GautamGreat Posted October 31, 2015 Posted October 31, 2015 Any one used this script to Deobfuscate VMPROTECT https://github.com/jnraber/VirtualDeobfuscator
xSRTsect Posted November 1, 2015 Posted November 1, 2015 (edited) hmm the tool seems a bit unpractical since it involves making a one go binary that would execute in the main function the virtualized problem, plus for some odd reason the example binary they have doesn't seem to run. The general idea of the tool seems nice, but perhaps there may be better tools suited from the problem so far. What I mean is that, what if instead of clustering-out the bad instructions in order to figure out the good ones, someone would tell you in advance what are the good ones and the bad ones? Turns out I already did that, I have created a project which anyone is invited to improve called VMPDBG. The only thing that stands aside from my project and these guy's is the fact that they have implemented a peephole optimizer, which may produce better (final) results. Anyway - my tool allows you to debugg, devirtualize and even dumps the final instructions in a txt file so that you can (later on) run a custom peephole optimizer you may see fit. just read with caution the thread : https://forum.tuts4you.com/topic/36653-devirtualizeme-vmprotect-2135/ Edited November 1, 2015 by xSRTsect 2
GautamGreat Posted November 2, 2015 Author Posted November 2, 2015 Thanks for your replay. I am newbie. can you give me some video tutorials. 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now