wallds
commented
1 year ago hi,
The URL is from a private repository I can't access.
Closed smrbi closed 1 year ago
wallds
commented
1 year ago hi,
The URL is from a private repository I can't access.
smrbi
commented
1 year ago excuse,
this link can dl
https://github.com/smrbi/public/blob/main/test.7z
wallds
commented
1 year ago pip install capstone==4.0.2
Do not use the latest version of capstone. Installing version 4.0.2 of capstone can fix this issue.
smrbi
commented
1 year ago Solved my problem by change capstone version Thanks dear.
Hello dear,
I compile and install to IDA7.6 and test on vmprotect v3.5 sample, this is log in IDA ea: 0x1401a39cf vmstate.ip: 140099645 0 140099645| pop_reg8 vm_r19q ...... -8 1400992D0| jmp CC null VJMP [(0x14009762b+qword[$sp#0x1400993b1?]#0x1400993b1?)] 0 14009762C| unknown 80 Traceback (most recent call last): File "G:\Softwares/CrackTools/!Disassembler/IDA Pro 7.6/plugins\novmpy\ui.py", line 17, in activate vtil_graph.show_graph(ea) File "G:\Softwares/CrackTools/!Disassembler/IDA Pro 7.6/plugins\novmpy\views\vtil_graph.py", line 462, in show_graph lifter.lift_il(None, VMState(current_handler=ea)) File "G:\Softwares/CrackTools/!Disassembler/IDA Pro 7.6/plugins\novmpy\vm_lifter.py", line 213, in lift_il self.lift_il(block.fork(target), tmp_state2) File "G:\Softwares/CrackTools/!Disassembler/IDA Pro 7.6/plugins\novmpy\vm_lifter.py", line 213, in lift_il self.lift_il(block.fork(target), tmp_state2) File "G:\Softwares/CrackTools/!Disassembler/IDA Pro 7.6/plugins\novmpy\vm_lifter.py", line 149, in lift_il h.generator(i, block) File "G:\Softwares/CrackTools/!Disassembler/IDA Pro 7.6/plugins\novmpy\handler.py", line 161, in generator raise NotImplementedError(str(ins)) NotImplementedError: 14009762C| unknown 80
myEXE: https://github.com/smrbi/vb6Proj/blob/main/testx64.vmp.7z
IDA LOG: https://github.com/smrbi/vb6Proj/blob/main/IDALog.7z