ASProtect Virtual Machine for marker "UserPolyBuffer".by.PE_Kill

Hmily

[Sources] ASProtect Virtual Machine for marker "UserPolyBuffer"
09/22/2011, 22:00

* What is it? *
This is the original virtual machine code, compile giving the binary
fully binary-and format-compatible with one of the virtual
machine protect executable files ASProtect. This means that the transition
to the virtual machine ASProtect can be replaced by a transition in the resulting
virtual machine and the code is interpreted correctly. In addition, any
entity of the original virtual machine can replace the primitive
resulting in this case too, no error. The source code
is almost completely restored the author's style of programming,
most of the errors and omissions. The most absurd places I marked
the comment "WTF?". The resulting binary has been tested on version 2.58.
* Purpose *
A lot of people do not understand the virtual machine. Who is simply interested in principle.
Who wants to see the code virtual machine commercial protection of executable files.
In this case, the code will be of interest primarily to developers of programs that rely on
the protection of their software tread ASProtect. That is, goal - only research, this is not a decompiler
protection, this is the original interpreter.
* History *
This virtual machine was first used to hide code QuickVM.
QuickVM - a virtual machine that interprets all four types of instructions: call, jmp, jcc, cmp + jcc.
But at the time the device QuickVM already been fully investigated and all that have made ??
the developers ASProtect - a sharp decline in performance throughout the defense.
Therefore, in the very next build of this virtual machine was removed from the code QuickVM.
But, since virtual machine has already been implemented, then it began to be used for markers UserPolyBuffer,
set in the application code. It seems to not come up with new markers, or maybe just for testing.
But, after a short period of time with markers UserPolyBuffer it removed and to protect your code
does not use more generally. In a virtual DLL ASProtect, that is extracted during the launch of the program
in a protected memory, is also used markers UserPolyBuffer. That's for them now and use this virtual machine,
ie It now protects the function of the ASProtect.

Smallhorse

有是E文！！头大哇！！翻译一下给象我一样的E文白菜：错的多！勿喷！！
[来源]ASProtect虚拟机为标志物”UserPolyBuffer”
09/22/2011,22:00

*是什么?*
这是原来的虚拟机器代码,编译给代码
format-compatible完全binary-and和一个虚构的
机器可执行文件ASProtect保护。这意味着过渡
虚拟机可以取代ASProtect转型导致了
虚拟机和代码是正确的解释。此外,任何
单位原有的虚拟机可以代替原始
在这种情况下也产生,没有错误。源代码
几乎完全恢复了作者的编程风格的,
大多数的错误和疏漏。最荒谬的地方,我的标志
评论“事啊。”结果二元已经过测试在2.58版本。
* *的目的
很多人都不理解的虚拟机。谁是简单的兴趣原则。
谁想看到的代码商业保护虚拟机可执行文件的。
在这种情况下,代码的兴趣主要是开发商的程序依赖的
保护他们的软件ASProtect踩。那是,目标,只有研究,这不是一个decompiler
保护,这是原来的翻译。
* *历史
这是第一次使用虚拟机来隐藏代码QuickVM。
QuickVM -一个虚拟机可以解释所有四种类型的产品说明:电话,该科通过就业选配计划,jcc,我社+ jcc。
但在那时设备QuickVM已经充分调查和一切吗? ?
开发者ASProtect——一个急剧下降的表现评分的防守。
因此,在紧接的造的这个虚拟机代码QuickVM被撤职。
但,既然虚拟机已经实施,然后它开始被用于标记UserPolyBuffer,
设置在应用程序的代码。这似乎没有想出新的标记,或者只是在测试中。
但是,在很短的一段时间,它UserPolyBuffer移除,标记来保护你的代码
不使用更普遍。在一个虚拟的DLL ASProtect,那是在发射中提取的计划
在一个受保护的记忆,也可以用于UserPolyBuffer标记。那是他们现在使用这个虚拟机,
即它现在ASProtect保护的作用。