Comments (6)
aspadm
commented on July 2, 2024
1
Hi @cech12 !
- As I know, old version of the game is packed using UPX. If you want to support old versions, you need to unpack .exe first. There will be
c7 44 24 18 00 10 00 00byte sequence. - In my opinion, the generic way to find patch place in .exe is to:
- Find string literal
"ground/Msk_%c%c%c%c01.tga". - There will be one direct reference to this string from function, that mixes landscape tiles. Also in this function will be direct references to string literals
"ground/Gnd_%c%c%c.tga"and"ground/Gnd_%c%02d.tga". - In this function must be only one
0x1000value which is what we need.
- Find string literal
from diggleshdmod.
aspadm
commented on July 2, 2024
1
I need some guidance
@cech12 please send me the updated .exe file.
I will try to write more detailed instructions and sample code.
You use C# for game patching/modding, are I'm right?
from diggleshdmod.
aspadm
commented on July 2, 2024
1
@cech12 here is small script written in Python 3 + pefile library:
https://gist.github.com/aspadm/49428db7e171bce092854ecab83a01c1
For this two files address will be the same: 0x4cd3a1 (5034913).
Example of script output:
Found string A "ground/Msk_%c%c%c%c01.tga" at VA 0x724898
Found string B "ground/Gnd_%c%c%c.tga" at VA 0x7248b4
Found string C "ground/Gnd_%c%02d.tga" at VA 0x7248cc
Found XREF to string A at VA 0x4cd17f
Found XREF to string B at VA 0x4cd271 and 0x4cdad0
Found XREF to string C at VA 0x4cd2e9
Keep XREF to string B from VA 0x4cd271
Found 177 places with b'\x00\x10\x00\x00'
Finally chose value place as VA 0x4cd3a1
Replace 4 bytes at position 0x4cd3a1 (5034913) in file "Diggles_gog.exe"
Script also trying to detect UPX packing and must work with old game version (as example, Wiggles version from 2000).
If you'll be rewrite this to C#, you can take a look at PeNet library as replace of pefile.
from diggleshdmod.
cech12
commented on July 2, 2024
Unfortunately, the game was updated and the sequence was changed.
I never hacked/changed an exe file on byte level. I have found the string literals on byte level but they are located at another position as the code/bytes I want to change. But I don't know how to get the references of these strings.
I think, I need some guidance. xD
from diggleshdmod.
cech12
commented on July 2, 2024
That would be really nice, thanks a lot! :D
Yes, I am using C#, but I can also convert code of other languages to C# ;)
from diggleshdmod.
cech12
commented on July 2, 2024
Thanks a lot! I will look i to this :)
from diggleshdmod.
Related Issues (4)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from diggleshdmod.