2010
02.18

TitanEngine simplification project

Category: Reversing, ReversingLabs, TitanEngine / Tag:  / Add Comment
blah

With over 385 functions, TitanEngine is surely overwhelming at first sight. To help you get over this initial barrier we have included many sample applications with the TitanEngine SDK. However that still involves learning the use of 20 - 30 functions and the general layout we envisioned for our dynamic unpackers. And even this can be a lot for someone who wants to perform simple tasks such as creating an unpacker for FSGĀ packer. With that in mind, we designed a basic set of 5 functions that are simple to use, because they automate most of the steps needed to create simple dynamic unpackers. These 5 new functions create the debugging process, search for patterns, set breakpoints and handle the memory dumping and file fixing steps.

To demonstrate what is coming in the next TitanEngine 2.0.3 release we asked one of our reverse engineers to show us how he would create an unpacker for FSG using these new functions. This sngle breath video capture, which only took 16 minutes to make, shows how to create a simple FSG 2.0 unpacker from scratch, for the first time showing the entire unpacker coding process. We have accelerated the video 4x for your viewing pleasure. The final result of this exercise is a fully functional FSG 2.0 unpacker - in only 40 lines of code.

This is just one of the features that you can expect to see in the next TitanEngine major version upgrade. Stay tuned for more...

VN:F [1.9.3_1094]
Rating: +5 (from 5 votes)
  • Share/Bookmark
  1. Ange said: 2010.02.19 05:17

    not sure I got it right, is it actually 16 min for FSG *dynamic* unpacking ?
    like, run until ff 63 0c, step, dump ?

    static, I’d understand.

    VA:F [1.9.3_1094]
    Rating: 0 (from 0 votes)
  2. Ange said: 2010.02.19 05:24

    Just checked the video – at least, it’s a full featured unpacker, with identification, copyright string, etc ;)

    good stuff

    VA:F [1.9.3_1094]
    Rating: 0 (from 0 votes)
  3. admin said: 2010.02.19 05:56

    The whole process of coding an unpacker took 16 minutes, unpacker execution is under a second.

    VN:F [1.9.3_1094]
    Rating: 0 (from 0 votes)
    • Ange said: 2010.02.19 07:39

      yeah, I wasn’t clear.
      I was talking about the writing, not the actual execution, hopefully ;)

      VA:F [1.9.3_1094]
      Rating: 0 (from 0 votes)
  4. mc said: 2010.02.21 03:29

    As one could see in the video it’s just a matter of typing speed and not the engine’s fault since there aren’t that much engine functions to call. :) I think that 16 minutes are just fine.

    The simplification looks promising, thanks for the news!

    VA:F [1.9.3_1094]
    Rating: 0 (from 0 votes)