Compare commits
No commits in common. "aa1e34b7d097b9093b65ab3cddda1ef4aacb3c02" and "c9798f4816e6603a9099c43839dbbce4ee23d6af" have entirely different histories.
aa1e34b7d0
...
c9798f4816
@ -5,7 +5,7 @@ Pasticciotto is a virtual machine which can be used to obfuscate code. It was de
|
|||||||
|
|
||||||
I wanted to experiment with VM obfuscation since it was a topic that caught my attention while reversing challenges for various CTFs. So, I decided to write one **from scratch** in order to understand better how instruction set architectures are implemented!
|
I wanted to experiment with VM obfuscation since it was a topic that caught my attention while reversing challenges for various CTFs. So, I decided to write one **from scratch** in order to understand better how instruction set architectures are implemented!
|
||||||
|
|
||||||
The design and the implementation behind Pasticciotto are not state-of-the-art but hey, it works! :D
|
The design and the implementation behind Pasticciotto are not state-of-the-art but hey, it works!
|
||||||
|
|
||||||
# Why "Pasticciotto"?
|
# Why "Pasticciotto"?
|
||||||
In Italian, "Pasticciotto" has two meanings!
|
In Italian, "Pasticciotto" has two meanings!
|
||||||
|
|||||||
@ -105,7 +105,7 @@ int main(int argc, char *argv[]) {
|
|||||||
|
|
||||||
unsigned char opcode_key[] = {0x48, 0x61, 0x76, 0x65, 0x46, 0x75, 0x6e,
|
unsigned char opcode_key[] = {0x48, 0x61, 0x76, 0x65, 0x46, 0x75, 0x6e,
|
||||||
0x21, 0x50, 0x6f, 0x6c, 0x69, 0x43, 0x54,
|
0x21, 0x50, 0x6f, 0x6c, 0x69, 0x43, 0x54,
|
||||||
0x46, 0x32, 0x30, 0x31, 0x37, 0x21, 0x00};
|
0x46, 0x32, 0x30, 0x31, 0x37, 0x21};
|
||||||
|
|
||||||
printf("%s", banner);
|
printf("%s", banner);
|
||||||
printf("\nHmmm...\n");
|
printf("\nHmmm...\n");
|
||||||
|
|||||||
10
vm/vm.cpp
10
vm/vm.cpp
@ -10,7 +10,6 @@ void VM::encryptOpcodes(uint8_t *key) {
|
|||||||
uint32_t i, j, tmp, keysize;
|
uint32_t i, j, tmp, keysize;
|
||||||
keysize = strlen((char *)key);
|
keysize = strlen((char *)key);
|
||||||
|
|
||||||
DBG_INFO(("Using key: %s\n", key));
|
|
||||||
/*
|
/*
|
||||||
RC4 KSA! :-D
|
RC4 KSA! :-D
|
||||||
*/
|
*/
|
||||||
@ -540,7 +539,7 @@ bool VM::execDIVR(void) {
|
|||||||
}
|
}
|
||||||
bool VM::execSHLI(void) {
|
bool VM::execSHLI(void) {
|
||||||
/*
|
/*
|
||||||
SHLI R0, 0x2 | R0 << 2
|
DIVI R0, 0x2 | R0 /= 2
|
||||||
*/
|
*/
|
||||||
uint8_t dst;
|
uint8_t dst;
|
||||||
uint16_t src;
|
uint16_t src;
|
||||||
@ -556,7 +555,7 @@ bool VM::execSHLI(void) {
|
|||||||
}
|
}
|
||||||
bool VM::execSHLR(void) {
|
bool VM::execSHLR(void) {
|
||||||
/*
|
/*
|
||||||
SHLR R0, R1 -> R0 << R1
|
SHLR R0, R1 -> R0 /= R1
|
||||||
*/
|
*/
|
||||||
uint8_t dst;
|
uint8_t dst;
|
||||||
uint8_t src;
|
uint8_t src;
|
||||||
@ -572,7 +571,7 @@ bool VM::execSHLR(void) {
|
|||||||
}
|
}
|
||||||
bool VM::execSHRI(void) {
|
bool VM::execSHRI(void) {
|
||||||
/*
|
/*
|
||||||
SHRI R0, 0x2 | R0 >> 2
|
SHRI R0, 0x2 | R0 /= 2
|
||||||
*/
|
*/
|
||||||
uint8_t dst;
|
uint8_t dst;
|
||||||
uint16_t src;
|
uint16_t src;
|
||||||
@ -588,7 +587,7 @@ bool VM::execSHRI(void) {
|
|||||||
}
|
}
|
||||||
bool VM::execSHRR(void) {
|
bool VM::execSHRR(void) {
|
||||||
/*
|
/*
|
||||||
SHRR R0, R1 -> R0 >> R1
|
SHRR R0, R1 -> R0 /= R1
|
||||||
*/
|
*/
|
||||||
uint8_t dst;
|
uint8_t dst;
|
||||||
uint8_t src;
|
uint8_t src;
|
||||||
@ -898,6 +897,7 @@ void VM::run(void) {
|
|||||||
DBG_ERROR(("LODR FAILED.\n"));
|
DBG_ERROR(("LODR FAILED.\n"));
|
||||||
finished = true;
|
finished = true;
|
||||||
}
|
}
|
||||||
|
regs[IP] += LODR_SIZE;
|
||||||
} else if (opcode == OPS[STRI]) {
|
} else if (opcode == OPS[STRI]) {
|
||||||
ret = execSTRI();
|
ret = execSTRI();
|
||||||
if (ret) {
|
if (ret) {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user