View Single Post
  #4  
Old 05-07-2002, 08:11
crispy crispy is offline
Registered User
 
Join Date: Oct 2000
Location: Quavers test laboratory
Posts: 455
Thanks: 0
Thanked 0 Times in 0 Posts
crispy
hi mate.

Firstly, your goal should be to check if your game executable is packed/compressed with something. (use something PEiD)
Once unpacked.....

1. You need a good memory dump of the .code section (beware, some later versions screwed with the vsize of some sections so to give massive dumps like 100-150Mb!)
2. Most of R!SC's tut stands except for some of the api decryptor code/routines
3.The program uses one call for all imports, so you've to program some code by your own which "gets" the imported function's addresses out of the call and replaces the addresses in the dumped ".code" section with the right calls.

It is easy if you have a working cd as you can let the program do the hard work for you.

Hope this helps
__________________
Munch......munch.....munch
Reply With Quote