Reverse engineering of Wipeout 3 SE

**tigrou** · 28th May 2015, 07:23 PM

Are you sure that an executable would contain literal names of struct members ? (cool website btw )

Yes, unless the executable is compressed in some form (data sections are unpacked in memory while running), but this is unlikely.
Take the exe file you send me and open it in notepad or use string2 tool. You will find all methods names and all parameters you extracted using IDA.

So in some structures you should find names stuff like "nextsection" "radius" "junction", "x", "y", "z", i expect to find these but did not see anything like this (and also nothing that would looks like structure members)

What is in MacOSX version is probably to debug (step by step) or to produce a stack trace if i something goes wrong at runtime (so you can easily find what goes wrong)

I think they forget to do a strip (not enabled by default): http://linux.about.com/library/cmd/blcmdl1_strip.htm
http://en.wikipedia.org/wiki/Symbol_table

**aybe** · 28th May 2015, 08:41 PM

I will give it a try !

Unfortunately I don't have the Mac anymore so I can hardly test, maybe through these VM emulation hacks ?

While they forgot to strip things out they probably haven't forgot to set Release mode ... that would have been too good to be true!

**tigrou** · 28th May 2015, 10:33 PM

What do you want to test using the Mac?

I have access to a recent IMac with OSX (not at home but close), so i can try some stuff as well if needed.

**aybe** · 29th May 2015, 02:33 PM

What you've said : debugging it with something like IDA.

If you want to give it a try, feel free ... I can also get hold of my old Mac but it's quite a pain to use : 800Mhz Ibook ...

Btw, didn't they drop the PPC emulation layer in today's macs ?

Thread: Reverse engineering of Wipeout 3 SE

Thread Tools

Display

Hybrid View

Posting Permissions