Tips for reverse-engineering savegames

Technical Discussions not Related Directly to MHS. For Example, Coding, Hex Editing, General Hacking, Etc.

Moderators: g3nuin3, SpeedWing, WhiteHat

Tips for reverse-engineering savegames

Postby martix » Thu Jun 30, 2011 2:38 am

Is there anyone here who's had experience doing that?

I'm trying to make an editor for a game now. I've had some limited success, but I can't seem to makes sense of most of the garbled data I'm seeing in the savegame.

If anyone has any tips, commonly seen practices or other relevant observations on the topic, please share them.
User avatar
martix
Acker
 
Posts: 55
Joined: Sun Feb 17, 2008 5:53 pm

Re: Tips for reverse-engineering savegames

Postby L. Spiro » Thu Jun 30, 2011 8:49 am

010 Editor allows you to compare files.

Save a save file to another location.
Play the game to change one of your stats.
Compare the new save file with the old.


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: Tips for reverse-engineering savegames

Postby martix » Thu Jun 30, 2011 9:49 am

Yes, 010 Editor, you've already pointed me to it. And I SERIOUSLY cannot thank you enough for that recommendation!!!

However in the current situation that particular trick you suggested is useless, since I'm after the things you can't change ingame.

Now the templates function... that one is PURE UNOBTAINIUM(literally)...along with the scripting and C-like syntax.

I've already written a large 300-line template for some of the structures. However I'm hitting some snags that are very inconsistent/illogical. Like missing data for properties of an object ingame(it is possible it is located somewhere else, but what's the point of placing (almost) all data on an object in one place and some arbitrary property somewhere else). Either that or I have failed to see the pattern somewhere. Meh... I wish I was a cryptanalyst. :D

One area I know I'm lacking and where you might be able to help is my string finder function, which is terribly slow. It seems like it could be optimized, however I have yet to figure out how.

Code: Select all
void goToString ( string str ) {
    //local string StrRead;
    local char StrRead[Strlen(str)+1];

    while ( !FEof() ) {
        if ( ReadByte(pos) == str[0] ) {
    //        StrRead = ReadString(pos);
            ReadBytes(StrRead,pos,Strlen(str));
    //        Printf("%LX - [M] string read: %s \n",pos,StrRead);
            if ( Strlen(StrRead) != Strlen(str) ) {
    //            Printf("%LX - Failed Length Check\n",pos);
                pos += Strlen(StrRead);
                FSeek(pos);
            }
            else {
                if ( StrRead != str ) {
    //                Printf("%LX - Failed String Check\n",pos);
                    pos += Strlen(str);
                    FSeek(pos);
                }
                else {
    //                Printf("FOUND at pos: %LX; Length is: %d\n",pos,Strlen(str));
                    FSeek(pos);
                    break;
                }
            }
        }
        else {
    //        Printf("%LX - Failed Letter Check\n",pos);
            pos++;
            FSeek(pos);
        }
   
    }
}

I had it written some while ago so it looks foreign even to me(clumsy too).
User avatar
martix
Acker
 
Posts: 55
Joined: Sun Feb 17, 2008 5:53 pm

Re: Tips for reverse-engineering savegames

Postby L. Spiro » Fri Jul 01, 2011 2:59 pm

010 Editor allows you to search from within scripts. You won’t be able to get faster than that through scripts.
I would need an example of what you want to find to give much advice.


One thing that would help is if you had better searching tools available to you. Say, those found in MHS.
You could make a program that loads the file to RAM and simply holds it there (and this is trivial).
Then lock onto that program with MHS and have fun scanning.
It is trivial to search for the first few bytes of the save file and then lock the search range to the range of the file loaded in memory.


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: Tips for reverse-engineering savegames

Postby martix » Mon Jul 04, 2011 8:54 am

To tell the truth I have NO IDEA why I wrote that particular function. Maybe I failed to get the built in one to run at some point. Maybe something was messed up in a previous version or something. Dunno.

In any case I switched to the built in finder in the meantime and now it flies(i.e. <0.1s instead of >2s execution time).
Still researching the file though. Some success, but it's going slow. Just when I think I've got a data struct down pat, I expand the super-struct to other instances and something breaks horribly.
User avatar
martix
Acker
 
Posts: 55
Joined: Sun Feb 17, 2008 5:53 pm

Re: Tips for reverse-engineering savegames

Postby Dimple » Mon Jul 11, 2011 4:24 pm

martix wrote:One area I know I'm lacking and where you might be able to help is my string finder function, which is terribly slow. It seems like it could be optimized, however I have yet to figure out how.

Just to answer this question, it would probably be a good idea to read the whole file into the memory in the beginning. Searching for the string in the memory should be faster.

You would first need to find the size of the file and then reserve enough memory for the whole file in an array. After that just read the whole file into the array. I would advice you to use std::vector because then you don't need to worry about deleting the data yourself (you seem to be using C++ style strings already).
Dimple
Hackleberry Fin
 
Posts: 21
Joined: Tue Dec 14, 2010 8:25 pm
Location: Finland

Re: Tips for reverse-engineering savegames

Postby L. Spiro » Tue Jul 12, 2011 7:56 am

This is proper advice for scanning files/memory in C++, but here he is using 010 Editor’s script language.
However, this advice should still have some effectiveness. If 010 Editor did not have a built-in scanning function whose speed cannot be beaten via scripts, buffering more of the file data at a time would help.


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: Tips for reverse-engineering savegames

Postby martix » Mon Jul 18, 2011 5:30 pm

Thanks for the tip.
I've decoded quite a lot the file(the gameplay relevant part anyway).
I was thinking of writing an editor, but my attention span of those things is quite short, so that's probably not gonna happen. And between the easy template design and the hassle of building an app ground up just for that I think that the template UI is enough of a time-saver, especially considering that I'm probably the only one who's ever gonna find some use for the whole deal.

Of course if anyone wants I can post the template here. The game's name is "Galactic Civilizations 2: Twilight of the Arnor".
User avatar
martix
Acker
 
Posts: 55
Joined: Sun Feb 17, 2008 5:53 pm

Re: Tips for reverse-engineering savegames

Postby nuten » Wed Feb 13, 2013 2:37 pm

*-* - *- *- *- *- *-* :? :? *- *- *can't seem to makes sense of most of the garbled data I'm seeing in the savegame. *-* - *- *- *-
Nuten
nuten
I Have A Question
 
Posts: 1
Joined: Wed Feb 13, 2013 2:30 pm


Return to Technical Unrelated

Who is online

Users browsing this forum: No registered users and 0 guests

cron