Yes, and I suck at hacking.
I've only managed to ascertain that the OEP (whatever that is) is 0xf9af30 so far.
Wargasm
Online
Re: Wargasm
Actually, decompressing the exe isn't really a problem as IDA will do that.
Looking at some of the decompressed code, this may be the part that calculates the filename hash.
Only circumstantial evidence to support that hypothesis so far, but the largest hash in the data archive is 0xee6afc35.
The hashes are derived somewhat differently to the earlier games, and the paths and extensions don't seem to have their own token bytes.
Here's some examples:
The reason this is interesting is that 'Typhoon' uses a similar system where we extracted its files, and got some file names, but we haven't been able to tie them together.
Looking at some of the decompressed code, this may be the part that calculates the filename hash.
Code: Select all
unsigned int __cdecl sub_507BF0(int a1)
{
unsigned int result; // eax@1
int v2; // ecx@1
int v3; // ebp@1
unsigned int v4; // kr00_4@1
int v5; // edx@3
int v6; // ebx@5
int v7; // edi@5
int v8; // ebx@5
int v9; // eax@6
int i; // [sp+8h] [bp-4h]@3
v3 = a1;
result = 0;
v4 = strlen((const char *)a1);
v2 = v4 - 1;
if ( v4 != 1 )
{
v5 = 0;
a1 = 0;
for ( i = 0; v5 < (signed int)(v4 - 2); i = v5 )
{
if ( v5 < v2 )
{
v8 = *(_BYTE *)(v5 + v3);
v7 = v5 + v8;
v6 = v8 + 7;
do
{
v9 = v7 * v6 * (*(_BYTE *)(v5 + v3) + 19) * (v5 + *(_BYTE *)(v5 + v3));
++v5;
a1 += v9;
}
while ( v5 < v2 );
v5 = i;
}
++v5;
}
result = a1 % 0xEE6B2800u;
}
return result;
}
The hashes are derived somewhat differently to the earlier games, and the paths and extensions don't seem to have their own token bytes.
Here's some examples:
Code: Select all
0x7ba648d4 BMF\_11_T02.BMF
0x7cb81b22 BMF\_11_T03.BMF
0x7dcec302 BMF\_11_T04.BMF
0x7eea465c BMF\_11_T05.BMF
0x800aab30 BMF\_11_T06.BMF
0x812ff796 BMF\_11_T07.BMF
0x825a31be BMF\_11_T08.BMF
0x83895ff0 BMF\_11_T09.BMF
0x69e21bd8 box\d1_b1.box
0x6ae82fea box\d1_b2.box
0x6bf3086e box\d1_b3.box
0x6d02ab1c box\d1_b4.box
0x6e171dc4 box\d1_b5.box
0x6f30664e box\d1_b6.box
0x704e8aba box\d1_b7.box
0x71719120 box\d1_b8.box
0x72997fb0 box\d1_b9.box
0xee6019c5 BMF\TI21.BMF
0xee6190f7 BMF\TI12.BMF
0xee62466f WORLDS\DESERT\DESERT7\ENV\DE7.ARE
0xee679e7a AUDIO\3D\WAV\CHOPENGI.WAV
0xee6aca2e BMF\RIPPLE6.BMF
0xee6afc35 MATS\NETTYDED
0x0001ef96 BMF\DONNA.BMF
0x00027dbc MATS\BPFENCE
0x00029b3f CAMPAIGN\CAMP8\AFRICA.BMP
0x000635c2 BMF\DTHULL3.BMF
0x00099b9b WORLDS\MOUNT\MOUNT15\TACMAP.BMP
0x000a5dbd MATS\DMKGUN5
0x000b08b9 MATS\LITEGREY
0x000ba054 MATS\RAD1D2
0x000cbacf MATS\TMPSK4B
0x000ce826 LANGUAGE\ITALIAN\AUDIO\SPEECH\WAV\KWNA0001.WAV
0x000d7dde BMF\PELVIS4.BMF
0x0010c80a dmf\virt_e2.dmf
0x0011166a MATS\DOOR2
0x0014469a TEXTURES\API_DM.BMP