PoC для VMProtect (taint based attack)

[pablo]

PoC для проведения taint based атаки на VMProtect

Takes a protected x64 binary, traces the vmprotected function with unicorn and taints the input using bea disassembler and a custom tainter
Tested on simple functions without any branches.

пример, с чем работает:

__declspec(dllexport) uint64_t DoXor(uint64_t a, uint64_t b) { return a ^ b; }

GitHub - pgarba/UniTaint: PoC for a taint based attack on VMProtect

PoC for a taint based attack on VMProtect. Contribute to pgarba/UniTaint development by creating an account on GitHub.

github.com