Multiline Ultimate Assembler Library

This article was written by Mr. eXoDia about the usefulness of the Multiline Ultimate Assembler Library, which is a (dis)assembler library with similar functionality to the Multiline Ultimate Assembler OllyDbg plugin.
Kudos to him!

The Multiline Ultimate Assembler Library
rar Multiline Ultimate Assembler library.rar (181.34 kB)

Article files (with the library included)
rar multi_asm_lib_test.rar (198.37 kB)

Alright, so what’s the use of the Multiline Ultimate Assembler Library? In my case it was useful as backend for a ‘generic’ API hooking tool. The tool was used to hook various APIs to prevent CRC checks and then the idea was to hook an API (VirtualProtect for example) that was accessed just before the OEP of the protected file was reached.
In our case we will not deal with a real protector, but just with a simple file that mimics a protector. Our protected file must have VirtualProtect in the import table.
Read More…

Posted in Reverse Engineering at September 26th, 2013. 2 Comments.

Revealing the secrets of Icy Tower v1.3.1

Hello :)

The stuff I’m going to release here is something I’ve worked on a year ago. Back then, v1.3.1 was the latest version of Icy Tower, and I’m sure that if I’d release it then, johanp would hate me as heck (remember how he reacted on Icy Tower Replay Editor?). But today, Icy Tower v1.3.1 is history. Also, IMO, Icy Tower is history in general (at least the desktop game, can’t tell anything about mobile/facebook as I don’t really know what these are). v1.4 mostly ruined the game – it became more static and ugly (no eye candy, images look stretched), harold’s got large ears and is not as cool as before, the game’s got lots of options, which makes it more complicated. Also, the official forum is not as active as it was before.
So, here it is…

A project called replay_checker:
rar replay_checker.rar (45.34 KB)

This small console program does the following: loads a replay, checks it for validity (including the hash), and then silently plays the replay to verify it’s validity, just like the official itr checker.
So, what’s so special about it? It’s completely open source!
The replay file format, the hash calculation method, and the Icy Tower physics (in fact it’s whole engine) – these are available to look at from inside.
If you are familiar with graphics programming, you can easily turn this replay_checker to a replay_player, or even write an Icy Tower like game, which is capable of saving compatible replays :)

P.S. You can download Icy Tower v1.3.1 here.

P.P.S.
rar bonus.rar (518.94 kB)

Posted in Reverse Engineering at April 4th, 2010. 8 Comments.

Icy Tower v1.3.1 mods

Sparse Floor
Only even floors are present (each second floor is there).

rar icytower13_sparse_floor.rar (274.73 KB)

Solid Floor
You can’t go through the floors – they are solid.

rar icytower13_solid_floor.rar (271.07 KB)

Posted in Reverse Engineering at May 6th, 2009. No Comments.

TightVNC portable (version 1.3.10)

What is TightVNC

Recently, a new version of TightVNC was released, and a portable version of it for U3 flash drives appeared.
That’s great, but what if you don’t have a U3 flash drive, or you don’t like the U3 system in general (that’s me), or you don’t want to use it on a flash drive at all?

Well, here is how you extract the program itself from the .u3p package for a regular use:
1. Download it here.
2. Use WinRAR or similar to extract the host folder from that file, which is in fact a zip archive.
3. Use the following command line parameters to use a local ini file instead of the registry for storing your settings:
winvnc.exe -runwithinifile .\winvnc.ini
vncviewer.exe -settingsfile .\vncviewer.ini

Now you can enjoy the portable version of TightVNC without a U3 drive.

But you must agree, that it’s not really handy to use a command line every time you want to run TightVNC. Well, I’ve patched winvnc.exe and vncviewer.exe and made them use an ini file by default. These are attached on that topic.

Finally I want to advice you to make a donation to support the project.

rar TightVNC_portable.rar (413.23 KB)

Posted in Reverse Engineering at May 6th, 2009. 5 Comments.