Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Issues with TitanEngine StepInto()

xSRTsect
xSRTsect
in Programming and Coding

Featured Replies

Posted

As far as I can understand StepInto() function in titanengine steps into a instruction and contains a call back to execute after stepping into has been done. My code doesn't do what I want, wich is basically keep in a vector all instructions it executes until reaching handler_start.




void vm::DoNothing(){
}

std::vector<std::string> vm::fetch_handler(){

	std::vector<std::string> handler;

	std::string disasm;

	static uint32_t eip_control = GetContextData(UE_EIP);

	void* dbg = 0;

	do {

		eip_control = GetContextData(UE_EIP);

		disasm.assign((const char*)Disassemble((LPVOID)eip_control));

		handler.push_back(disasm);

		StepInto(&DoNothing);

		dump_ << disasm <<std::endl;

	} while (eip_control != handler_start);
	return handler;

}

Basically GetContextData() doesn't really change the value of eip_control, making me think that the StepInto() did actually nothing. What do you think its wrong?


 


Best Regards.


Hi,


 


First of all I recommend compiling the latest TitanEngine yourself (in case you didn't do that already).


 


StepInto returns immediately, it only sets a few internal values. A blogpost of mine should give a little information about how TitanEngine works internally. http://mrexodia.cf/x64_dbg/2014/12/24/x64_dbg-from-top-to-bottom-1



Basically the callback you set will be called inside the debug loop, so code should look something like this:


void cbStep()

{

    StepInto((void*)cbStep); //returns immediately

    //log here

}

 

void cbEntryPoint()

{

    cbStep();

}

 

void Debug()

{

    //initialize some stuff here

    InitDebug(filename, cmdline, (void*)cbEntryPoint);

    DebugLoop(); //this one will not return until the program is terminated

}

 


Full example: https://forum.tuts4you.com/topic/34308-sdk-example-x64-mpresspespin-unpacker/


 


Greetings


    •
    • Like 1
    • Author

    Yeah - I have changed it to something like 



    
void vm::cbOn_get_h(){
    
	handler_f.clear();
    
	fetch_handler();
    
	dump_ << std::endl;
    
}
void vm::fetch_handler(){
	std::string disasm;
    
	static uint32_t eip_control = GetContextData(UE_EIP);
    
	eip_control = GetContextData(UE_EIP);
    
	disasm.assign((const char*)Disassemble((LPVOID)eip_control));
    
	handler_f.push_back(disasm);
    
	if (eip_control != handler_start){
    
		StepInto(&fetch_handler);
    
	}
    
	dump_ << disasm <<std::endl;
}

    And it seems to be working thank you.


    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.