Messages

1

Scripting and Reverse Engineering / Assemble source code

« on: 2005-11-22 12:31:32 »

You do have a point :/

Anyway I think I did manage to get a program to extract the file.
Just in case someone didn't know this, the executable seems to assume that it's named ff7.exe. It only works properly under that name.

I don't yet know if it's correct, but at least the decompiler picks it up as a Visual C project.

2

Scripting and Reverse Engineering / Assemble source code

« on: 2005-11-22 11:43:41 »

I belive that if I do get it uncompressed and fully working, then I could see the disassembled source code.

While it may or may not be possible to reassemble, the data available should be accurate enought to start checking out how the game works.

3

Scripting and Reverse Engineering / Assemble source code

« on: 2005-11-22 07:36:44 »

Doesn't look like it it.

What about extracting/decompressing the executable? Is there any program that can handle that?

4

Scripting and Reverse Engineering / Assemble source code

« on: 2005-11-21 13:47:11 »

Has anyone succesfully recompiled the program?

5

Scripting and Reverse Engineering / yep

« on: 2005-11-18 17:48:36 »

Well, it was something like that I imagined it. So if this is correct we can be rather sure that var_4 is used to hold a temporary damage value, and the value gets copied into a struct that the calling function supplies, thus I believe this function does something else besides just calculating damage, as the straight way would be to just return it in EAL or AX.

6

Scripting and Reverse Engineering / no topic

« on: 2005-11-18 08:09:16 »

No clue if I've done it correctly. Probably not.

Anyway I've "traced" some damage calculating function down to 005C79C0. As usual there.

push    ebp
mov     ebp, esp
sub     esp, 14h
mov     eax, [ebp+arg_0]
xor     ecx, ecx
mov     cl, [eax+5]
push    ecx
mov     edx, [ebp+arg_0]
push    edx
call    Calc_Dam1
add     esp, 8
mov     [ebp+var_C], eax
mov     eax, [ebp+arg_0]
xor     ecx, ecx
mov     cl, [eax+5]
add     ecx, 1
push    ecx
mov     edx, [ebp+arg_0]
push    edx
call    Calc_Dam1
add     esp, 8
mov     [ebp+var_8], eax
mov     eax, [ebp+var_C]
imul    eax, 64h
mov     ecx, [ebp+arg_0]
xor     edx, edx
mov     dx, [ecx+24h]
mov     ecx, edx
cdq
idiv    ecx
sub     eax, 64h
mov     [ebp+var_14], eax
mov     edx, [ebp+var_14]
push    edx
call    Calc_Dam2
add     esp, 4
mov     [ebp+var_10], eax
mov     eax, [ebp+arg_0]
xor     ecx, ecx
mov     cx, [eax+24h]
mov     [ebp+var_4], ecx
mov     eax, [ebp+var_8]
sub     eax, [ebp+var_C]
mov     edx, [ebp+var_10]
xor     ecx, ecx
mov     cl, byte_98E6C4[edx]
imul    eax, ecx
cdq
mov     ecx, 64h // Defense calculation?
idiv    ecx
mov     edx, [ebp+var_4]
add     edx, eax
mov     [ebp+var_4], edx
cmp     [ebp+var_4], 270Fh // damage cap check
jle     short loc_5C7A62 // if less then 9999 skip next step
mov     [ebp+var_4], 270Fh // otherwise set damage to 9999
loc_5C7A62:
mov     eax, [ebp+arg_0]
mov     cx, word ptr [ebp+var_4]
mov     [eax+24h], cx
mov     esp, ebp
pop     ebp
retn

I thought I'd get the thing to compile back before I started investigating what goes on to verify that I do have the correct set of data.

7

Scripting and Reverse Engineering / Assemble source code

« on: 2005-11-17 14:51:16 »

I managed to dissasemble the FF7 executable ("only" 105 MB or so) and now I'd like to re-assemble it. Would anyone be able to walk me through it?

So far I've just tried masm32 version 8 but it don't want to do it.
ff7n.asm(60) : error A2085: instruction or register not accepted in current CPU mode
ff7n.asm(66) : error A2066: incompatible CPU mode and segment size
ff7n.asm(69) : error A2085: instruction or register not accepted in current CPU mode
....
ff7n.asm(217) : fatal error A1012: error count exceeds 100; stopping assembly

8

Scripting and Reverse Engineering / Where is damage calculation stored

« on: 2005-07-19 09:57:37 »

Is there any idea on where the battle damage calculation starts in the executable?

9

Scripting and Reverse Engineering / dx wrapper

« on: 2004-02-24 14:42:35 »

http://sourceforge.net/projects/dxglwrap

Don't know what'll you'll use it for, but have fun.

10

Scripting and Reverse Engineering / monster data specs

« on: 2004-02-24 13:49:05 »

Any chance of updating the monster data specifications and posting them?

11

Scripting and Reverse Engineering / pre-extracted files

« on: 2004-01-30 06:18:15 »

#include <stdio.h>
#include <zlib.h>

char* buff = new char[7808];
char* buff2 = new char[8192];
int* FileOffsets = new int[16];
FILE* rf;
FILE* bd;
int fnum = 1;

int ProcFiles(int* i)
{
*i *= 4;
for(int j = 1; j<17; j++)
{
i++;
if (*i == 0xFFFFFFFF)
return j;
*i *= 4;
}
return 16;
}

void BlockProc(int& i, int dec)
{
while (i < dec)
i += 0x2000;
i -= dec;
}

void ExtractBlock()
{
char fname[64];
fread(FileOffsets, 4, 16, rf);
int fsize;
int nFiles = ProcFiles(FileOffsets);
fwrite(&nFiles, 1, 1, bd);
nFiles -= 1;
int BlockSize = 0x2000 - 0x40;

for (int i = 0; i<nFiles; i++)
{
fsize = FileOffsets[i+1] - FileOffsets;
BlockProc(BlockSize, fsize);
fread(buff2, fsize, 1, rf);
FILE* of = fopen("tmp.dat", "w+b");
fwrite(buff2, fsize, 1, of);
fclose(of);
gzFile gzip = gzopen("tmp.dat", "r+b");
gzread(gzip, buff, 7808);
sprintf(fname, "%d.txt", fnum);
of = fopen(fname, "w+b");
fwrite(buff, 7808, 1, of);
fclose(of);
fnum++;
gzclose(gzip);
}

fread(buff2, BlockSize, 1, rf);
FILE* of = fopen("tmp.dat", "w+b");
fwrite(buff2, BlockSize, 1, of);
fclose(of);
gzFile gzip = gzopen("tmp.dat", "r+b");
gzread(gzip, buff, 7808);
sprintf(fname, "%d.txt", fnum);
of = fopen(fname, "w+b");
fwrite(buff, 7808, 1, of);
fclose(of);
fnum++;
gzclose(gzip);
}

void main()
{
rf = fopen("scene.bin", "r+b");
bd = fopen("blockdat.dat", "w+b");

while (fnum < 254) //unsure here
ExtractBlock();

fclose(rf);
fclose(bd);
delete[] buff;
delete[] buff2;
delete[] FileOffsets;
}

And here's the pre-extracted stuff
ed2k://|file|scenebinextract.zip|267079|32DD4AF01C5767E8FC4E5E918AB85D2D|/

I am a bit unsure if I really do the extraction correctly.

12

Scripting and Reverse Engineering / don't know

« on: 2004-01-29 13:56:24 »

if this is useful to anyone, but this can extract the scene.bin files (I hope):

// Warning: rush work

#include <stdio.h>
#include <zlib.h>

char* buff = new char[7808];
char* buff2 = new char[8192];
int* FileOffsets = new int[16];
FILE* rf;
FILE* bd;
int fnum = 1;

int ProcFiles(int* i)
{
   *i *= 4;
   for(int j = 1; j<17; j++)
   {
      i++;
      if (*i == 0xFFFFFFFF)
         return j;
      *i *= 4;
   }
   return 16;
}

void BlockProc(int& i, int dec)
{
   while (i < dec)
      i += 0x2000;
   i -= dec;
}

void ExtractBlock()
{
   char fname[64];
   fread(FileOffsets, 4, 16, rf);
   int fsize;
   int nFiles = ProcFiles(FileOffsets);
   fwrite(&nFiles, 1, 1, bd);
   nFiles -= 1;
   int BlockSize = 0x2000 - 0x40;

   for (int i = 0; i<nFiles; i++)
   {
      fsize = FileOffsets[i+1] - FileOffsets;
      BlockProc(BlockSize, fsize);
      fread(buff2, fsize, 1, rf);
      FILE* of = fopen("tmp.dat", "w+b");
      fwrite(buff2, fsize, 1, of);
      fclose(of);
      gzFile gzip = gzopen("tmp.dat", "r+b");
      gzread(gzip, buff, 7808);
      sprintf(fname, "%d.txt", fnum);
      of = fopen(fname, "w+b");
      fwrite(buff, 7808, 1, of);
      fclose(of);
      fnum++;
      gzclose(gzip);
   }

   fread(buff2, BlockSize, 1, rf);
   FILE* of = fopen("tmp.dat", "w+b");
   fwrite(buff2, BlockSize, 1, of);
   fclose(of);
   gzFile gzip = gzopen("tmp.dat", "r+b");
   gzread(gzip, buff, 7808);
   sprintf(fname, "%d.txt", fnum);
   of = fopen(fname, "w+b");
   fwrite(buff, 7808, 1, of);
   fclose(of);
   fnum++;
   gzclose(gzip);
}

void main()
{
   rf = fopen("scene.bin", "r+b");
   bd = fopen("blockdat.dat", "w+b");

   while (fnum < 254) //unsure here
      ExtractBlock();

   fclose(rf);
   fclose(bd);
   delete[] buff;
   delete[] buff2;
   delete[] FileOffsets;
}

The blockdat.bin will be used when reconstructing the file

13

Scripting and Reverse Engineering / gamehack to address conversion?

« on: 2003-08-27 17:58:00 »

Does anyone here know how to convert a gamehack code into a regular adddress?

14

Troubleshooting / help

« on: 2003-08-20 14:05:43 »

So Cloud, the program is importing the libraries, but not using them?

Great...

15

Troubleshooting / ok

« on: 2003-08-20 07:06:57 »

For some reason, my game uses OGL. Using a a hacked release with some chocobo patch applied. How about you send me your executable @ [email protected] and I send you mine?

Downloaded the missing file for dumpbin

Dump of file ff7.exe

File Type: EXECUTABLE IMAGE

  Section contains the following imports:

    WINMM.dll
                7B636C Import Address Table
                7B8BFC Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                  59  midiOutSetVolume
                  1A  joyGetDevCapsA
                  97  timeGetTime
                  53  midiOutGetVolume
                  4D  midiOutGetDevCapsA
                  62  midiStreamRestart
                  61  midiStreamProperty
                  94  timeEndPeriod
                  1E  joyGetPosEx
                  57  midiOutPrepareHeader
                  5F  midiStreamPause
                  5D  midiStreamOpen
                  63  midiStreamStop
                  5C  midiStreamClose
                  4C  midiOutClose
                  54  midiOutLongMsg
                  56  midiOutOpen
                  93  timeBeginPeriod
                  5B  midiOutUnprepareHeader
                  52  midiOutGetNumDevs
                  5E  midiStreamOut
                  99  timeSetEvent
                  98  timeKillEvent

    KERNEL32.dll
                7B6064 Import Address Table
                7B88F4 Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                 172  HeapSize
                 210  SetEndOfFile
                  3D  CreateProcessA
                 26A  WaitForSingleObject
                 213  SetErrorMode
                 14F  GetVolumeInformationA
                 180  IsBadCodePtr
                 1C9  RaiseException
                  2A  CreateDirectoryA
                 20C  SetCurrentDirectoryA
                 183  IsBadReadPtr
                 236  SetUnhandledExceptionFilter
                  7E  FindClose
                  87  FindNextFileA
                  82  FindFirstFileA
                  6C  ExitThread
                  43  CreateThread
                 1E2  ResumeThread
                  4E  DeleteFileA
                  DF  GetDriveTypeA
                  F0  GetFullPathNameA
                 1D6  ReadFile
                  31  CreateFileA
                  F5  GetLocalTime
                 135  GetSystemTime
                 1A6  MoveFileA
                 186  IsBadWritePtr
                  58  EnterCriticalSection
                  4C  DeleteCriticalSection
                  77  FileTimeToLocalFileTime
                  78  FileTimeToSystemTime
                 17C  InterlockedExchange
                 18F  LeaveCriticalSection
                 145  GetTickCount
                 19A  LocalFree
                  98  FreeLibrary
                 179  InitializeCriticalSection
                 161  GlobalMemoryStatus
                 211  SetEnvironmentVariableA
                  93  FormatMessageA
                  1E  CompareStringA
                  18  CloseHandle
                  F7  GetLocaleInfoW
                 116  GetProcAddress
                  8E  FlushFileBuffers
                 229  SetStdHandle
                 190  LoadLibraryA
                 25B  VirtualAlloc
                 12E  GetStringTypeW
                 12B  GetStringTypeA
                 18E  LCMapStringW
                 18D  LCMapStringA
                  F6  GetLocaleInfoA
                 168  HeapAlloc
                 16E  HeapFree
                 219  SetFilePointer
                 27B  WriteFile
                 1E5  RtlUnwind
                 25E  VirtualFree
                 16A  HeapCreate
                 16C  HeapDestroy
                 24A  TlsGetValue
                 21E  SetLastError
                 248  TlsAlloc
                  E6  GetExitCodeProcess
                 1BA  OutputDebugStringA
                 2A1  lstrlenA
                  F4  GetLastError
                  1F  CompareStringW
                 24B  TlsSetValue
                  D6  GetCurrentThreadId
                  EF  GetFileType
                 12A  GetStdHandle
                 21B  SetHandleCount
                 109  GetOEMCP
                  9D  GetACP
                  A3  GetCPInfo
                 26E  WideCharToMultiByte
                  E3  GetEnvironmentStringsW
                  E1  GetEnvironmentStrings
                  97  FreeEnvironmentStringsW
                 1AB  MultiByteToWideChar
                  96  FreeEnvironmentStringsA
                  FC  GetModuleFileNameA
                 250  UnhandledExceptionFilter
                  D3  GetCurrentProcess
                 246  TerminateProcess
                 17E  InterlockedIncrement
                 17B  InterlockedDecrement
                 23F  Sleep
                  D1  GetCurrentDirectoryA
                 171  HeapReAlloc
                 148  GetTimeZoneInformation
                  6B  ExitProcess
                 128  GetStartupInfoA
                  FE  GetModuleHandleA
                 14C  GetVersion
                  AA  GetCommandLineA

    USER32.dll
                7B6304 Import Address Table
                7B8B94 Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                 251  UpdateWindow
                  D5  GetActiveWindow
                  80  DefWindowProcA
                 101  GetKeyState
                  D7  GetAsyncKeyState
                 1B3  PostQuitMessage
                  B6  EndPaint
                   9  BeginPaint
                 1CD  ReleaseDC
                  EE  GetDC
                 208  SetRect
                 22D  ShowWindow
                  55  CreateWindowExA
                   1  AdjustWindowRect
                 1BE  RegisterClassA
                 172  LoadCursorA
                  8A  DestroyWindow
                 25D  WaitMessage
                  90  DispatchMessageA
                 245  TranslateMessage
                 1AF  PeekMessageA
                 1DA  SendMessageA
                 234  SystemParametersInfoA
                 195  MessageBoxA
                 229  ShowCursor

    GDI32.dll
                7B6038 Import Address Table
                7B88C8 Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                  F2  GetPixelFormat
                  FA  GetStockObject
                  47  DescribePixelFormat
                  C7  GetDeviceCaps
                 168  SetPixelFormat
                   D  ChoosePixelFormat
                 150  SetBkColor
                 183  TextOutA
                 172  SetTextColor
                 182  SwapBuffers

    ADVAPI32.dll
                7B6000 Import Address Table
                7B8890 Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                 120  RegDeleteValueA
                 136  RegQueryValueExA
                 12E  RegOpenKeyExA
                 141  RegSetValueExA
                 117  RegCloseKey

    ole32.dll
                7B63CC Import Address Table
                7B8C5C Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                   C  CoCreateInstance
                  48  CoUninitialize
                  26  CoInitialize

    OPENGL32.dll
                7B620C Import Address Table
                7B8A9C Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                  CF  glPointSize
                 164  wglGetProcAddress
                   C  glBindTexture
                  6E  glGetError
                  7D  glGetString
                  42  glDeleteLists
                  B9  glNewList
                  69  glGenLists
                  53  glEndList
                   F  glCallList
                  6B  glGetBooleanv
                  40  glCullFace
                  50  glEnable
                  47  glDisable
                 12C  glTexEnvi
                 15C  wglDeleteContext
                 165  wglMakeCurrent
                  A5  glLoadIdentity
                  B6  glMatrixMode
                  48  glDisableClientState
                  70  glGetIntegerv
                  4A  glDrawBuffer
                 157  glViewport
                  C5  glOrtho
                  A7  glLoadMatrixf
                 129  glTexCoordPointer
                 113  glTexCoord2f
                  51  glEnableClientState
                 156  glVertexPointer
                  3A  glColorPointer
                  4B  glDrawElements
                   B  glBegin
                  32  glColor4ub
                 148  glVertex3f
                  52  glEnd
                  CB  glPixelStorei
                  61  glFinish
                  F4  glReadBuffer
                  F5  glReadPixels
                  6A  glGenTextures
                 135  glTexImage2D
                  45  glDepthMask
                  43  glDeleteTextures
                  88  glHint
                 138  glTexParameteri
                   8  glAlphaFunc
                   E  glBlendFunc
                  14  glClearDepth
                  13  glClearColor
                  11  glClear
                 105  glShadeModel
                  D0  glPolygonMode
                  62  glFlush
                 15A  wglCreateContext
                  89  glIndexMask
                  FE  glRenderMode
                  67  glFrontFace
                  38  glColorMask
                  A3  glLineWidth
                  44  glDepthFunc
                  46  glDepthRange

    DSOUND.dll
                7B602C Import Address Table
                7B88BC Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                   4  DirectSoundEnumerateA
                   3  DirectSoundCreate

    DINPUT.dll
                7B6024 Import Address Table
                7B88B4 Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                   0  DirectInputCreateA

    DDRAW.dll
                7B6018 Import Address Table
                7B88A8 Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                   7  DirectDrawEnumerateA
                   5  DirectDrawCreate

    MSACM32.dll
                7B61F0 Import Address Table
                7B8A80 Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                  2A  acmStreamSize
                  2B  acmStreamUnprepareHeader
                  28  acmStreamPrepareHeader
                  25  acmStreamConvert
                  24  acmStreamClose
                  27  acmStreamOpen

  Summary

      797000 .data
        4000 .rdata
        1000 .rsrc
      3B5000 .text

16

Archive / just a link

« on: 2003-08-19 05:54:35 »

http://forums.qhimm.com/viewtopic.php?t=2335

17

Troubleshooting / Sorry

« on: 2003-08-19 05:53:24 »

The game appears to use OpenGL no matter what rendering mode you are using.

18

Troubleshooting / subject

« on: 2003-08-16 20:10:09 »

Correct me if im wrong, but higher resulutions wont work unless you remake the fonts and im sure the menu will be screwed up as well. But I like the idea of playing FF7 in opengl, although glide would be nice

Higher resolutions should work if we do it properly (and if we do it at all).
The game probably uses either blitting or ortho mode to draw 2D sprites. By using the qouta between the resolution the game thinks it's running in and the resolution we have overrided it to we will be able to scale the input sent to our library to the correct values before we forward them to the original rendering code. Unfortunately this would create some minor (I hope) graphical flaws due to the neccessary truncations involved.

I don't have the skills to make this change, all I have is a generic idea of how opengl/directx works from a developers perspective

If you put the game to work in software it'll use opengl.

19

Archive / just an idea

« on: 2003-08-15 08:38:49 »

With a reference.

http://forums.qhimm.com/viewtopic.php?t=2335

20

Troubleshooting / FF7 rendering idea

« on: 2003-08-15 08:35:44 »

I've got this great idea to improve the graphical performance of FF7. Unfortunately I do not possess to skills required to do this.

Basically "we" are writing an OpenGL wrapper and a GLUT wrapper, and improving it to fix known issues.

Some of the features would be. (All features should be optional and fully configurable)
Some have complained about the speed at which the motorcycle game runs at (I get that problem too). So to combat that we enable a delay on the calls to bring the game to an acceptable speed.

Then anti-aliasing would be good to implement.

Support for more resolutions would be neat.

Hehe, 6x anti-aliasing in 1280*1024, ought to look good.

The functions FF7 imports are:
[opengl32.dll]
glAlphaFunc
glBegin
glBindTexture
glBlendFunc
glCallList
glClear
glClearColor
glClearDepth
glColor4ub
glColorMask
glColorPointer
glCullFace
glDeleteLists
glDeleteTextures
glDepthFunc
glDepthMask
glDepthRange
glDisable
glDisableClientState
glDrawBuffer
glDrawElements
glEnable
glEnableClientState
glEnd
glEndList
glFinish
glFlush
glFrontFace
glGenLists
glGenTextures
glGetBooleanv
glGetError
glGetIntegerv
glGetString
glHint
glIndexMask
glLineWidth
glLoadIdentity
glLoadMatrixf
glMatrixMode
glNewList
glOrtho
glPixelStorei
glPointSize
glPolygonMode
glReadBuffer
glReadPixels
glRenderMode
glShadeModel
glTexCoord2f
glTexCoordPointer
glTexEnvi
glTexImage2D
glTexParameteri
glVertex3f
glVertexPointer
glViewport
wglCreateContext
wglDeleteContext
wglGetProcAddress
wglMakeCurrent
[glu32.dll]
gluDeleteTess
gluNewTess
gluTessBeginContour
gluTessBeginPolygon
gluTessCallback
gluTessEndContour
gluTessEndPolygon
gluTessNormal
gluTessProperty
gluTessVertex

21

Archive / yeah

« on: 2003-08-14 18:24:33 »

It was working before the reformat. No wonder performance was crap, something must have gone terribly wrong.

Reference rasteriser should be able to handle anti-aliasing anyway.

22

General Discussion / lofl

« on: 2003-08-12 19:53:34 »

Windows XP has nothing to do with it.

Hardware issues are most of the problems, I dont have ANY problems... in software, because Edios is such a horrible company, they didnt add opengl, and they only support the cards that only people with "1995 point and click skillz!!!" have.

If anybody wants to make an ATi patch for hardware, count me in for testing... software runs perfectly, but I mean... its hideous.

Sorry to disapoint you but it does use opengl.

I've checked it with dependancy walker, can do it with dumpbin as well but don't have the required library anymore. Dependancy walker reports that it imports glu32.dll and opengl32.dll (amongst others).

23

Archive / but

« on: 2003-08-12 18:43:16 »

Opengl wrapper in software mode was the fastest.

Re-installed the OS because of instability, and now it's fast in software mode again. Too fast for me hehe. Looks like you can't have everything.

Don't want to use hardware because the textures look blurred, and the shadings blocky (in a rectangle way). The anti-aliasing is good though, but I can get that in software mode as well.

24

Archive / yeah

« on: 2003-08-08 19:41:40 »

As I've wriiten before, the performance is slightly better in hardware mode, so it's still bad in software.

25

Archive / yeah

« on: 2003-08-08 12:26:06 »

I'm using that, in 3d mode with the overide in TNT mode, as I get slightly better performance with it. Not as good as I got before the update in software though.