admin/Ryujin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Begin implementing MBA Obfuscation Pass and bug fixies on RunMiniVMObfuscation

Browse Source 
- Started working on the feature to add a custom standalone pass that adds support for MBA obfuscation in arithmetic operators with guaranteed equivalence and semantics.
- Now Ryujin requires Z3 for MBA Obfuscation equivalence..
- Fixed context and flag handling issues in RunMiniVMObfuscation.
This commit is contained in:
keowu
2025-10-27 21:06:08 -03:00
parent eef3473ab5
commit 0a51b98c8d
2 changed files with 491 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
RyujinCore/Ryujin/RyujinCore/RyujinObfuscationCore.cc
View File

@@ -2702,15 +2702,15 @@ std::vector<ZyanU8> RyujinObfuscationCore::RunMiniVmObfuscation() {
ZydisRegister selected_zydis_reg = safe_unused_registers[reg_dis(gen)];
asmjit::x86::Gp selected_reg = zydisToAsmJitGp(selected_zydis_reg);
a.pushf();
a.push(selected_reg);
a.mov(selected_reg, selected_reg);
a.and_(selected_reg, asmjit::imm(0xFFFFFFFF));
a.add(selected_reg, asmjit::imm(0));
a.pop(selected_reg);
a.popf();
code.flatten();