Jump to content
Tuts 4 You

Recommended Posts

Teddy Rogers
Posted
There are two types of virtual machine software protections: A) the ones that convert x86 machine code into virtual machine bytecode and execute it at runtime; B) the ones that execute some arbitrary code in a virtual environment. I've discussed the latter several times in the past, and by now there exists a wealth of literature on that variety. But breaking the former kind remains an unsolved problem.

In my article I said "basically, reverse engineering a VM with the common tools is like reverse engineering a scripted installer without a script decompiler: it's repetitious, and the high-level details are obscured by the flood of low-level details". The more I thought about this, the more I realized that the word "basically" is out of place: virtualizing software protections are programming language interpreters, albeit for weird languages.

Consequently, an idea struck me: what we want here is not an interpreter, but a compiler to compile the bytecode back into x86 machine code.

https://www.openrce.org/blog/view/1110/Comp...6_Virtualizer_0

Ted.

Posted

Wow, an interesting approach. I predict that as VMs become more and more popular, people will take this approach more and more often. A couple of years from now, when we have automated VM unpackers(hopefully), we might look back at this paper as one of the groundbreakers in VM reverse engineering. Definitely deserves further looking into...

Posted

Really interesting.

I've to say that it's an illustration of bright thought.

Thanks for the link.

ahmadmansoor
Posted

Many Thanks Ted ......

hehe but can we know why ur name (which appear in the forum at first log in) turn to Red ....

it has nice color,did u become something New ...or what ? ......sorry all that joke ted..i just joking

anyway many thanks for ur nice site i Love it very much.....

ur best friend Ahmadmansoor

Teddy Rogers
Posted
hehe but can we know why ur name (which appear in the forum at first log in) turn to Red ....

it has nice color,did u become something New ...or what ?

When I was changing some internals of the forum I decided the Administrators needed a little colour in their lives... :lol:

Ted.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...