there are no relocations in section "relocation targets/and current value"/exe_info.txt(line 721) targeting this block I've extracted the exe-header and relocation table information with one of my own tools This is the block that changes on game_unp.exe load in debugger Open the game_unp.exe in your favorit hex-editor and go to fileoffset: 0x106E3 length: 0x115B, block is mostly 0 but there are some ?.? dos-file-find strings at the end game_ (header, relocations and layout of the exe, output from exe_info.cpp).exe_info.exe (compiled with VS2010 cl, shows info of game_unp.exe).exe_info.cpp (small tool to parse a dos mz exe, not nice but working).dosbox.MEMDUMP_at_start.hxd (memdumpbin of this block wihtout running any code) - small changes that i want to understand.game_unp.exe_block.hxd (the original block from game_unp.exe (fileoffset: 0x106E, length: 0x115B) that get mysteriously changed on debugger load).game.exe (original game.exe - but without game data, so not playable but enough for helping me).dosbox.exe (not too old svn heavy debug release build, VS2010), nf and SDL.dll -> Win7/圆4, but a linux dosbox debug build should also work.Its not targeted by any relocation in the relocation table (and btw its getting completely overwritten by second call from start)īut when i load the game in dosbox-debug i can see (before executing anything) that parts of the 0x115B bytes block have alreadyĬhanged a little and i can't figure out how that happened The data area i need to overwrite in the game_unp.exe to get rid of runtime initialization is at fileoffset: 0x106E, length: 0x115B, running in dosbox-debug its at dseg(with my load segment: 0x11B8):0x143 try to integrate the mcga-code directly into the exe to ease the ida analyse.Īnd now im struggeling with step 4 :) - BUT in a very very early phase - so to help me NO knowledge of the whole process/dependencies is needed (i hope) is working result in short: i need to prepare some data, patch the second called function after start and add at least 4 entries to the relocation table analysed the code and found out how the cga,ega,mcga etc.start game_unp.exe in dosbox heavy debug with "debug game_unp.exe M M A" (for MCGA and Adlib).unpacked the original game.exe with unp (original game.exe is available from serveral places on the internet) -> game_unp.exe.IDA Pro 6.8, HxD Hex-editor and UNP 4.12b ( ) for unpacking the original game.exe Im using the dosbox heavy debug mode for debugging Supporting CGA,EGA,Tandy,MCGA for graphic and PC Speaker, Tandy, Adlib and Roland as sound devices Years ago i've developed a tool for good old stunts to integrate the sound-drivers into the executable, wich worked perfectly and now i try to do the same with Supremacy, my first target is to integrate the dynamic loaded mcga parts into the exe to help IDA Pro analyseĭos Game from 1994: Supremacy aka Overlord: I try to reverse engineer the old dos game Supremacy - and yes i own the original game :)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |