aluigi, posted Fri Nov 25, 2016 7:47 pm (19085)

---

Let say your function has the following prototype:

Code:

int __cdecl function(unsigned char *buff, int buff_size, int arg1234);

Use this script:

Code:

set MEMORY_FILE10 binary "\x...YOUR_FUNCTION..."
log MEMORY_FILE OFFSET SIZE
calldll MEMORY_FILE10 0 cdecl RET MEMORY_FILE SIZE 1234

You can even use the x86 code automatically in the Encryption or Comtype command so that you don't have to dump the data in a MEMORY_FILE first:

Code:

set MEMORY_FILE10 binary "\x...YOUR_FUNCTION..."
encryption calldll "MEMORY_FILE10 0 cdecl RET #INPUT# #INPUT_SIZE# 1234"
log "dump.dat" OFFSET SIZE
encryption "" ""

I have not understood your second question but let me know if what I have written answers to it too.

NullRd, posted Fri Nov 25, 2016 9:09 pm (19089)

---

Ah, now this is much better. After I've merged my previous script with ASM function - 120 MB file processed in 9 seconds!

About my second question - here is an example.

Code:

set memory_file binary "\xEB\x06\x90\x90\x00\x00\x00\x00\xE8\x00\x00\x00\x00\x58\x83\xC0\xF7\xC7\x00\x78\x56\x34\x12\xC3"

calldll memory_file 0 stdcall ""

exit

Asm code source:

Code:

jmp testproc

align 4
  my_static_variable dd 0
align 4

proc testproc
; this block calculates virtual address of variable
  call @f
@@:
  pop eax
  add eax, (my_static_variable - @b)

  mov dword [eax], 0x12345678
  
  ret
endp

Function causes "access violation" exception.


It is happens because the memory page which contains my code doesn't have a permission to be written.

aluigi, posted Fri Nov 25, 2016 9:25 pm (19090)

---

For using static and const variables you have to compile the code as dll.

AnonBaiter, posted Tue Nov 29, 2016 7:03 pm (19166)

---

aluigi, you might want to add this line on sign_ext.c or at least the next version of quickbms...

Code:

   {  4, "AWAD", "awd" },

aluigi, posted Tue Nov 29, 2016 8:22 pm (19167)

---

As far as I know AWAD is not a file format.
I know only the AWAD archives.

AnonBaiter, posted Tue Nov 29, 2016 8:41 pm (19169)

---

^ Well, the AWAD archives were stored as an .awd container last time I checked the filesystem(the disk in which they were stored, not the filesystem of the archives themselves) of the PS2/PC version of Tomb Raider Angel of Darkness.

Nameless, posted Tue Dec 20, 2016 9:27 pm (19699)

---

aluigi wrote:

Eh JIT would be cool but a core rewriting of quickbms is not possible, it takes a huge amount of time and effort for both writing and testing. Really impossible at the moment.

And how about bytecode approach? Would be great to have such function to compile script into binary file and then feed it to quickbms. Maybe it won't be blazingly fast but still can give some speed boost.

aluigi, posted Wed Dec 21, 2016 6:54 am (19702)

---

bytecode would provide absolutely no boost.

To be honest there will be no big core improvements or rewrites in the tool, currently it's stable and works perfectly.

People have problems with the performances of quickbms only when they try to use it not for its original purposes like 3d models conversions, that's NOT the job of quickbms which is an extractor and possible reimporter, for any other usage people have to use a real programming language.

In case of decryption functions that require the reading of every byte from a file and so a similar "for" cycle would be slow in quickbms I suggest to create a dll or dumped function to use with CallDLL.

Nameless, posted Mon Jan 23, 2017 9:58 am (20366)

---

How about converting readme into chm help file? It is pretty big already and not so convenient to use anymore. I think chm would be much better than basic txt which estimated size of 188 kilobytes already. Lol my first computer had 4-times less RAM than this.

Also I think, quickbms deserves to have its own IDE, because all those bat files such a pain in the ass to create each time, especially when you reversing many different file formats. Once I had more than 20 different scripts in one directory and each of them needed its own bat, also some of them where made for batch processing, some for testing and some for combining few scripts into one workflow, real pain it was...

aluigi, posted Mon Jan 23, 2017 2:23 pm (20371)

---

chm no, but html would be perfect.
Maybe for the next version I can create a parser to convert the txt in html and uploading the latter on the website, leaving the txt in the package (better to have both).
I will think about it.

Honestly I don't know that thing of the bat files.
quickbms is made to work easily with multiple selection of input files so I don't know why people create them, I'm not part of the modding community.

For the file format analysis you need just the console, less (the unix/cygwin tool), a hex editor and the bms language for Notepad .
That's all you need to rule the formats

Nameless, posted Tue Jan 24, 2017 4:12 am (20385)

---

aluigi wrote:

For the file format analysis you need just the console, less (the unix/cygwin tool), a hex editor and the bms language for Notepad .
That's all you need to rule the formats

Actually it's more complicated than this when you need co crack every file format used by the game. I did it few times already so I can tell you that it is not enough to have only those tools which you mentioned.

aluigi, posted Tue Jan 24, 2017 7:19 am (20386)

---

Feel free to share your experience.

The only other essential tool I missed from the list is calcc

Nameless, posted Wed Jan 25, 2017 6:53 am (20408)

---

You also need:
Memory editing tool (ArtMoney or CheatEngine), it helps a lot to figure out the most puzzling data.
Raw image viewer and some 2D editor with palette support. Raw image viewer also can help to identify types of data.
Some 3D viewing software.
Raw audio stream player.
And last. You need to write some helper scripts for data collecting, visualizing or converting it into human readable form.

Without all this you will end up in a big frustration with little result. The hardest part is to crack level format. Try to do it with only hex editor, it will be very unproductive job.

aluigi, posted Wed Jan 25, 2017 8:45 am (20411)

---

I guess we are referring to two different things.

I'm referring to using quickbms for extracting files from archives, which is the job of quickbms and for which you need a very minimal set of analysis tools like those I listed (debugging excluded).

Instead from your post I understand that you want a complete suite for modding, so quickbms would be just one of the tools (I hope you don't use it for converting formats).
I still don't understand what type of IDE you suggested and what it should contain.
If you mean something like integrating all these formats viewer in quickbms... well definitely no. Not the job and purpose of the tool.

Nameless, posted Wed Jan 25, 2017 12:24 pm (20422)

---

By IDE I mean usual meaning of this word. Just its own editor but with ability to launch scripts. And it should allow to set launch parameters, target file and output destination with only few clicks.

aluigi, posted Wed Jan 25, 2017 12:55 pm (20423)

---

That's something that can be made by third parties.
Just like it happens with compilers where the IDE (for example Code::Blocks) is separate from the compiler itself (for example gcc).

Currently this is the only tentative of IDE of which I'm aware:
http://forum.xentax.com/viewtopic.php?f=29&t=6797
Unfortunately the downsides of that project are:

• it's no longer supported
• the "quickbms" string in the name apparently caused some confusion to various users that downloaded it instead of the official quickbms
• it embedded an old copy of quickbms (0.6) and tons of people complained on the forums about the scripts "not working with quickbms" because they were using that IDE

Personally I don't need an IDE so I have no desire and time available to work on it, but I agree 100% with you that a good IDE would be useful to many users now that apparently quickbms is used a lot.

If you or someone else has desire to try to develop an IDE, it's welcome.

What I can offer from my side is the support for a better integration and communication between a similar project and quickbms.

Acewell, posted Fri Mar 31, 2017 9:51 pm (21881)

---

Hi is there a way to use a variable as the search key in the findloc command?
if not i would like to request it so i can use in a loop to search for crc values.

example

Code:

for i = 0     get something long
    get HASH long
    get something long
    savepos TMP
    findloc VAR binary HASH  // something like this
    goto VAR
    do stuff
    goto TMP    
next i

aluigi, posted Sun Apr 02, 2017 2:04 pm (21916)

---

If HASH was a sequence of bytes you had no way to use it with Findloc because the "binary" type is handled when the script is parsed and not at runtime (because quickbms is composed by these 2 internal stages).
Luckily there you have a "long" HASH so you can try replacing "binary" with "long" and it should work because I implemented this method in Findloc.

Acewell, posted Sun Apr 02, 2017 3:54 pm (21917)

---

ah yes thanks, after another search i found some examples
http://aluigi.altervista.org/bms/star_wars_lp.bms

Code:

findloc BASE_OFF string SIGN

http://aluigi.altervista.org/bms/fusionfall.bms

Code:

findloc OFFSET long SEARCH_OFFSET

http://aluigi.altervista.org/bms/hexdump_scanner.bms

Code:

findloc TMP string SEARCH_STRING 0 ""

http://aluigi.altervista.org/bms/raceroom.bms

Code:

findloc NEXT_OFFSET string SIGN 0 ""

http://aluigi.altervista.org/bms/god_eater_2.bms

Code:

findloc TMP binary SIGN

AnonBaiter, posted Tue Apr 11, 2017 4:15 am (22133)

---

So, I want to do... this:

Code:

   putct NAME string 0x18 MEMORY_FILE2

However, I want to write one part of the output file with putct by selecting an offset to write the string with(0x58 for example) rather than building from another variable in which the offset is based on. Perhaps it`s (im)possible to do this with putvarchr, or do you have any other ideas?

aluigi, posted Wed Apr 12, 2017 9:31 am (22158)

---

If I understand correctly you want something like this which will put the string at offset 0x58:

append 1
goto 0x58 MEMORY_FILE2
putct NAME string 0x18 MEMORY_FILE2
append

AnonBaiter, posted Wed Apr 12, 2017 9:50 am (22159)

---

Okay, now I`m getting the gist of it.
However, the result was like this(reconstructed header):

Code:

00000000  52 58 57 53 20 B4 01 00 00 02 00 00 00 00 00 00  RXWS ?..........
00000010  46 4F 52 4D 20 00 00 00 00 01 00 00 00 00 00 00  FORM ...........
00000020  01 00 00 00 02 1C 03 00 7F 7F 00 00 00 01 C0 5D  ..............A]
00000030  00 00 00 00 00 00 00 00 C0 B3 01 00 00 00 00 00  ........A?......
00000040  46 54 58 54 20 00 00 00 00 01 00 00 00 00 00 00  FTXT ...........
00000050  01 00 00 00 08 00 00 00 61 6D 30 30 30 32 00 00  ........am0002..
00000060  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000070  00 00 00 00 C0 B3 01 00 00 01 00 00 00 00 00 00  ....A?..........
00000080  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000090  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
000000A0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
000000B0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
000000C0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
000000D0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
000000E0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
000000F0  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000100  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000110  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000120  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000130  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000140  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000150  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00000160  00 00 00 00 00 00 00 00 00                       .........

The header I`m trying to make looks like this(original header):

Code:

00000000  52 58 57 53 30 D5 01 00 00 02 00 00 00 00 00 00  RXWS0O..........
00000010  46 4F 52 4D 20 00 00 00 00 01 00 00 00 00 00 00  FORM ...........
00000020  01 00 00 00 02 1C 03 00 7F 7F 00 00 00 01 C0 5D  ..............A]
00000030  00 00 00 00 00 00 00 00 44 BF 09 00 00 00 00 00  ........D?......
00000040  46 54 58 54 20 00 00 00 00 01 00 00 00 00 00 00  FTXT ...........
00000050  01 00 00 00 08 00 00 00 74 6F 30 30 36 34 5F 6B  ........to0064_k
00000060  6F 75 65 6E 5F 31 00 00 00 00 00 00 00 00 00 00  ouen_1..........
00000070  42 4F 44 59 C0 D4 01 00 00 01 00 00 00 00 00 00  BODYAO..........

So, is there any way to construct the header after that part without leaving unwanted blanks(0x00) like the original RXWS header shown above?

AnonBaiter, posted Sat Apr 15, 2017 1:57 am (22222)

---

Sorry for the double post, but I`m here to report a thing.

Seems that apparently comtype_scan2.bat doesn`t work with me anymore.
I mean, when I execute the .bat file through command-line... it just doesn`t run on folders that has symbols and numbers. And that`s on Windows XP.

Code:

1. Type this and press enter.
C:\Documents and Settings\AnonBaiter\Desktop\quickbms_0.8.0>comtype_scan2.bat
2. Even when the .bat file in question is executed(and even when there are parameters involved(comtype_scan2.bat comtype_scan2.bms dump.dat c:\output_folder)), it does nothing.
C:\Documents and Settings\AnonBaiter\Desktop\quickbms_0.8.0>

Any solutions for this?

MerlinSVK, posted Sat Apr 15, 2017 8:28 am (22229)

---

Does this work?

Code:

"C:\Documents and Settings\AnonBaiter\Desktop\quickbms_0.8.0>comtype_scan2.bat"

AnonBaiter, posted Sat Apr 15, 2017 12:18 pm (22234)

---

I guess that solved the problem. Thanks.