void SeniorVMHandle::r_get_mem( long _register_index, long _register_base, long _scale, long _lval) { //_lval += 0x20; char sn = 0; for (int i = 0; i < 32; i++) { if (_scale == 1<<i) { sn = i; break; } } if (_register_index || _register_base || _scale || _lval) { //d_add(_register_index,_register_base); d_shl(_register_base,sn); pop(T_INVALID); pop(T_TMP_REGISTER5); d_add(_register_index,T_TMP_REGISTER5); pop(T_INVALID); pop(T_TMP_REGISTER5); d_push_imm(_lval); pop(T_TMP_REGISTER4); d_add(T_TMP_REGISTER5,T_TMP_REGISTER4); pop(T_INVALID); } else if (_register_index || _register_base || _lval) { } else if (_register_index || _scale || _lval) { } else if (_register_index || _register_base) { d_add(_register_index,_register_base); pop(T_INVALID); } else if (_register_base || _lval) { d_push_imm(_lval); pop(T_TMP_REGISTER4); d_add(_register_base,T_TMP_REGISTER4); pop(T_INVALID); } else if (_register_index || _lval) { d_push_imm(_lval); pop(T_TMP_REGISTER4); d_add(_register_index,T_TMP_REGISTER4); pop(T_INVALID); } else if (_register_index) { push(_register_index); } else if (_register_base) { } }
void SeniorVMHandle::d_not_and(long _register1,long _register2,bool is_data) { if (is_data) { d_push_imm( _register2 ); push( _register1 ); db( GET_HANDLE( d_nand ) ); return; } if (_register1 == 0 || _register2 == 0) { db(HANDLE.d_nand.handle); return; } push(_register2,false); // db(HANDLE.push_esp.handle); //db(HANDLE.d_read_mem.handle); //pop(_register2); push(_register1,false); //db(HANDLE.push_esp.handle); //db(HANDLE.d_read_mem.handle); //pop(_register1); db(HANDLE.d_nand.handle); }
void SeniorVMHandle::d_shr(long _register,char n,bool is_data) { if ( is_data ) d_push_imm( _register ); else push(_register,false); b_push_imm(n); db(HANDLE.d_shr.handle); }
void SeniorVMHandle::set_key( long _key ) { //recover_vm_context(); #ifndef PROTECT_X64 d_push_imm( _key ); #else q_push_imm( _key ); #endif db( GET_HANDLE( set_key ) ); }
void SeniorVMHandle::b_add_b(long _register1,long _register2) { d_push_imm(0); pop(T_TMP_REGISTER3); b_and(_register1,_register2); pop(T_INVALID); b_xor(_register1,_register2); pop(T_INVALID); pop(T_TMP_R8_1H); b_push_imm(1<<7); pop(T_TMP_R8_1L); pop(T_TMP_R8_2H); b_and(T_TMP_R8_2H,T_TMP_R8_1L); pop(T_INVALID); pop(T_TMP_R8_3L); d_shr(T_TMP_REGISTER3,7); pop(T_INVALID); pop(T_TMP_REGISTER3); d_or(T_TMP_REGISTER3,T_TMP_EFLAG); pop(T_INVALID); pop(T_TMP_EFLAG); d_push_imm(0); pop(T_TMP_REGISTER3); b_push_imm(1<<3); pop(T_TMP_R8_3H); b_and(T_TMP_R8_3H,T_TMP_R8_2H); pop(T_INVALID); pop(T_TMP_R8_2L); b_shl(T_TMP_R8_2L,1); pop(T_INVALID); pop(T_TMP_R8_3L); d_or(T_TMP_REGISTER3,T_TMP_EFLAG); pop(T_INVALID); pop(T_TMP_EFLAG); b_shl(T_TMP_R8_2H,1); pop(T_INVALID); pop(T_TMP_R8_2H); }
void SeniorVMHandle::d_not(long _register,bool is_data) //如果第二个参数为true 那第一个参数就是 要Not的立即数 { if (is_data) { d_push_imm(_register); d_copy_stack(); db( GET_HANDLE(d_nand) ); return; } if (_register == 0) { db(HANDLE.d_nand.handle); return; } /* char n = rand()%101; if (n <= 10) { d_not(_register); //a = nand(_r,_r); pop(T_INVALID); d_not(_register); //b = nand(_r,_r); pop(T_INVALID); db(HANDLE.d_nand.handle); //nand(a,b) pop(T_INVALID); d_not(_register); //a = nand(_r,_r); pop(T_INVALID); d_not(_register); //b = nand(_r,_r); pop(T_INVALID); db(HANDLE.d_nand.handle); //nand(a,b) pop(T_INVALID); db(HANDLE.d_nand.handle); return; }*/ push(_register,false); db(HANDLE.push_stack_top_base.handle); db(HANDLE.d_read_mem.handle); //#ifndef PROTECT_X64 //db(HANDLE.push_stack_top_base.handle); //db(HANDLE.d_read_mem.handle); //pop(_register); //#endif db(HANDLE.d_nand.handle); }
void SeniorVMHandle::r_get_mem( long _register_base, long _register_index, long _scale, long _lval) { if (_register_base == T_NSP) { db( GET_HANDLE( push_esp ) ); pop( T_ESP ); } d_push_imm( _lval ); pop( T_TMP_REGISTER4 ); if ( _register_index ) { char sn = 0; for (int i = 0; i < 32; i++) { if (_scale == 1<<i) { sn = i; break; } } d_shl( _register_index,sn ); pop( T_INVALID ); pop( T_TMP_REGISTER5 ); d_add(T_TMP_REGISTER4,T_TMP_REGISTER5 ); pop( T_INVALID ); pop( T_TMP_REGISTER4 ); } if (_register_base) { d_add( _register_base,T_TMP_REGISTER4 ); pop( T_INVALID ); } }
char SeniorVMHandle::push_operand( pVOperand o ) { if (o == NULL) { return 0; } if (o->is_mem( )) { r_get_mem( o->_mem.base,o->_mem.index,o->_mem.scale,o->_mem.lval ); switch (o->_mem.size ) { case 1: db( GET_HANDLE( b_read_mem ) ); return 1; break; case 2: db( GET_HANDLE( w_read_mem ) ); return 2; break; case 4: db( GET_HANDLE( d_read_mem ) ); return 4; break; #ifdef PROTECT_X64 case 8: db( GET_HANDLE( q_read_mem ) ); return 8; break; #endif } } else if (o->is_reg( )) { push( o->_reg.base ); if (o->_reg.base & T_E32X) { return 4; } else if (o->_reg.base & T_16X) { return 2; } else if ( o->_reg.base & T_8L || o->_reg.base & T_8H) { return 1; } else return 8; } else if (o->is_imm( )) { switch( o->_imm.size ) { case 1: b_push_imm(o->_imm.value); return 1; break; case 2: w_push_imm( o->_imm.value ); return 2; break; case 4: d_push_imm( o->_imm.value ); return 4; break; #ifdef PROTECT_X64 case 8: q_push_imm( o->_imm.value ); return 8; break; #endif } } else if (o->is_none( )) { return 0; } else { cout << "未知操作数\r\n" << endl; throw; return -1; } return 0; }
void SeniorVMHandle::d_add(long _register1,long _register2,bool is_data) { if (!super_protect) { push(_register1,false); if ( is_data ) d_push_imm( _register2 ); else push(_register2,false); db(HANDLE.d_add.handle); return; } //return; /* db(HANDLE.d_push_imm.handle); dd(1<<31); pcode->v_pop_register(T_TMP_REGISTER3); d_and(_register1,T_TMP_REGISTER3); pcode->v_pop_register(T_INVALID); db(HANDLE.b_push_imm.handle); db(20); db(HANDLE.d_shr.handle); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_EFLAG);*/ d_xor(_register1,_register2); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_REGISTER1); d_not(T_TMP_REGISTER1); pcode->v_pop_register(T_INVALID); db(HANDLE.d_push_imm.handle); dd(0x80000000); pcode->v_pop_register(T_TMP_REGISTER2); pcode->v_pop_register(T_TMP_REGISTER3); d_and(T_TMP_REGISTER3,T_TMP_REGISTER2); pcode->v_pop_register(T_INVALID); // db(HANDLE.b_push_imm.handle); // db(20); // db(HANDLE.d_shr.handle); // pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_EFLAG); d_add_d(_register1,_register2); for (int i = 0; i < 31; ++i) //6次 留一次填充标志位 { d_add_d(T_TMP_REGISTER2,T_TMP_REGISTER1); } //pcode->v_push_register(T_TMP_R32_2); // pcode->v_push_register(T_TMP_EFLAG); //pcode->v_push_register(T_TMP_REGISTER1); ///OF 判断是否溢出 d_xor(_register2,T_TMP_REGISTER1); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_REGISTER3); db(HANDLE.d_push_imm.handle); dd(0x80000000); pcode->v_pop_register(T_TMP_REGISTER4); d_and(T_TMP_REGISTER4,T_TMP_REGISTER3); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_REGISTER3); d_and(T_TMP_EFLAG,T_TMP_REGISTER3); pcode->v_pop_register(T_INVALID); db(HANDLE.b_push_imm.handle); db(20); db(HANDLE.d_shr.handle); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_REGISTER4); //db(HANDLE.d_push_imm.handle); //dd(0x800); //pcode->v_pop_register(T_TMP_REGISTER3); // d_and(T_TMP_REGISTER3,T_TMP_REGISTER4); // pcode->v_pop_register(T_INVALID); //pcode->v_pop_register(T_TMP_REGISTER3); //d_and(T_TMP_EFLAG,T_TMP_REGISTER3); //这时候的OF还在最高位 //pcode->v_pop_register(T_INVALID); //pcode->v_pop_register(T_TMP_REGISTER3); //db(HANDLE.d_push_imm.handle); //dd(0xFFFFF7FF); //pcode->v_pop_register(T_TMP_REGISTER3); //d_or(T_TMP_REGISTER3,T_TMP_REGISTER4); //pcode->v_pop_register(T_INVALID); //pcode->v_pop_register(T_TMP_REGISTER4); d_or(T_TMP_EFLAG,T_TMP_REGISTER4); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_EFLAG); /*pcode->v_push_register(T_TMP_EFLAG); db(HANDLE.push_esp.handle); db(HANDLE.d_read_mem.handle); pcode->v_pop_register(T_TMP_EFLAG); db(HANDLE.b_push_imm.handle); db(20); db(HANDLE.d_shl.handle); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_REGISTER3); d_xor(_register1,T_TMP_REGISTER3); pcode->v_pop_register(T_INVALID); //pcode->v_pop_register(T_TMP_REGISTER3); db(HANDLE.b_push_imm.handle); db(20); db(HANDLE.d_shr.handle); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_REGISTER4); db(HANDLE.d_push_imm.handle); dd(0x800); pcode->v_pop_register(T_TMP_REGISTER3); d_and(T_TMP_REGISTER3,T_TMP_REGISTER4); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_REGISTER3); d_and(T_TMP_EFLAG,T_TMP_REGISTER3); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_REGISTER3); d_or(T_TMP_EFLAG,T_TMP_REGISTER3); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_EFLAG);*/ /////end OF d_and(T_TMP_REGISTER1,T_TMP_REGISTER1); pcode->v_pop_register(T_TMP_REGISTER2); //EFLAG d_or(T_TMP_EFLAG,T_TMP_REGISTER2); pcode->v_pop_register(T_INVALID); /* pcode->v_push_register(T_TMP_EFLAG); db(HANDLE.push_esp.handle); db(HANDLE.d_read_mem.handle); pcode->v_pop_register(T_TMP_EFLAG); db(HANDLE.b_push_imm.handle); db(31); db(HANDLE.d_shr.handle); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_REGISTER3); d_or(T_TMP_REGISTER3,T_TMP_REGISTER2); pcode->v_pop_register(T_INVALID); /* pcode->v_pop_register(T_TMP_REGISTER2); pcode->v_push_register(T_TMP_EFLAG); db(HANDLE.push_esp.handle); db(HANDLE.d_read_mem.handle); pcode->v_pop_register(T_TMP_EFLAG); db(HANDLE.b_push_imm.handle); db(3); db(HANDLE.d_shr.handle); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_REGISTER3); d_and(T_TMP_REGISTER3,T_TMP_REGISTER2); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_REGISTER2); pcode->v_push_register(T_TMP_EFLAG); db(HANDLE.d_push_imm.handle); db(1<<11); pcode->v_pop_register(T_TMP_REGISTER3); d_xor(T_TMP_REGISTER3,T_TMP_REGISTER2); pcode->v_pop_register(T_INVALID); //pcode->v_push_register(T_TMP_REGISTER3); pcode->v_pop_register(T_TMP_REGISTER4); d_and(T_TMP_REGISTER3,T_TMP_REGISTER4); pcode->v_pop_register(T_INVALID); pcode->v_pop_register(T_TMP_REGISTER4); d_or(T_TMP_REGISTER4,T_TMP_REGISTER2); pcode->v_pop_register(T_INVALID);*/ //db(HANDLE.push_esp.handle); //db(HANDLE.d_read_mem.handle); // pcode->v_pop_register(T_EAX); }