Skip to content

Commit

Permalink
#1130: Add others VMProtect junk codes as unittests
Browse files Browse the repository at this point in the history
  • Loading branch information
@JonathanSalwan
JonathanSalwan committed May 27, 2022
1 parent a556899 commit 3314be4
Showing 1 changed file with 130 additions and 0 deletions.
130 changes: 130 additions & 0 deletions src/testers/unittests/test_dead_store_elimination.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ def setUp(self):

def test_inst1(self):
self.ctx.setArchitecture(ARCH.X86_64)
# Code from VMProtect
block = BasicBlock([
Instruction(b"\x66\xd3\xd7"), # rcl di, cl
Instruction(b"\x58"), # pop rax
Expand Down Expand Up @@ -149,3 +150,132 @@ def test_inst4(self):
'0x3: pop edx\n'
'0x4: popfd\n'
'0x5: pop eax')


def test_inst5(self):
self.ctx.setArchitecture(ARCH.X86_64)
# Code from VMProtect
block = BasicBlock([
Instruction(b"\x48\x89\xec"), # mov rsp, rbp
Instruction(b"\x40\xc0\xde\xaa"), # rcr sil, 0xaa
Instruction(b"\x41\x59"), # pop r9
Instruction(b"\x41\x80\xc4\xb8"), # add r12b, 0xb8
Instruction(b"\x41\x5d"), # pop r13
Instruction(b"\x4d\x0f\xa3\xd2"), # bt r10, r10
Instruction(b"\x41\x5e"), # pop r14
Instruction(b"\x45\x88\xd4"), # mov r12b, r10b
Instruction(b"\x44\x0f\xb7\xc7"), # movzx r8d, di
Instruction(b"\x5b"), # pop rbx
Instruction(b"\x41\x5c"), # pop r12
Instruction(b"\x48\xff\xcd"), # dec rbp
Instruction(b"\x41\x5a"), # pop r10
Instruction(b"\x58"), # pop rax
Instruction(b"\x41\x80\xf8\xce"), # cmp r8b, 0xce
Instruction(b"\x5f"), # pop rdi
Instruction(b"\x45\x10\xd7"), # adc r15b, r10b
Instruction(b"\x5a"), # pop rdx
Instruction(b"\xb5\x73"), # mov ch, 0x73
Instruction(b"\xf6\xd5"), # not ch
Instruction(b"\x41\x5b"), # pop r11
Instruction(b"\x66\x41\x81\xc0\xbe\x9b"), # add r8w, 0x9bbe
Instruction(b"\x40\xd2\xee"), # shr sil, cl
Instruction(b"\xf8"), # clc
Instruction(b"\x59"), # pop rcx
Instruction(b"\x5d"), # pop rbp
Instruction(b"\x66\x41\x0f\xbe\xf6"), # movsx si, r14b
Instruction(b"\x40\xd2\xce"), # ror sil, cl
Instruction(b"\x41\x58"), # pop r8
Instruction(b"\x41\x5f"), # pop r15
Instruction(b"\x48\x0f\xba\xe6\x0b"), # bt rsi, 11
Instruction(b"\x9d"), # popfq
Instruction(b"\x5e"), # pop rsi
Instruction(b"\xc3"), # ret
])
self.ctx.disassembly(block)
sblock = self.ctx.simplify(block)
self.ctx.disassembly(sblock, 0x83dbc6)
self.assertEqual(str(sblock), '0x83dbc6: mov rsp, rbp\n'
'0x83dbc9: pop r9\n'
'0x83dbcb: pop r13\n'
'0x83dbcd: pop r14\n'
'0x83dbcf: pop rbx\n'
'0x83dbd0: pop r12\n'
'0x83dbd2: pop r10\n'
'0x83dbd4: pop rax\n'
'0x83dbd5: pop rdi\n'
'0x83dbd6: pop rdx\n'
'0x83dbd7: pop r11\n'
'0x83dbd9: pop rcx\n'
'0x83dbda: pop rbp\n'
'0x83dbdb: pop r8\n'
'0x83dbdd: pop r15\n'
'0x83dbdf: popfq\n'
'0x83dbe0: pop rsi\n'
'0x83dbe1: ret')

def test_inst6(self):
self.ctx.setArchitecture(ARCH.X86_64)
# Code from VMProtect
block = BasicBlock([
Instruction(b"\x48\x89\xec"), # mov rsp, rbp
Instruction(b"\x41\x59"), # pop r9
Instruction(b"\x41\x5d"), # pop r13
Instruction(b"\x41\x5e"), # pop r14
Instruction(b"\x66\x45\x85\xe8"), # test r8w, r13w
Instruction(b"\x41\x0f\xa3\xe2"), # bt r10d, esp
Instruction(b"\x5b"), # pop rbx
Instruction(b"\x66\x98"), # cbw
Instruction(b"\x41\xd2\xe3"), # shl r11b, cl
Instruction(b"\x41\x5c"), # pop r12
Instruction(b"\x41\x5a"), # pop r10
Instruction(b"\x66\x41\x81\xf0\x51\xbe"), # xor r8w, 0xbe51
Instruction(b"\xf9"), # stc
Instruction(b"\x58"), # pop rax
Instruction(b"\x66\x41\x0f\xab\xf3"), # bts r11w, si
Instruction(b"\x5f"), # pop rdi
Instruction(b"\x41\xf6\xdf"), # neg r15b
Instruction(b"\x66\x45\x0f\xbc\xc4"), # bsf r8w, r12w
Instruction(b"\x5a"), # pop rdx
Instruction(b"\x66\x0f\xba\xfd\x0c"), # btc bp, 12
Instruction(b"\x45\x09\xd3"), # or r11d, r10d
Instruction(b"\x41\x5b"), # pop r11
Instruction(b"\x81\xc6\x83\x0f\x7f\xff"), # add esi, 0xff7f0f83
Instruction(b"\x48\x81\xdd\x6d\x28\xe7\x7d"), # sbb rbp, 0x7de7286d
Instruction(b"\x59"), # pop rcx
Instruction(b"\x5d"), # pop rbp
Instruction(b"\x66\x45\x0f\x46\xc5"), # cmovbe r8w, r13w
Instruction(b"\x66\x41\xff\xc8"), # dec r8w
Instruction(b"\x66\x45\x0f\xbe\xfd"), # movsx r15w, r13b
Instruction(b"\x41\x58"), # pop r8
Instruction(b"\x40\xd2\xee"), # shr sil, cl
Instruction(b"\x40\x0f\x9b\xc6"), # setnp sil
Instruction(b"\x41\x5f"), # pop r15
Instruction(b"\x49\x0f\xbf\xf6"), # movsx rsi, r14w
Instruction(b"\xf8"), # clc
Instruction(b"\x9d"), # popfq
Instruction(b"\x40\x0f\x90\xc6"), # seto sil
Instruction(b"\x49\x0f\xb7\xf1"), # movzx rsi, r9w
Instruction(b"\x5e"), # pop rsi
Instruction(b"\xc3"), # ret
])
self.ctx.disassembly(block)
sblock = self.ctx.simplify(block)
self.ctx.disassembly(sblock, 0x10000)
self.assertEqual(str(sblock), '0x10000: mov rsp, rbp\n'
'0x10003: pop r9\n'
'0x10005: pop r13\n'
'0x10007: pop r14\n'
'0x10009: pop rbx\n'
'0x1000a: pop r12\n'
'0x1000c: pop r10\n'
'0x1000e: pop rax\n'
'0x1000f: pop rdi\n'
'0x10010: pop rdx\n'
'0x10011: pop r11\n'
'0x10013: pop rcx\n'
'0x10014: pop rbp\n'
'0x10015: pop r8\n'
'0x10017: pop r15\n'
'0x10019: popfq\n'
'0x1001a: pop rsi\n'
'0x1001b: ret')

0 comments on commit 3314be4

Please sign in to comment.