1
0
mirror of https://github.com/bitdefender/bddisasm.git synced 2024-11-18 13:38:07 +00:00
Commit Graph

14 Commits

Author SHA1 Message Date
Andrei Vlad LUTAS
f6050661d5 Multiple improvements in bdshemu
Fixed an emulation bug for MOVZX and MOVSX instructions (https://github.com/bitdefender/bddisasm/issues/48)
New shellcode flag - call tot Wow32 reserved.
New shellcode flag - heaven's gate.
New shellcode flag - stack-pivot.
Moved bdshemu tests in a password protected zip file, so it doesn't trigger AV detections.
2021-08-10 11:43:51 +03:00
Andrei Vlad LUTAS
072f6e059b Build improvements
Exclude string constants from build if BDDISASM_NO_FORMAT is defined.
Use extern "C" when declaring the public bddisasm/bdshemu functions.
Include wmmintrin.h for AES intrinisics when building using LLVM/clang.
2021-05-17 09:52:04 +03:00
Andrei Vlad LUTAS
f7bf814bbc Flag the rIP operand of conditional branches as being conditionally read/write instead of plain read/write.
Bypass self-writes option in bdshemu - if set, bdshemu will not proceed to commit modifications made by the shellcode to itself.
2021-05-17 09:04:34 +03:00
Andrei Vlad LUTAS
15e5e2db63 Fixed several RFLAGS setting issues with airthmetic and shift instructions. 2021-02-23 18:11:40 +02:00
Andrei Vlad LUTAS
f8a3011a49 Added support for AESDEC, AESDECLAST and AESIMC emulation, using compiler intrinsics - they will be used only if the SHEMU_OPT_SUPPORT_AES is set (so the integrator can properly check for AES-NI support in hardware).
Fixed shemu option on Linux - make sure proper RIP is provided.
2020-12-04 10:52:56 +02:00
Ionel-Cristinel ANICHITEI
c1c3770cc6 Move bdhsemu.h to inc/ 2020-11-17 16:05:40 +02:00
Andrei Vlad LUTAS
24ae7782d6 Fixed some static code check warnings. 2020-09-21 12:16:45 +03:00
Andrei Vlad LUTAS
ea28907359 Fix potential division error in bdshemu, when the destination operand is not large enough to hold the result. 2020-08-27 16:25:39 +03:00
Andrei Vlad LUTAS
d61a6fa5dd * INC/DEC do not modify the CF.
* Fixed FXSAVE64, PUSHAD and POPAD emulation - when explicit mnemonics were added for them, emulation support was not added, thus causing emulation to stop when encountering one of these.
2020-08-19 19:14:22 +03:00
Andrei Vlad LUTAS
1d43b7b1ba Improved stack string detection heuristic: only consider registers which have been modified during emulation; registers which were provided as "input" can be ignored, as they most likely contain addresses or other data relevant to the emulated code. We are only interested in string dynamically built during our emulation. 2020-08-11 09:26:48 +03:00
Andrei Vlad LUTAS
144baa5140 Renamed REG_* fields to NDR_*, so that we don't conflict with _GNU_SOURCES. 2020-07-29 11:05:27 +03:00
Andrei Vlad LUTAS
d11fe85599 Improved linear address computation in bdshemu. 2020-07-24 23:11:36 +03:00
Andrei Vlad LUTAS
7ddf7e448a Apply address size override to gla computation. 2020-07-23 16:19:08 +03:00
Andrei Vlad LUTAS
698ba367a1 Initial commit. 2020-07-21 11:19:18 +03:00