned User
  
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 759
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,022 Times in 571 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
Quote:
Originally Posted by 0xNOP View Post
Hello,

Basically I'm initiating myself on VMProtect because someone came to me looking for help to see if I could help him reversing a program ...

The thing is, that I need some pointers on how to work with VMProtect,...

I will really appreciate any help anyone could bring to me and aid me on this clash of protected code vs reversing.
Hello friend,

Since you have not mentioned it, I believe that you are not familiar with LCF-AT's scripts and concepts for unwrapping VMP.

See here :

https://forum.tuts4you.com/topic/30733-vmprotect-ultra-unpacker-10/

You need to register on the forum (for free).

I think that the scripts can still work on VMP v3 as well but definitely, the CONCEPTS etc of VM Protect can be learned very well by watching her videos.

They will help you immensely in your unpacking quest !

Another EXCELLENT paper on this topic, titled "Unpacking Virtualization Obfuscators" can be found here :

http://static.usenix.org/event/woot09/tech/full_papers/rolles.pdf

Good luck
Last edited by TechLord; 05-12-2016 at 16:06.
Reply With Quote
The Following 8 Users Say Thank You to TechLord For This Useful Post:
0xall0c (03-17-2018), 0xNOP (05-13-2016), an0rma1 (05-13-2016), sh3dow (05-13-2016), Tomy73 (09-09-2016), tonyweb (05-14-2016)