Comments on: Reverse Engineering ‘Pools of Darkness’: Part 1 http://simeonpilgrim.com/blog/2009/10/04/reverse-engineering-pools-of-darkness-part-1/ Wed, 08 Feb 2012 23:17:54 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Simeon http://simeonpilgrim.com/blog/2009/10/04/reverse-engineering-pools-of-darkness-part-1/comment-page-1/#comment-3246 Simeon Mon, 05 Oct 2009 02:57:36 +0000 http://simeonpilgrim.com/blog/?p=771#comment-3246 Well I learnt it years ago, all I was doing was searching for blog post fodder... There is still merit, just for the fun of this is how a blind man would do it. But I'm not blind any more. I'll give it a bash anyway. Well I learnt it years ago, all I was doing was searching for blog post fodder…

There is still merit, just for the fun of this is how a blind man would do it. But I’m not blind any more.

I’ll give it a bash anyway.

]]> By: Stu http://simeonpilgrim.com/blog/2009/10/04/reverse-engineering-pools-of-darkness-part-1/comment-page-1/#comment-3245 Stu Mon, 05 Oct 2009 02:44:11 +0000 http://simeonpilgrim.com/blog/?p=771#comment-3245 sorry about my old school tools.. I'm an old school cracker ;) dealing with this old dos stuff is like riding a bike to me... I hope you do still post the next bits as its fun to read. sorry if I blew some of your posts away with showing you the power of unp. but hey, you learned some stuff about using dos debug.exe right? :) sorry about my old school tools.. I’m an old school cracker ;) dealing with this old dos stuff is like riding a bike to me…

I hope you do still post the next bits as its fun to read. sorry if I blew some of your posts away with showing you the power of unp. but hey, you learned some stuff about using dos debug.exe right? :)

]]> By: Simeon http://simeonpilgrim.com/blog/2009/10/04/reverse-engineering-pools-of-darkness-part-1/comment-page-1/#comment-3244 Simeon Mon, 05 Oct 2009 02:21:16 +0000 http://simeonpilgrim.com/blog/?p=771#comment-3244 ARRRGG i hate your fancy old-school tools. Once you load the unpacked EXE into IDA it detect that it has "references to Pascal Overlays" which it then magically auto loads and solves EVERYTHING. ARRRGGGGG!!!! The work shown in this blog post originally took a week, the next blog post in the serries took months originally. ARRRGG i hate your fancy old-school tools.

Once you load the unpacked EXE into IDA it detect that it has “references to Pascal Overlays” which it then magically auto loads and solves EVERYTHING.

ARRRGGGGG!!!!

The work shown in this blog post originally took a week, the next blog post in the serries took months originally.

]]> By: Simeon http://simeonpilgrim.com/blog/2009/10/04/reverse-engineering-pools-of-darkness-part-1/comment-page-1/#comment-3243 Simeon Mon, 05 Oct 2009 02:14:18 +0000 http://simeonpilgrim.com/blog/?p=771#comment-3243 Ok, Curse of the Azure bonds was packed with Exepack v4.05 or v4.06 Now trying to see if the merge overlay option works, can't get it work yet.... Ok, Curse of the Azure bonds was packed with Exepack v4.05 or v4.06

Now trying to see if the merge overlay option works, can’t get it work yet….

]]> By: Simeon http://simeonpilgrim.com/blog/2009/10/04/reverse-engineering-pools-of-darkness-part-1/comment-page-1/#comment-3242 Simeon Mon, 05 Oct 2009 02:01:12 +0000 http://simeonpilgrim.com/blog/?p=771#comment-3242 Interesting, will differently check that out... I know the version of Pool of Radiance that is on the AbandonWare siets, is cracked (password removed) and those versions are not packed. I did all this original work years ago also... but your write if there is a tool to fix it up... oh man now I'm going to have to check it out now..... Interesting, will differently check that out…

I know the version of Pool of Radiance that is on the AbandonWare siets, is cracked (password removed) and those versions are not packed.

I did all this original work years ago also… but your write if there is a tool to fix it up… oh man now I’m going to have to check it out now…..

]]> By: Stu http://simeonpilgrim.com/blog/2009/10/04/reverse-engineering-pools-of-darkness-part-1/comment-page-1/#comment-3241 Stu Mon, 05 Oct 2009 00:48:27 +0000 http://simeonpilgrim.com/blog/?p=771#comment-3241 actually they are not scrambled they are linker packed by the MS linker, its called EXEPACK and if you ever see "Packed file is corrupt" this is an EXEPACK file. Its similar to PKLite, LZEXE, WWP, etc early versions would just pack relocations (each relocaiton was 4 bytes but most often all in the same segment, so it would basically do an RLE on the segment:offset runs and use only the offsetpart. later exepacks evolved into full blown pakcers like pklite, wwp etc). to make your life easier, get "unp" (unprotect) and just depack it before running it through IDA... I think all goldbox games were exepacked from Pool of Radiance to Dark Queen of Krynn. I didnt check buck rogers or FRUA, which was the last GB release. lol sounds like you did a lot of hard work when there is a very simple answer ;) ftp://ftp.sac.sk/pub/sac/pack/unp411.zip actually they are not scrambled they are linker packed by the MS linker, its called EXEPACK and if you ever see “Packed file is corrupt” this is an EXEPACK file. Its similar to PKLite, LZEXE, WWP, etc early versions would just pack relocations (each relocaiton was 4 bytes but most often all in the same segment, so it would basically do an RLE on the segment:offset runs and use only the offsetpart. later exepacks evolved into full blown pakcers like pklite, wwp etc).

to make your life easier, get “unp” (unprotect) and just depack it before running it through IDA…

I think all goldbox games were exepacked from Pool of Radiance to Dark Queen of Krynn. I didnt check buck rogers or FRUA, which was the last GB release.

lol sounds like you did a lot of hard work when there is a very simple answer ;)
ftp://ftp.sac.sk/pub/sac/pack/unp411.zip

]]>