Jump to content
Tuts 4 You

TitanScript


cypher

Recommended Posts

  • 3 months later...
  • Replies 53
  • Created
  • Last Reply

Top Posters In This Topic

  • cypher

    19

  • mrexodia

    9

  • SmilingWolf

    6

  • LCF-AT

    6

Top Posters In This Topic

Popular Posts

For testing I created an automatic unpacker for MPRESS x64. Attached an unpackme + script + complete working environment. Screenshot: Greetings, Mr. eXoDia MPRESSx64Unpacker.rar

Hey folks,   here comes something not very new but polished up (DLL existed since 2009 but now its usable with the TitanEngine Community Edition)   What is TitanScript: TS is a plugin for t

redownload the GUI, I fixed a memory error but there was already 1 download, probably by you   concerning the script, I will have a look at it.   What do you mean by "not used the original Ol

Posted Images

Hi everyone,


 


Thank you for all nice app. I tried to Debug everything OK but seem that it not patch the original xxx.exe !


 


How I can get a xxx.exe after running TitanScriptGui ?


 


If TitanScript can be a plugins for x64dbg like OllyDbg and OllyScripts ?


 


Thank you for your help.


Link to post
mrexodia

@BangGun: I have no clue what you're talking about with the patch thing.

But to answer to your x64_dbg question: x64_dbg has it's own scripting language. See the script tab. If you have command requests, feel free to add them in http://issues.x64dbg.com. We will implement them as soon as possible. If you have questions about commands that the help (http://help.x64dbg.com) cannot answer, feel free to create a topic in the x64_dbg forum here or send me a pm.

Greetings

Link to post
  • 11 months later...

Fixed up some bugs with exec command that caused following BPs not to be hit. and some other things. Attached rar includes TS v004

 

attached is a working script for unpacking/dumping/auto-fixing Armadillo 8.60 + DebugBlocker. (no nanomites, no iat elim, no code-splicing. )

Tested on Win7 32bit & XP 32bit

 

This is more complex test and you should see how easy it is to fix up your own scripts to work with TS without the need to run them in Olly.

Uses EXEC/ENDE, BP, BPRM, CALL, EVAL...., and special commands PastePEHeader to paste original PE Header and DNF to dump + autofix. These two commands are the only things that were added. Without, this script is 100% the same as it runs in Olly

I think the script does not work as it should...

 The OEP is wrong.

From your script result (RVA):

000073AC

The corect one is:

0000739D

A nice feature will be a wider box because the text is crowded and a step by step execution button or key would be nice also.

yyyyy.rar

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...