VM devirtualization PoC based on AsmJit and llvm

Related tags

Miscellaneous vm_jit
Overview

vm_jit

PoC vm devirtualization based on AsmJit. The binary was taken from YauzaCTF 2021 competition. You are welcome to try to solve it yourself, the binary is in challenge bin folder.

Update 09/07/21

I've made llvm lifter, you can find it in vm_jit/lifter folder. I've also attached devirtualized binaries, you can find them in devirt folder.

Dependencies

This project relies on three libraries zydis, llvm 12 and asmjit. Install them via vcpkg:

vcpkg.exe install zydis
vcpkg.exe install llvm
vcpkg.exe install asmjit

Before

Asmjit version

LLVM version

You might also like...
Per function, Lua JIT using LLVM C++ toolchain

Lua Low Level Brief This is an alternative Lua (5.3.2) implementation that aims to archive better performance by generating native code with the help

TiEtwAgent - PoC memory injection detection agent based on ETW, for offensive and defensive research purposes
TiEtwAgent - PoC memory injection detection agent based on ETW, for offensive and defensive research purposes

TiEtwAgent - ETW-based process injection detection This project was created to research, build and test different memory injection detection use cases

a poc implementation arm64 tracer based on simulation

sim-trace a poc implementation arm64 tracer based on simulation Build Test ndk-build NDK_DEBUG=1 Run Test adb push test /data/local/tmp/test && adb s

Evasive shellcode loader for bypassing event-based injection detection (PoC)
Evasive shellcode loader for bypassing event-based injection detection (PoC)

(cleaned up version here: https://github.com/xinbailu/DripLoader-Ops) DripLoader (PoC) Evasive shellcode loader for bypassing event-based injection de

Evasive shellcode loader for bypassing event-based injection detection (PoC)
Evasive shellcode loader for bypassing event-based injection detection (PoC)

DripLoader (PoC) Evasive shellcode loader for bypassing event-based injection detection, without necessarily suppressing event collection. The project

CVE-2021-4034 POC and Docker and Analysis write up
CVE-2021-4034 POC and Docker and Analysis write up

CVE-2021-4034 POC and Docker and Analysis write up

CVE-2021-3156 POC and Docker and Analysis write up

CVE-2021-3156 [toc] 漏洞简介 漏洞编号: CVE-2021-3156 漏洞产品: sudo 影响版本: 1.8.2-1.8.31sp12; 1.9.0-1.9.5sp1 利用后果: 本地提权 源码获取: https://www.sudo.ws/getting/source/ 环境

CVE-2022-0185 POC and Docker and Analysis write up
CVE-2022-0185 POC and Docker and Analysis write up

CVE-2022-0185 linux 内核提权(逃逸) [toc] 漏洞简介 漏洞编号: CVE-2022-0185 漏洞评分: 漏洞产品: linux kernel - fsconfig syscall 影响范围: linux kernel 5.1-rc1 ~ 5.16.2 利用条件: linu

A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows

WindowsPermsPoC A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows You can build i

Owner
Pavel
Pavel
LLVM IR and optimizer for shaders, including front-end adapters for GLSL and SPIR-V and back-end adapter for GLSL

Licensing LunarGLASS is available via a three clause BSD-style open source license. Goals The primary goals of the LunarGLASS project are: Reduce the

LunarG, Inc. 153 Dec 8, 2022
A simple Jasper interpreter made with Flex, Bison and the LLVM IR

JasperCompiler A simple Jasper interpreter (for now) made with Flex and Bison. Jasper? Jasper is "a scripting language inspired by Haskell, Javascript

Emmanuel 2 Jan 16, 2022
Writing a basic compiler frontend following LLVM's tutorial, with complete added supports Hindi and UTF-8 in general

सारस | SARAS Started with following LLVM's tutorial In development, a hobby project only JIT is broken right now, 'jit' branch par code hai uska Compi

Aditya Gupta 4 May 1, 2022
pluggable tool to convert an unrolled TritonAST to LLVM-IR, optimize it and get back to TritonAST

it is fork from https://github.com/fvrmatteo/TritonASTLLVMIRTranslator *WARNINGS: tested only linux(ubuntu 20.04) and only llvm and clang version 10*

pr4gasm 5 Jun 10, 2022
Collection of C++ containers extracted from LLVM

lvc lvc is a set of C++ containers extracted form LLVM for an easier integration in external projects. To avoid any potential conflit, the llvm namesp

Benjamin Navarro 26 Apr 22, 2022
LLVM bindings for Node.js/JavaScript/TypeScript

llvm-bindings LLVM bindings for Node.js/JavaScript/TypeScript Supported OS macOS Ubuntu Windows Supported LLVM methods listed in the TypeScript defini

ApsarasX 250 Dec 18, 2022
Toy LLVM obfuscator pass

ToyObfuscator Some simple obfuscator ;) (base on llvm-10) Compile Build out-tree pass git clone https://github.com/veritas501/ToyObfuscator.git cd Toy

veritas501 51 Nov 6, 2022
Convert LLVM coverage information into HTML reports

llvm-coverage-to-html converter The clang compiler supports source based coverage tracking, but the default reporting options are very basic. This too

Thomas Neumann 2 Oct 11, 2021
Tobsterlang is a simple imperative programming language, written in C++ with LLVM.

tobsterlang Tobsterlang is a simple imperative programming language, written in C++ with LLVM. One of its distinct features is the fact it uses XML in

TOBSTERA 8 Nov 11, 2021
TypeScriptCompiler - TypeScript Compiler (by LLVM)

TypeScript Native Compiler Powered by Build Demo Chat Room Want to chat with other members of the TypeScriptCompiler community? Example abstract class

Alex D 299 Jan 2, 2023