Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-21-2022, 04:29
sh3dow sh3dow is offline
Family
 
Join Date: Oct 2014
Posts: 128
Rept. Given: 106
Rept. Rcvd 79 Times in 24 Posts
Thanks Given: 386
Thanks Rcvd at 158 Times in 54 Posts
sh3dow Reputation: 79
Quick look around VMP 3.x - Part (1-3)

Hello exetools community
Last time I posted a thread about VMProtect was "VMProtect 2 - Detailed Analysis of the Virtual Machine Architecture" which was fantastic Analysis of VMProtect 2 Virtual Machine Architecture. this time I found this series about VMProtect 3, hope you like it.

Quick look around VMP 3.x - Part 1 : Unpacking
PHP Code:
https://whereisr0da.github.io/blog/posts/2021-01-05-vmp-1/ 
Quick look around VMP 3.x - Part 2 : Code Mutation
PHP Code:
https://whereisr0da.github.io/blog/posts/2021-01-26-vmp-2/ 
Quick look around VMP 3.x - Part 3 : Virtualization
PHP Code:
https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/ 
This guy blog is filled with juicy topics, make sure to take a look at them as well.
Reply With Quote
The Following User Gave Reputation+1 to sh3dow For This Useful Post:
new_profile (01-21-2022)
The Following 6 Users Say Thank You to sh3dow For This Useful Post:
binarylaw (01-30-2022), elephant (01-22-2022), foosaa (01-24-2022), niculaita (01-21-2022), tonyweb (02-20-2022), tusk (02-22-2022)
  #2  
Old 01-21-2022, 04:34
sh3dow sh3dow is offline
Family
 
Join Date: Oct 2014
Posts: 128
Rept. Given: 106
Rept. Rcvd 79 Times in 24 Posts
Thanks Given: 386
Thanks Rcvd at 158 Times in 54 Posts
sh3dow Reputation: 79
Another blog from another guy but related to VMP Virtualization.

Tigress: Virtualization-Based Software Obfuscation Pt. 1
PHP Code:
https://www.mitchellzakocs.com/blog/tigress 
VMProtect 3: Virtualization-Based Software Obfuscation Pt. 2
PHP Code:
https://www.mitchellzakocs.com/blog/vmprotect3 
Reply With Quote
The Following 2 Users Say Thank You to sh3dow For This Useful Post:
niculaita (01-21-2022), tonyweb (02-20-2022)
  #3  
Old 01-21-2022, 04:49
sh3dow sh3dow is offline
Family
 
Join Date: Oct 2014
Posts: 128
Rept. Given: 106
Rept. Rcvd 79 Times in 24 Posts
Thanks Given: 386
Thanks Rcvd at 158 Times in 54 Posts
sh3dow Reputation: 79
No thread about Virtualization is complete without a blog or two from secret.club team. these guys are awesome,

Tickling VMProtect with LLVM: Part 1
PHP Code:
https://secret.club/2021/09/08/vmprotect-llvm-lifting-1.html 
Tickling VMProtect with LLVM: Part 2
PHP Code:
https://secret.club/2021/09/08/vmprotect-llvm-lifting-2.html 
Tickling VMProtect with LLVM: Part 3
PHP Code:
https://secret.club/2021/09/08/vmprotect-llvm-lifting-3.html 
PHP Code:
https://github.com/LLVMParty/TicklingVMProtect 
side note: one of them (edit: his name is "Can Bölük") had stream hours of contents on twitch where he reverse VMP (the title was: VMProtect to x86) but he toke it down, hope one of you have it.

Last edited by sh3dow; 01-21-2022 at 04:58. Reason: add name
Reply With Quote
The Following User Gave Reputation+1 to sh3dow For This Useful Post:
niculaita (01-21-2022)
The Following 8 Users Say Thank You to sh3dow For This Useful Post:
Acronys (01-31-2022), elephant (01-22-2022), foosaa (01-24-2022), Mendax47 (01-21-2022), niculaita (01-21-2022), tonyweb (02-20-2022), val2032 (01-21-2022), WRP (01-21-2022)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 21:50.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2022 )