Category: Programming

Extracting Cheat Engine XML from Trainer

by firodj, posted in Programming
  1. TRAINER executable or the entry point file consist of DECOMPRESS and ARCHIVE in its resoruce. See it using ResourceHacker.
  2. The DECOMPRESS will extract the ARCHIVE wich connsist of CET_TRAINER.CETRAINER file,
    The CheatEngine executable, Lua things, and dbghelp.dll.
    Note: DECOMPRESS will have same name with the TRAINER executable, but in CETxxx temp
    folder.
  3. You won’t see the CETRAINER file because it is deleted (by CheatEngine).
    You need to breakpoint CreateFileA/W the DECOMPRESS during extracting, and wait it being filled, OR just before being executed by CheatEngine.
  4. You can retrieve originl XML/.CT file by CEtrainer.decrypter.jar it.

Have fun

Dumping Assets from Crackers Installer

by firodj, posted in Programming

Usually they build the installer using Delphi, here are the tools:

UPX (Ultimate Packer for eXecutables)

The upx is to decompress the executable with command: upx -d setup.exe:

Resource Hacker

Some tools embedded in this place, 7z, FA (FreeArc), HW (HardwareCheck), as you can see it has MZ header on first byte.

x32dbg (x64dbg) Debugger

Some data is embedded in other sections, and some of them encrypted or compressed, sometimes it may be hard to just scanning the file on the disk, so try run it in the debugger until the setup window pop up, then inspect and dump memory regions to analyze it.

Preferable Type: PRV, with Protection -RW--, and find contigouse section and dump them into a file.

HxD (Hex Editor)

Use Hex Editor to analyze the dump contents. On this example we saw the Zip container being dumped in memory, any we need another tools to scanning and extracting.

hd / hexdump (OS: Linux)

This is another tools to inspect the content of binary file.

binwalk / FOREMOST (os: Linux)

Use binwalk to scan and extract:

Or alternatively using foremost to scan and extract:

Happy ripping 😄

Compile PS2 Emulators

by firodj, posted in Programming

PCSX2 Emulator on Windows

  • Clone the repository:

$ git clone https://github.com/PCSX2/pcsx2.git
$ cd pcsx2
$ git checkout <branch/tag> # optional
$ git submodule update --init --recursive

  • Extract dependency inside the pcsx2 folder as deps folder.
  • Open .\PCSX2_qt.sln with Microsoft Visual Studio 2022
  • Select Release and x64 in toolbar above, by default it will use SSE 4.1 instruction. Select Release AVX2 for AVX2 instruction instead.
  • then select menu Build Solution.
  • Set as Startup Porject for pcsx2-qt
  • Set Debuggin Working directory as $(TargetDir).
  • Run with Local Windows Debugger

If you encounter an Access violation exception when running a Game by starting pcsx2 using debugger, you may skip the exception by unchecking Break when this exception type is thrown, as this is false positive and make the emulator handle it.

Then press Continue (▶️ green play button) above.

Reference: https://github.com/PCSX2/pcsx2/wiki/12-Building-on-Windows

Compile PSP Emulators

by firodj, posted in Programming

PPSSPP on Windows

  • Open the .\Windows\PPSSPP.sln using Microsoft Visual Studio 2022.
  • Select Release and x64 in toolbar above.
  • then select menu Build Solution.
  • Set as Startup Porject for PPSSPPWindows
  • Run with Local Windows Debugger

The dependency itself is self-contain defined, so other dependency manager tools don’t needed such vcpkg. In my system since I have vcpkg integrated with MSBuild, it implicityl linking wrong library version that make the build failed and hard to find the culprit. Please disable vcpkg on the exetuable project such as PPSSPPWindows.

Reference: https://github.com/hrydgard/ppsspp/wiki/Build-instructions