What do you do when a ten-year-old video game has a bug in it? If you are [ExileLord] you fix it, even if you don’t have the source code. Want to know how? Luckily, he produced a video showing all the details of how he tracked the bug down and fixed it. You can see the video below. You may or may not care about Guitar Hero, but the exercise of reverse engineering and patching the game is a great example of the tools and logic required to reverse engineer any binary software, especially a Windows binary.
The tool of choice is IDA, an interactive debugger and disassembler. The crash thows an exception and since [ExileLord] has done some work on the game before, he was able to find a function that was creating a screen element that eventually led to the crash.
By snooping around the virtual table, he figured out that the object that caused the crash. However, he also found that the object’s constructor had been obscured by a copy protection scheme. However, [ExileLord] was adept enough to overcome the obscuring code.
The problem arises because text objects are drawn from a preallocated pool. If the pool runs empty, there is no provision for creating more. The fix? There are several, but [ExileLord] just bumped up the pool’s initial size which is fine unless you break that limit, too.
If you want to try your hand at this kind of work and you don’t have IDA, you might start with an online disassembler tool. It isn’t as capable, but it does work. IDA is very capable, though, and we’ve seen it used before to good effect.
Who needs that when this works on almost everything
https://github.com/fofix/fofix
Fofix has been dead for some time now, I find it almost impossible to find any songs as most links are broken. Phase shift replaced fofix, but even it was last updated in 2015. I honestly don’t know where the rhythm game community exists now, its a shame its shrunk so much.
Hey at least stepmania5 actually got released.
Clone hero is in alpha and is 100% backwards compatible with PS and FoFix. It’s a really nice engine.
Humble Bundle has as one of it’s recent selections “The IDA Pro Book 2nd edition”.
Interesting read. I like the simple fix as well. No need to re-invent the wheel. Kudos :)
This is great stuff, more of this please.
I admire his work, although why would you do this when clone hero exists (especially as I know Exile is helping with clone hero development)
People have been reverse engineering computer games since the 70s. With a damn sight fewer tools available too. Lawn…
Are you joking, right? Software is becoming more complex and more layered, reverse engineering it getting more and more complex and in this case there was a code obfuscation in place as well. So, here , two are the things :
1 – You think that ExileLord’s patch was a walk in the park
2 – You think that this article shouldn’t be on HaD because is “too easy”
I’m sure you have a better hack/article made by you that can show all of us how we should do better.
Right?
Agreed. He isn’t building a trainer or trying to cobble cheats from hex dumps. Sheesh. I guess Aplhatek needs his Warfarin ;) One thing I have learned from TV is that old people like to say Warfarin as much as possible.