oberrich
f7410a083a
Fix typo in bdshemu.c
2024-02-26 05:13:24 +01:00
Andrei Vlad LUTAS
fad9c7e35c
BDDISASM v2.1.0 release - please consult the CHANGELOG for details about the modifications.
2024-02-20 13:39:22 +02:00
BITDEFENDER\vlutas
f293c936ee
Optimized ror/rol/rcr/rcl instruction emulation - don't use slow loops anymore.
2023-06-01 21:28:30 +03:00
BITDEFENDER\vlutas
b109990ba2
Removed some unneeded code.
2022-08-09 20:15:30 +03:00
BITDEFENDER\vlutas
47da322ea5
Improved upper bits handling for SSE/AVX operations.
...
Improved POPF handling when 16 bit operand size is used.
Fixed typo in PUNPCKLBW emulation.
2022-08-09 20:02:45 +03:00
BITDEFENDER\vlutas
2fc491d51d
Handle reserved bits in RFLAGS when setting the entire register value.
2022-08-08 12:02:00 +03:00
BITDEFENDER\vlutas
f62c8a2238
https://github.com/bitdefender/bddisasm/issues/70 - fixed OF setting on ROR.
2022-08-01 15:46:38 +03:00
BITDEFENDER\vlutas
d3fd900903
Fixed OF on SHL and SHR with one bit shifts.
2022-08-01 14:13:27 +03:00
BITDEFENDER\vlutas
bf81c647e3
Make sure all flags are set for CMPXCHG (this was left intentionally incomplete).
...
Make sure we clear upper bits of the 256/512 bit SSE register.
2022-07-19 11:03:17 +03:00
BITDEFENDER\vlutas
6dda2c122c
Make sure upper 32 bit of a CMOV destination register is cleared to 0 even if the condition is not satisfied
2022-07-16 12:21:46 +03:00
BITDEFENDER\vlutas
1805a9edec
Fixed flag setting for ADC, SBB, SAR and IMUL instructions.
2022-07-14 13:42:37 +03:00
BITDEFENDER\vlutas
fe6a937f51
Switched to internally defined types.
...
WRUSSD and WRUSSQ cannot be executed when CPL != 0.
2022-01-05 14:03:13 +02:00
BITDEFENDER\vlutas
412f065965
Moved the formatting function in a dedicated source file.
...
Added support for SIDT and RDTSC in bdshemu.
2021-10-19 17:33:15 +03:00
Andrei Vlad LUTAS
5a617986b7
Added new shemu flag: SHEMU_FLAG_SUD_ACCESS is raised whenever the code accesses the SharedUserData page.
2021-08-16 12:34:41 +03:00
Andrei Vlad LUTAS
c8735b437a
Fixed NEG emulation - make sure flags are set.
2021-08-10 14:46:39 +03:00
Andrei Vlad LUTAS
f6050661d5
Multiple improvements in bdshemu
...
Fixed an emulation bug for MOVZX and MOVSX instructions (https://github.com/bitdefender/bddisasm/issues/48 )
New shellcode flag - call tot Wow32 reserved.
New shellcode flag - heaven's gate.
New shellcode flag - stack-pivot.
Moved bdshemu tests in a password protected zip file, so it doesn't trigger AV detections.
2021-08-10 11:43:51 +03:00
Andrei Vlad LUTAS
072f6e059b
Build improvements
...
Exclude string constants from build if BDDISASM_NO_FORMAT is defined.
Use extern "C" when declaring the public bddisasm/bdshemu functions.
Include wmmintrin.h for AES intrinisics when building using LLVM/clang.
2021-05-17 09:52:04 +03:00
Andrei Vlad LUTAS
f7bf814bbc
Flag the rIP operand of conditional branches as being conditionally read/write instead of plain read/write.
...
Bypass self-writes option in bdshemu - if set, bdshemu will not proceed to commit modifications made by the shellcode to itself.
2021-05-17 09:04:34 +03:00
Andrei Vlad LUTAS
15e5e2db63
Fixed several RFLAGS setting issues with airthmetic and shift instructions.
2021-02-23 18:11:40 +02:00
Andrei Vlad LUTAS
f8a3011a49
Added support for AESDEC, AESDECLAST and AESIMC emulation, using compiler intrinsics - they will be used only if the SHEMU_OPT_SUPPORT_AES is set (so the integrator can properly check for AES-NI support in hardware).
...
Fixed shemu option on Linux - make sure proper RIP is provided.
2020-12-04 10:52:56 +02:00
Ionel-Cristinel ANICHITEI
c1c3770cc6
Move bdhsemu.h to inc/
2020-11-17 16:05:40 +02:00
Andrei Vlad LUTAS
24ae7782d6
Fixed some static code check warnings.
2020-09-21 12:16:45 +03:00
Andrei Vlad LUTAS
ea28907359
Fix potential division error in bdshemu, when the destination operand is not large enough to hold the result.
2020-08-27 16:25:39 +03:00
Andrei Vlad LUTAS
d61a6fa5dd
* INC/DEC do not modify the CF.
...
* Fixed FXSAVE64, PUSHAD and POPAD emulation - when explicit mnemonics were added for them, emulation support was not added, thus causing emulation to stop when encountering one of these.
2020-08-19 19:14:22 +03:00
Andrei Vlad LUTAS
1d43b7b1ba
Improved stack string detection heuristic: only consider registers which have been modified during emulation; registers which were provided as "input" can be ignored, as they most likely contain addresses or other data relevant to the emulated code. We are only interested in string dynamically built during our emulation.
2020-08-11 09:26:48 +03:00
Andrei Vlad LUTAS
144baa5140
Renamed REG_* fields to NDR_*, so that we don't conflict with _GNU_SOURCES.
2020-07-29 11:05:27 +03:00
Andrei Vlad LUTAS
d11fe85599
Improved linear address computation in bdshemu.
2020-07-24 23:11:36 +03:00
Andrei Vlad LUTAS
7ddf7e448a
Apply address size override to gla computation.
2020-07-23 16:19:08 +03:00
Andrei Vlad LUTAS
698ba367a1
Initial commit.
2020-07-21 11:19:18 +03:00