Exetools  

Go Back   Exetools > General > Source Code

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 02-16-2022, 21:56
Zeokat Zeokat is offline
Friend
 
Join Date: Dec 2017
Posts: 41
Rept. Given: 0
Rept. Rcvd 8 Times in 5 Posts
Thanks Given: 237
Thanks Rcvd at 112 Times in 26 Posts
Zeokat Reputation: 8
Post VMProtect Devirtualization - Experimental dynamic approach

VMProtect Devirtualization

An experimental dynamic approach to devirtualize pure functions protected by VMProtect 3.x

Credits: Jonathan Salwan

Github link:
Code:
https://github.com/JonathanSalwan/VMProtect-devirtualization
Reply With Quote
The Following User Says Thank You to Zeokat For This Useful Post:
tonyweb (02-19-2022)
  #2  
Old 02-17-2022, 00:32
user1's Avatar
user1 user1 is offline
Family
 
Join Date: Sep 2012
Location: OUT
Posts: 943
Rept. Given: 482
Rept. Rcvd 115 Times in 63 Posts
Thanks Given: 591
Thanks Rcvd at 499 Times in 301 Posts
user1 Reputation: 36
vmprotect is under attack from all.

no thanks !
Reply With Quote
  #3  
Old 02-17-2022, 04:30
Trit0n Trit0n is offline
Family
 
Join Date: Sep 2011
Location: +47.xxxx / +8.xxxx
Posts: 226
Rept. Given: 55
Rept. Rcvd 88 Times in 48 Posts
Thanks Given: 75
Thanks Rcvd at 111 Times in 51 Posts
Trit0n Reputation: 88
@User1
Because of vmprotect :
- Actually protects intellectual property.
- Protects software developers.
- But also protects all software crackers who may have something to hide.
So a double edged sword, if you know what I mean.
Reply With Quote
The Following 5 Users Say Thank You to Trit0n For This Useful Post:
Apuromafo (02-18-2022), niculaita (02-17-2022), p4r4d0x (02-18-2022), qzr (02-18-2022), val2032 (02-17-2022)
  #4  
Old 02-17-2022, 19:02
user1's Avatar
user1 user1 is offline
Family
 
Join Date: Sep 2012
Location: OUT
Posts: 943
Rept. Given: 482
Rept. Rcvd 115 Times in 63 Posts
Thanks Given: 591
Thanks Rcvd at 499 Times in 301 Posts
user1 Reputation: 36
developer of vmprotect NOT taken yet any legal steps for github.
Reply With Quote
  #5  
Old 02-17-2022, 21:54
val2032 val2032 is offline
Friend
 
Join Date: Apr 2010
Posts: 44
Rept. Given: 26
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 90
Thanks Rcvd at 29 Times in 16 Posts
val2032 Reputation: 2
Quote:
Originally Posted by Trit0n View Post
@User1
Because of vmprotect :
- Actually protects intellectual property.
- Protects software developers.
- But also protects all software crackers who may have something to hide.
So a double edged sword, if you know what I mean.
Also many viruses/malwares are protected with vmp...
When all the security companies will be able to devirtualize vmp (of course with the license from vmp), then we can definitely say "no thanks" as @user1 says.
Reply With Quote
  #6  
Old 02-17-2022, 22:29
deepzero's Avatar
deepzero deepzero is offline
VIP
 
Join Date: Mar 2010
Location: Germany
Posts: 293
Rept. Given: 106
Rept. Rcvd 63 Times in 41 Posts
Thanks Given: 146
Thanks Rcvd at 186 Times in 87 Posts
deepzero Reputation: 63
There was a recent talk where the MS antivirus team showed they can devirtualize, I think.
Reply With Quote
  #7  
Old 02-18-2022, 15:05
user1's Avatar
user1 user1 is offline
Family
 
Join Date: Sep 2012
Location: OUT
Posts: 943
Rept. Given: 482
Rept. Rcvd 115 Times in 63 Posts
Thanks Given: 591
Thanks Rcvd at 499 Times in 301 Posts
user1 Reputation: 36
but why not devirtualize Chinese packers and Chinese protections?

why vmp? people paid good genuine $ to have such protection,

now all you protected is going to trash.

not ok in github over 10 reps that suppose to host legitimate genuine src NOT copyrighted protections.

is NOT fine, destroy it so all genuine protected VMP software companies bankrupt all.
Reply With Quote
  #8  
Old 02-18-2022, 16:23
Conquest Conquest is offline
Friend
 
Join Date: Jan 2013
Location: 0x484F4D45
Posts: 120
Rept. Given: 46
Rept. Rcvd 29 Times in 17 Posts
Thanks Given: 30
Thanks Rcvd at 57 Times in 27 Posts
Conquest Reputation: 29
Unvirtualization is not impossible and some organizations already have such tools. Its just that they are hiding the big guns. what made you guys think that the vmpsoft doesnt have an unvirtualizer of their own?
Reply With Quote
  #9  
Old 02-18-2022, 18:44
DavidXanatos DavidXanatos is offline
Family
 
Join Date: Jun 2018
Posts: 168
Rept. Given: 2
Rept. Rcvd 40 Times in 27 Posts
Thanks Given: 53
Thanks Rcvd at 311 Times in 106 Posts
DavidXanatos Reputation: 40
IMHO no legitimate company selling a legitimate product, has any legitimate busyness protecting their product with such tools. DRM is anti consumer and should be made illegal, as simple as that.
Protection that's why we have laws for, tools like VMP are a sort of vigilantism.
Reply With Quote
The Following User Says Thank You to DavidXanatos For This Useful Post:
sh3dow (02-23-2022)
  #10  
Old 02-18-2022, 20:24
Kerlingen Kerlingen is offline
VIP
 
Join Date: Feb 2011
Posts: 316
Rept. Given: 0
Rept. Rcvd 276 Times in 98 Posts
Thanks Given: 0
Thanks Rcvd at 287 Times in 89 Posts
Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299 Kerlingen Reputation: 200-299
Quote:
Originally Posted by user1 View Post
but why not devirtualize Chinese packers and Chinese protections?

why vmp? people paid good genuine $ to have such protection,

now all you protected is going to trash.
When you sell stolen dongle emulators (for software not owned by or licensed to you), then all the time and money invested into the dongle protection by the software's legitimate owners goes to trash.

Why don't you use "Chinese packers and Chinese protections" instead? There is really no need to revolt every time somebody posts anything about VMProtect just because you fear your revenue from selling stolen software decreases?
Reply With Quote
The Following 2 Users Say Thank You to Kerlingen For This Useful Post:
qzr (02-18-2022), vialdo77 (08-04-2022)
  #11  
Old 02-19-2022, 06:57
b30wulf's Avatar
b30wulf b30wulf is offline
Family
 
Join Date: Nov 2013
Posts: 190
Rept. Given: 208
Rept. Rcvd 116 Times in 38 Posts
Thanks Given: 182
Thanks Rcvd at 228 Times in 74 Posts
b30wulf Reputation: 100-199 b30wulf Reputation: 100-199
It very good project. Does the work efficiently and its a great challenge to vmpsoft to update protection.
For anyone interested into devitalization is very good starting point
Reply With Quote
The Following User Gave Reputation+1 to b30wulf For This Useful Post:
user1 (02-20-2022)
The Following 3 Users Say Thank You to b30wulf For This Useful Post:
DavidXanatos (02-19-2022), user1 (02-19-2022), Zeokat (02-19-2022)
  #12  
Old 02-22-2022, 17:00
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
 
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 217
Rept. Given: 58
Rept. Rcvd 78 Times in 36 Posts
Thanks Given: 91
Thanks Rcvd at 288 Times in 97 Posts
Fyyre Reputation: 78
Quote:
Originally Posted by DavidXanatos View Post
IMHO no legitimate company selling a legitimate product, has any legitimate busyness protecting their product with such tools. DRM is anti consumer and should be made illegal, as simple as that.
Protection that's why we have laws for, tools like VMP are a sort of vigilantism.
VMP is not vigilantism... it just creates another hoop for any dedicated reverse engineer to jump through.
__________________
Best Wishes,

Fyyre

--

Slava Ukraini!
"If you think being against genocide is politics, get your head checked."

https://github.com/Fyyre
Reply With Quote
The Following 2 Users Say Thank You to Fyyre For This Useful Post:
niculaita (02-23-2022), p4r4d0x (02-22-2022)
  #13  
Old 02-23-2022, 04:22
sh3dow sh3dow is offline
Family
 
Join Date: Oct 2014
Posts: 131
Rept. Given: 106
Rept. Rcvd 79 Times in 24 Posts
Thanks Given: 398
Thanks Rcvd at 161 Times in 56 Posts
sh3dow Reputation: 79
Quote:
Originally Posted by user1 View Post
but why not devirtualize Chinese packers and Chinese protections?
.
Because VMP is quite popular and used everywhere from legit use such as software protection to shady use such as cheats and malware protection.
Fame is like a curse, it's like asking why people still passionately waiting for IDA pro leaks while good alternative like Ghidra/binary ninja exist.
Reply With Quote
  #14  
Old 02-24-2022, 15:54
CryptXor CryptXor is offline
Friend
 
Join Date: Oct 2015
Posts: 64
Rept. Given: 0
Rept. Rcvd 24 Times in 12 Posts
Thanks Given: 29
Thanks Rcvd at 127 Times in 38 Posts
CryptXor Reputation: 24
I mean its not the first anti-vmp project, eg NoVmp (https://github.com/can1357/NoVmp), dunno why this one is upsetting people so much :P

Quote:
Originally Posted by user1 View Post
but why not devirtualize Chinese packers and Chinese protections?
Which ones specifically, asking for a friend
Reply With Quote
  #15  
Old 02-25-2022, 03:32
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,300
Rept. Given: 932
Rept. Rcvd 87 Times in 59 Posts
Thanks Given: 3,734
Thanks Rcvd at 473 Times in 334 Posts
niculaita Reputation: 87
##############################################################################
# NoVmp Copyright (C) 2020 Can Boluk #
# This program comes with absolutely no warranty, and it is free software. #
# You are welcome to redistribute it under certain conditions--for which you #
# can refer to the GNU General Public License v3. #
##############################################################################

[!] Warning: This image has relocations stripped, NoVmp is not 100% compatible with this switch yet.
Press any key to continue . . .
__________________
Decode and Conquer
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On



All times are GMT +8. The time now is 00:16.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2022 )