View Single Post
Old 05-07-2002, 08:11
crispy crispy is offline
Registered User
Join Date: Oct 2000
Location: Quavers test laboratory
Posts: 455
Thanks: 0
Thanked 0 Times in 0 Posts
hi mate.

Firstly, your goal should be to check if your game executable is packed/compressed with something. (use something PEiD)
Once unpacked.....

1. You need a good memory dump of the .code section (beware, some later versions screwed with the vsize of some sections so to give massive dumps like 100-150Mb!)
2. Most of R!SC's tut stands except for some of the api decryptor code/routines
3.The program uses one call for all imports, so you've to program some code by your own which "gets" the imported function's addresses out of the call and replaces the addresses in the dumped ".code" section with the right calls.

It is easy if you have a working cd as you can let the program do the hard work for you.

Hope this helps
Reply With Quote