Bad idea: build a captcha library that embeds DOSBox so it can make you beat levels/puzzles from DOS games to continue.
-
procmon time. what do you do, game?
-
they didn't bother to make the animations play at the right speed
-
they are indeed using those files.
I'm wondering if they're just using them for data, though? maybe they just load them and pull resources out, and the Real Code is elsewhere? -
@foone My XT only *has* 256kB, the entire first kilobyte goes poof for the interrupt table *even though nobody needs that many interrupts!* and then you never know what silly TSRs the user has running. Probably sidekick+, for the calendar.
Anyway, the game expecting 200kB available is quite optimistic.
What year did you say this is?
-
@gabe 1993! with minimum requirements of 640kb
-
Graham Sutherland / Polynomialreplied to Foone🏳️⚧️ last edited by
@foone yeah that's what I'm thinking. either that or they're hotpatching stuff and using VEH or similar to catch and handle the int instructions.
-
Graham Sutherland / Polynomialreplied to Graham Sutherland / Polynomial last edited by
@foone are they passing LOAD_LIBRARY_AS_DATAFILE_EXCLUSIVE or LOAD_LIBRARY_AS_IMAGE_RESOURCE to LoadLibraryEx? that'd be a giveaway that they're not directly doing imports and there's some extra gubbins in there for yanking out data and maybe executing code.
-
@foone remember the goat puzzle?
-
@jonn which one?
-
Foone🏳️⚧️replied to Graham Sutherland / Polynomial last edited by
@gsuberland haven't found out yet but i suspect so
-
@foone it seems like you've solved this, but, I have previously dealt with a program using OpenWatcom C that uses their Win16 wrapper and produces an NE executable. Basically it starts up in win16, loads their DPMI handler and a bunch of thunks for 32->WinAPI 16, and then it pulls a 32-bit binary blob (the main program) into memory and executes that. really a nightmare to get Ghidra working on that, I had to locate the blob and extract it and then load it up as a raw 32-bit .bin
-
@foone my notes on making that work, if you find you're in the same situation:
https://github.com/greg-kennedy/DarkSunOnline/wiki/Client-Disassembly -
@foone … but… why?
-
@mmu_man different plugins target different versions. compiling between versions is annoying enough that the easiest way to do it is to just have multiple versions installed
-
@greg ooh, nasty. I'm not sure if that's what's happening here, but good to know
-
obviously the first thing you call GetProcAddress on is "GetProcAddress"
-
you know, just in case the address has changed between compile time and run time
-
oh it's trying to load WinG32.dll
that's a pre-directx windows library for high speed graphics. it was partially written to get Doom running at full speed under windows.
-
hah! it works!
it turns out they installed this pre-win95 graphics library into System32 of my 64bit windows system (well, sysWOW64)
-
okay I'm running in a debugger now, with breakpoints on LoadLibrary/GetProcAddress.
There's no activity while doing stuff that'll trigger the .DAT files (which are DLLs) to load.