Войти в систему

Home
    - Создать дневник
    - Написать в дневник
       - Подробный режим

LJ.Rossia.org
    - Новости сайта
    - Общие настройки
    - Sitemap
    - Оплата
    - ljr-fif

Редактировать...
    - Настройки
    - Список друзей
    - Дневник
    - Картинки
    - Пароль
    - Вид дневника

Сообщества

Настроить S2

Помощь
    - Забыли пароль?
    - FAQ
    - Тех. поддержка



Пишет nancygold ([info]nancygold)
@ 2024-06-20 22:18:00


Previous Entry  Add to memories!  Tell a Friend!  Next Entry
Настроение: accomplished
Entry tags:computing

Loading the Overlays into Ghidra
PREVIOUS PART

Having fed up with Java, I decided to write some C99 code, which would produce a tampered exe with everything pre-relocated. Such engine could be readily loaded into Ghidra saving me from seeing Java ever again.

That kinda worked, but with some analysis issues and all information about segments was lost, since Ghidra reliies on the MZ relocation table to produce the list of segments. And IDA Pro just couldn't handle such pre-relocated exe.

Then came the realization, that instead of relocating, one can update the MZ relocation table and header to include the FBOVs segments, in addition to untrapping the trap segments. That way the resulting exe is properly loaded by both Ghidra and IDA, although IDA still detects it as a Borland overlayed exe and offers to load an external .ovr file (only Turbo Pascal 5.0 supported these), even though mzap erases the FBOV id after merge. Would be still nice if Ghidra does that properly because the FBOV __SEGTABLE__ has proper segment starts and ends, for both normal and overlayed segments.

The resulting utility is called MZap
https://github.com/NancyAurum/devroomm/blob/main/tools/mzap/mzap.c

While is just a few lines of C99, which do basic things, researching the problem took really a lot of time. The game's main() function is now lies open and there is apparently a lot of fun code, but I really got burned out by all this fighting with Ghidra and overlays. Although I learned a bit about pageless memory management approaches and few tricks which could be useful in developing Symta further. So I guess this is the last part. I don't have the autistic dedication required for decompiling games.

Cheers!



(Добавить комментарий)


(Анонимно)
2024-06-20 22:32 (ссылка)
loading shit onto your ugly face, faggot-maggot

(Ответить)


(Анонимно)
2024-06-20 22:38 (ссылка)
>the autistic dedication required for decompiling games.

But you do have enough of it to even attempt such fruitless exercise.

>a bit about pageless memory management approaches

Very useful in this day and age.

(Ответить) (Ветвь дискуссии)


[info]nancygold
2024-06-20 22:51 (ссылка)
Paging is deficient by design.

(Ответить) (Уровень выше) (Ветвь дискуссии)


(Анонимно)
2024-06-20 22:59 (ссылка)
good luck fighting with these windmills.

(Ответить) (Уровень выше)


[info]aryk38
2024-06-20 23:38 (ссылка)
савсем уже ничо не помню про эти оверлеи
ну и хер с ними

(Ответить) (Ветвь дискуссии)


(Анонимно)
2024-06-21 00:20 (ссылка)
нельзя забыть чего не знаешь
старое говно с двощей
не подлизывайся к нашему золотцу
хуй он тебе скрипт напишет
а если напишет ты оху...
ну вообщем сам увидеш

(Ответить) (Уровень выше)


(Анонимно)
2024-06-21 06:14 (ссылка)
>IDA Pro

So you gave in and used this disgustingly "Russian" (actually Belgian) product. Also pirated it of course, making your diatribes about stolen assets in games all the more hypocritical.

(Ответить) (Ветвь дискуссии)


[info]nancygold
2024-06-21 08:01 (ссылка)
>Also pirated it of course

I do have a pirated version, but it has issues (gets confused by 16bit code), so I have to use Ghidra.

>actually Belgian

Yeah. Sneaky Russians now register their companies outside of Russia to evade sanctions.

(Ответить) (Уровень выше) (Ветвь дискуссии)


(Анонимно)
2024-06-22 01:02 (ссылка)
There haven't been any Russian resident developers of IDA. The same moronic argument makes Google a half Russian company.

>I do have a pirated version

We all know you are a hypocrite.

(Ответить) (Уровень выше) (Ветвь дискуссии)


[info]nancygold
2024-06-22 14:11 (ссылка)
being rational != hypocrite

(Ответить) (Уровень выше)


(Анонимно)
2024-06-22 11:34 (ссылка)
It seems that you are giving up Java a little early. In studying, if you want to quit, then you need to change the approach, for example, different educational materials and video tutorials. Here there are some in English
nnmclub.to/forum/viewforum.php?f=463

(Ответить)