Bad idea: build a captcha library that embeds DOSBox so it can make you beat levels/puzzles from DOS games to continue.
-
maybe they compiled the games into DLLs and had a delphi shell around it?
-
I think that's exactly what they did.
on the CD there's a bunch of DAT files in SSGWINCD, and they mysteriously all start with the bytes MZ, like a DLL/EXE
-
loadLibrary()ing a .DAT file? naughty naughty.
-
Language ID: x86:LE:16:Protected Mode (2.13)
what do you mean 16bit protected mode? the one used for, like, Xenix? the 286 one that was an evolutionary dead end? YOU'RE RUNNING THAT IN DLLs?
-
that can't be right. I'm on a 64bit system. those DLLs shouldn't even load.
-
These are NE executables. So windows 3.x.
Those... shouldn't be loading. Unless they're 32bit, somehow... is win32s being invoked here? and somehow working? on a 64bit OS?
did they embed a 16bit x86 emulator into their program? (no)
-
@foone Mark Zbikovski likes this.
-
all this is telling me "give up on the windows version and go back to hacking the DOS version" but I have to figure out what the fuck they're doing here.
-
@dg3hda He goes by Zark Mbikovski in little-endian cultures
-
because this smells like it's either brilliant or a crime against man and God and I need to find out which.
and yes, both is an option
-
WAIT
I was using this ancient version of ghidra for GBA hacking
I'm doing x86 hacking now
why am I still on a version with a broken dark mode? -
@foone Are they possibly using the.DAT/.DLLs to load puzzle data into a recreated engine?
-
it's only a matter of time before someone invents one of those Version Managers like for node/ruby/etc but it just keeps track of your ghidra versions
-
I'm on my laptop now (disability reasons) but my Real Workstation has like 13 versions of Ghidra installed
-
@ScotttSee it's certainly possible. resource dlls are a thing.
-
you're... making int21h calls?
in a DLL? your'e making raw DOS interrupt calls in a WINDOWS DLL!?
-
I'm starting to think none of these DLLs are actually ever used
-
procmon time. what do you do, game?
-
they didn't bother to make the animations play at the right speed
-
they are indeed using those files.
I'm wondering if they're just using them for data, though? maybe they just load them and pull resources out, and the Real Code is elsewhere?