Skip to content

vmctx/guardian-rs

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Rust

guardian-rs

This is my x86-64 code virtualizer I decided to open-source, although work will continue mostly on a private version, im open to contributions and questions!

Update

after working on the private version for several months there were some critical bugs i discovered and fixed, however due to the private version being basically a complete rewrite im fairly certain i will not update this repo, if you encounter any problems, you can make a pull request with a fix. for anyone that wants to make their own virtualizer i recommend to instead go down the path of jit assembling the vm at protection time via something like icedx86

Obfuscator Features

  • Virtualization of functions within a binary given a .map file
  • Embeds .text section of VM into target binary
  • Easily extendable set of supported instructions

Vm Features

  • Relocation and execution of any not supported instruction via vmexit and reenter.
  • Direct threaded (optional, 'threaded' feature)
  • Preserves GPRs, RFlags and XMM registers
  • Stack Based using dynamically allocated Virtual Stack
  • Seperate CPU stack to prevent stack corruption
  • Conditional Jumps (although incomplete)
  • Manual calculation of RFLAGs (instead of pushfq)
  • Builds as PIE (position independent executeable)

Known Issues:

  • Need to fix relocations for Dlls Since there is a bug in the library im using it seems (exe-rs) I have partially ported to using the object crate to support virtualization of dlls in my private version. I will probably bring this over to the public version soon.

Project Overview

Project Structure

The project is organized into three main components:

  1. Obfuscator: The obfuscator is responsible for lifting x86-64 instructions and integrating the VM. It employs various techniques to obscure the code and enhance the overall security of the virtualized environment. Additionally, the obfuscator patches targeted functions with a redirect to the VM entry, ensuring seamless execution.

  2. VM (Virtual Machine): The VM crate is the core of the virtualization process. It interprets and executes the virtualized x86-64 code.

  3. VM-Build: This crate is used to compile and test the virtual machine.

Getting Started

To build and run the project, we use cargo make, a task runner and build tool for Rust projects. Make sure you have Rust and Cargo installed on your system before proceeding.

Install rust

To start using Rust, download the installer, then run the program and follow the onscreen instructions. You may need to install the Visual Studio C++ Build tools when prompted to do so.

Install and change to rust nightly

Execute the following commands to install the nightly version of Rust:

rustup toolchain install nightly

Installation of cargo-make

In order to install, just run the following command

cargo install --force cargo-make

This will install cargo-make in your ~/.cargo/bin.
Make sure to add ~/.cargo/bin directory to your PATH variable.

Build Steps

  1. Clone the repository:

    git clone https://github.com/felix-rs/guardian-rs.git
  2. Navigate to the project directory:

    cd guardian-rs
  3. Run the build tasks using Cargo Make:

    cargo make build
  4. Run tests to verify everything works as it should:

    cargo make test
  5. To compile the vm as position independent dll (all code in .text section)

    cargo make vm

Usage

> guardian --help
Virtualize x86 PE files

Usage: guardian.exe --in <IN> --out <OUT> --map-file <MAP_FILE> [FUNCTIONS]...

Arguments:
  [FUNCTIONS]...  Array of functions names (demangled) to virtualize

Options:
  -i, --in <IN>              Path to the input file
  -o, --out <OUT>            Path to output destination
  -m, --map-file <MAP_FILE>  Path to .map file
  -h, --help                 Print help
  -V, --version              Print version

Contributing

If you're interested in improving the project feel free to create a PR and if you have any questions u can contact me on discord @vmexec

Credits

License

This project is licensed under the GPL-3.0 License.