Lightemerald/windows-user-space-emulator
2
0
Fork 0
mirror of https://github.com/momo5502/emulator.git synced 2026-01-18 03:13:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,030 Commits 2 Branches 0 Tags
fdab8cd5ecdf3b35a1bd4dbb0511241aa37ee57f
Commit Graph

751 Commits

Author SHA1 Message Date
momo5502
fdab8cd5ec Extend APC test 2025-04-13 13:39:09 +02:00
momo5502
82227e4d41 Prepare NtQueueApcThreadEx2 support 2025-04-13 13:39:08 +02:00
momo5502
9609a550e0 Add APC test 2025-04-13 13:39:08 +02:00
momo5502
71e8aab913 Ignore linter warnings 2025-04-13 13:39:08 +02:00
momo5502
c0252a5f71 Add partial NtContinueEx support 2025-04-13 13:39:08 +02:00
momo5502
f58dec38a2 Prepare APC support 2025-04-13 13:39:08 +02:00
momo5502
8e0e81c02d Less intrusive AFD logging 2025-04-12 19:26:07 +02:00
momo5502
1f1e6f4ac4 Upgrade reflect 2025-04-12 16:46:30 +02:00
Maurice Heumann
ebbcf33932 Fix root creation batch file 2025-04-12 10:30:12 +02:00
momo5502
4efb9fce18 Add batch files again with correct line endings 2025-04-12 10:22:25 +02:00
momo5502
6e254a2b48 Remove batch files 2025-04-12 10:22:01 +02:00
momo5502
b701d44e90 Disable AVX2 for samples 2025-04-12 08:26:38 +02:00
momo5502
d0a24ac65c Remove dependencies from sample 2025-04-12 08:09:19 +02:00
momo5502
891dafaf26 Cleanup file syscalls 2025-04-11 21:05:11 +02:00
momo5502
facfe2b6bf More system information syscall cleanup 2025-04-11 17:59:30 +02:00
momo5502
915b31c093 Cleanup system information syscalls 2025-04-11 17:44:57 +02:00
momo5502
2c1edc819d Group backend targets 2025-04-11 17:33:38 +02:00
RektInator
8bc49bdd03 refactor(windows-emulator/syscalls): partial refactor of syscalls.cpp, splits syscall implementations over multiple files 2025-04-11 16:42:00 +02:00
Maurice Heumann
1751ec6e9a Group backends in a dedicated source directory (#189) 2025-04-11 09:25:51 +02:00
momo5502
d409c08ef6 Restructure backends 2025-04-11 08:58:49 +02:00
Soham Nandy
ea7f6a68c8 Use auto for timestamp_counter tick type 
Co-authored-by: Maurice Heumann <MauriceHeumann@gmail.com>
 2025-04-11 12:12:56 +05:30
Soham Nandy
640cd500c3 fix typo on time.hpp 
Co-authored-by: Maurice Heumann <MauriceHeumann@gmail.com>
 2025-04-11 12:12:31 +05:30
Soham Nandy
daeefb4a7f refactor(rdtsc): clean up code overall 
Change type of chrono return to be auto

Co-authored-by: Maurice Heumann <MauriceHeumann@gmail.com>

simplify conditional compile and add #else to prevent clang-tidy breaking CI

Co-authored-by: Maurice Heumann <MauriceHeumann@gmail.com>
 2025-04-11 06:39:01 +05:30
Soham Nandy
55f29caf0f Revert "refactor: better conditional compilation on time.hpp" 
This reverts commit 3bb599d356.
 2025-04-11 02:26:28 +05:30
Soham Nandy
3bb599d356 refactor: better conditional compilation on time.hpp 2025-04-11 02:21:22 +05:30
Soham Nandy
0271e39474 refactor(rdtsc): clean up tick logic, 
fix intrinsics, and resolve x86 compiler issues

- fix `time.hpp` compiler warnings (errors) and use proper intrinsic for gcc
- simplify tick calculation logic
- fix: exclude intrinsics include for non x86 builds and fix style
- fix: get() on clock_ unique ptr
 2025-04-11 01:46:52 +05:30
Soham Nandy
dbc1b4439e feat: spoof rdtsc timings 
Previously, RDTSC in the VM always returned a constant value, which broke any non deterministic timing-based operations, or caused detections in heuristics of malware and ANTI-VM tools.

This patch introduces a spoofed rdtsc_fake counter that tracks and adjusts timing deltas to simulate realistic TSC increments. Can be extended to simulate rdtsc timings based on CPU clock speed.
 2025-04-10 06:58:01 +05:30
João Lucas
ac76a3ffd3 chore: improve momo_strip_target and add unicord-emulator and windows-emulator-test 2025-04-09 11:00:04 -03:00
Maurice Heumann
d73be6b656 Switch back to main icicle repo 2025-04-09 07:02:38 +02:00
momo5502
b9c4cf98ad Disable icicle jit 2025-04-08 20:29:53 +02:00
momo5502
9e8f921be1 Add emulator names 2025-04-08 20:29:53 +02:00
Maurice Heumann
67d34b3988 Small fix 2025-04-08 10:17:05 +02:00
momo5502
f1101cc90d Fix module lookup 2025-04-07 21:04:06 +02:00
momo5502
3c58c1af98 Log debug strings 2025-04-07 21:03:57 +02:00
momo5502
62c972333a Support ignoring multiple functions 2025-04-07 19:01:10 +02:00
Maurice Heumann
73c37eaeb1 Fix NtQueryInformationProcess ProcessDebugFlags 2025-04-07 15:47:00 +02:00
Maurice Heumann
66a529cf43 More logging 2025-04-07 15:36:25 +02:00
Maurice Heumann
f087d3998a Ignore certain function calls 2025-04-07 15:17:52 +02:00
Maurice Heumann
787410ff33 Remove IP skip check 2025-04-07 07:52:02 +02:00
Maurice Heumann
baad36ccf2 Support interrupt hooks 2025-04-07 07:24:46 +02:00
momo5502
1ed997445d Fix IRETQ instruction 2025-04-06 20:56:28 +02:00
momo5502
e8ac70f0d0 Use ghidra spec from icicle-python 
--> https://github.com/icicle-emu/icicle-python
 2025-04-06 20:55:51 +02:00
momo5502
5fde8c033d Fix hooks 
This fixes #180
 2025-04-06 20:01:18 +02:00
momo5502
cacf2c152c Fix single stepping after breakpoints 2025-04-06 17:50:02 +02:00
momo5502
e40e1bfb83 Ugly hack to *sometimes* fix instruction skipping 2025-04-06 10:46:21 +02:00
momo5502
3450a6a517 Fix reading/writing eflags 2025-04-06 09:44:46 +02:00
momo5502
320af6bb46 Support GDB stepping 
...almost :(
 2025-04-06 09:44:05 +02:00
momo5502
ed711197ae Fix GDB debugging with icicle 2025-04-05 16:15:56 +02:00
momo5502
bfb9760d29 Fix unicorn read hook 2025-04-05 15:58:34 +02:00
momo5502
3978eeed2a Finish execution hook support 2025-04-05 15:28:14 +02:00