Fabrice Lété
Fabrice Lété
  • 2
  • 10 058
Reverse engineering an old DOS game (part 2 of N)
Tracing step by step the graphics mode initialization of an old DOS game.
Check the previous video in the series here: ua-cam.com/video/KdIpuCznir4/v-deo.html
0:00 Intro
2:30 Timer and delay
7:35 Changing the delay
11:40 Title display loop
13:10 Input check
17:45 Text rendering logic
37:35 Offsetting the text
39:25 Character data
42:45 Modifying the text
Переглядів: 1 705

Відео

Reverse engineering an old DOS game (part 1 of N)
Переглядів 8 тис.Рік тому
Tracing step by step the graphics mode initialization of an old DOS game. - Get the Cutter IDE here: cutter.re/ - Get DOSBox here: www.dosbox.com/ 0:00 Intro 10:20 Bootstrap 16:00 Entry point 23:50 Video card check 43:40 Video mode initialization 50:45 Modifying the palette selection

КОМЕНТАРІ

  • @nesgoof3412
    @nesgoof3412 4 дні тому

    I thoroughly enjoyed both your RE videos, they're easy to follow and I learned a ton. Any chance of sharing more of your wisdom in the future? I'd really like some pointers on the general approach to reverse engineering DOS-era games. I just started my own RE project, and got the first few routines RE'd with Ghidra, but it's all uphill from here. :D

  • @TuoZhang-t6p
    @TuoZhang-t6p 5 днів тому

    great video. But assembly is indeed quite hard to understand. Look for more videos from you

  • @AnoNym-zi5ty
    @AnoNym-zi5ty Місяць тому

    How does cutter compare to ghidra? Isn't ghidra better? Putting that taxpayer money to use.

  • @nickluvsretro
    @nickluvsretro 6 місяців тому

    Thank you so much for this. Excellent video. I've been looking to peek into a few DOS real mode games (Interphase, PowerMonger) and this has been really informative, thank you!

  • @ruben_balea
    @ruben_balea 6 місяців тому

    This game can display the graphics on a secondary CGA if the primary display is MDA, it could be to try to make the computer restart in CGA mode because the user could have turned off the MDA monitor where the game asks if you have a CGA monitor when the computer boots in MDA mode, while the will start directly if the computer boots in CGA mode. But I don't know if the PC would reuse the equipment settings stored in the BDA on warm reboots or if it would reset them according to the configuration switches. I don't have an IBM PC and 86Box only allows to use MDA as the secondary display when using MDA and CGA

  • @MattTrevett
    @MattTrevett 8 місяців тому

    Around 3:30 he mentions if you XOR an old value against a new value, you get the bits that changed.. and it's true: 00 -> 00 = 00; Masked: 0 00 -> 01 = 01; Masked: 0 00 -> 10 = 10; Masked: 1 00 -> 11 = 11; Masked: 1 01 -> 00 = 01; Masked: 0 01 -> 01 = 00; Masked: 0 01 -> 10 = 11; Masked: 1 01 -> 11 = 10; Masked: 1 10 -> 00 = 10; Masked: 1 10 -> 01 = 11; Masked: 1 10 -> 10 = 00; Masked: 0 10 -> 11 = 01; Masked: 0 11 -> 00 = 11; Masked: 1 11 -> 01 = 10; Masked: 1 11 -> 10 = 01; Masked: 0 11 -> 11 = 00; Masked: 0 In the video's example some of the bits were masked. Since it's a timer, as the number increments you could ignore the first x amount of seconds by masking off the first few bits. In my example above, if you used a bitmask of 01 and XOR that (TEST would use a bitmask of 10 instead), it'll take just the leftmost bit. It's a really efficient way of making a simple wait/timer in this case I think, although it may not be high precision depending on CPU speed and other variables. The other disadvantage is the CPU won't do anything else during the loop in this naive case. If you see any mistakes in my comment please let me know.

  • @megakek4457
    @megakek4457 10 місяців тому

    Thank you for the video. It helped me greatly in reverse engineering an old DOS application.

  • @RichardSmithers
    @RichardSmithers Рік тому

    I remember this game from back in the day. We wouldn't care about the score - just keep spamming the fire button. As primitive as that is, it worked fairly well especially in the higher levels.

  • @bengt-goranpersson5125
    @bengt-goranpersson5125 Рік тому

    Oh man, I really hope you continue this series. This is fantastic content.

  • @bengt-goranpersson5125
    @bengt-goranpersson5125 Рік тому

    I thoroughly enjoyed this video. I have learned so much from this. I have tried getting started with looking at old DOS-software I have from back in the days but haven't known how to get set up and to find good documentation. Fantastic content!

  • @dschoene57
    @dschoene57 Рік тому

    41:00 You can tell it was written by someone who was a bit inexperienced. Testing for both lower case and upper case letters is a bit weird. Just whack bit 5 of the int16 return and you'll have a 'to_upper()' conversion. That's the whole point why lower and upper case characters are exactly 32 codes apart ('A' = 65 , 'a'=97)

    • @MotorHead74808
      @MotorHead74808 2 місяці тому

      That is awesome! Thank you for sharing!

  • @UseFreeSpeech
    @UseFreeSpeech Рік тому

    this game was on the ipod nano

  • @giornikitop5373
    @giornikitop5373 Рік тому

    it's been a long time since my assembly days but something odd about the code in 0x2c83? maybe there is a wrong disassembly in there because the je 0x2c8a makes no sense, why jump to itself, i have never seen that before. also if the execution jumps in 0x2c83, it can never leave eitherway. strange.

    • @fabricelete5337
      @fabricelete5337 Рік тому

      In this codepath, the game has detected that the computer wasn't running a compatible video card. So it prints an error message, and stop execution. This is the point at which it would normally return to the operating system. But Paratrooper was initially released as a PC booter game, where there was no operating system to return to. So it simply locks in place and the user has to reboot the machine.

  • @drugmonster6743
    @drugmonster6743 Рік тому

    Great videos! I'm also looking into reverse engineering an old dos game, it's in a NE executable, but I've still found your videos very informative. Are you planning on porting this game to a modern platform? Looking forward to the next one!

  • @PeterSwinkels
    @PeterSwinkels Рік тому

    With a hex editor/viewer you can easily spot plain text and get an idea of a program's general layout. You should also check whether the binary uses some kind of compression. Possibly the weird way it jumps into the main code at the start is a rudimentary attempt at obfuscating the code.

  • @nangld
    @nangld Рік тому

    Just feed the bytecode to GPT, and then ask to decompile, and then converting it to SDL2.

  • @king1king2king3
    @king1king2king3 Рік тому

    The video subject is cool, but unfortunately, everything is small my eyesight can't see everything clearly. Why didn't you zoom in during the recording?

    • @fabricelete5337
      @fabricelete5337 Рік тому

      Good remark! I've actually started adding some zooming in part 2. I'm learning video editing as I'm making this stuff, I hope to improve over time.

  • @ovalteen4404
    @ovalteen4404 Рік тому

    Playing with the BIOS equipment list would have zero effect on a PC 5150. But perhaps one of the clones or later products might be affected by it. The value in 40:10 tells which video mode it boots up into, and is set by the DIP switches on the 5150. But on reboot it always loads the DIP switch values and replaces them in the BIOS area, so nothing is really affected. When you're talking about a game made by a teenager, though, there may always be leftover cruft that does nothing, but doesn't harm anything and so is never removed. A thorough code review might have caught those odd items so that they could be removed.

    • @fabricelete5337
      @fabricelete5337 Рік тому

      Thanks a lot for your comment! Are you talking about the part in 44:00 where the color text mode 80x25 is written back to the bios area? It seems odd indeed because the game being a pc booter, there's no other way to exit but to reboot the computer anyway, and the code is entering graphics mode immediately after anyway. I also assumed that this code having probably never been reviewed, it is likely to contain a few harmless mistakes.

    • @ovalteen4404
      @ovalteen4404 Рік тому

      @@fabricelete5337 Yes, the color text mode is what I was referring to. That value is written at BIOS initialization, so it has no real effect, at least on true IBM PC's, to change it.

  • @TomStorey96
    @TomStorey96 Рік тому

    Great videos. I hope you'll make some more. There have been some interesting coding practices in this game, and I see a couple of optimisations that could be made - if they really mattered for performance, but I suspect not. E.g. in this first video when checking for yes/no replies, a small optimisation that could have been made is to take the character code, OR it with 32, and then you only need to test against the lower case character, since an upper case character would then have been converted to lower case. And in this second video when creating the delay loop I don't really see the need to do much more than AND the timer value with 0x3 and see if that results in zero before continuing. It seems a bit convoluted to XOR against the previous value looking for changes in the upper bits.

    • @SimonBuchanNz
      @SimonBuchanNz Рік тому

      Since it's a timer, just checking for ...00 could in theory miss an update, eg ...11 then ...01. I don't know how likely that is in this context where the loop seems quite short, but it's probably a habitual/copy pasted standard timer loop.

    • @fabricelete5337
      @fabricelete5337 Рік тому

      Thanks for your kind words! I made further progress in reverse engineering this game but it got a little more involved and I had a lot more work to prepare the next video, which slowed me down. I'm planning to get back to it, and it's a great source of motivation to know that people are enjoying it. I agree with both of your remarks, there are some opportunities in this game to optimize both the speed and the size of the code. There are also a few things which seem useless or redundant (like in the video mode initialization in the first video). I assume it's simply a consequence of the game having been written solo by a teenager and over a short period of time. But those small issues aren't detrimental to the functionalities of the game in any way. I secretly hope to find an actual bug in there at some point, but chances are slim. In any case, it remains really humbling to look at this code, while thinking about the circumstances of its creation. And the little mistakes add a human dimension to it.

    • @skmgeek
      @skmgeek 6 місяців тому

      ​@@fabricelete5337I'm guessing you've lost motivation to work on the next episode in the series, but i'd still love to see it :3

  • @127.
    @127. Рік тому

    This is cool