Closed hackerb9 closed 4 years ago
Sure. @Dozayon spearheaded the documentation of executable unpacking for Arena in the first place and made it possible for me to implement it here. I would've been lost otherwise. Thanks for bringing it up.
It appears the CD version of Arena (ACD.EXE) has the same start offset as the floppy disk version.
I've updated my README to credit @Dozayon as well. It hadn't occurred to me to even look for documentation; I was trying to understand what was going on by reading the code. Dozayon's done an amazing job.
Now that I see how well it's documented, I'm going to be able to make my program much better. (Goodbye silly statically allocated buffer for decompression! Goodbye guessing whether bytes need to be decrypted or not!)
One question I have is how you were able to tell what the start offset of ACD.EXE was. My program defaults to an offset of zero on the theory that it's better to add garbage than truncate data, but I'd prefer to actually calculate the correct offset.
I just ran the engine with ACD.EXE as the target for executable unpacking, outputted the decompressed file to disk, and saw in a hex editor that all the relevant data was still accessible, just at different locations than the floppy disk version (because of slight differences in the code between versions).
Hi @afritz1, I just wanted to give you a heads up that I've wrapped the nifty PKlite EXE decompression routines you wrote with a simple command line interface so it can be more easily used on other EXEs people come across.
(Technically, I based my code on @NY00123's refkeen project, but the comments there give credit to you.)
https://github.com/hackerb9/depklite
I hope this is alright by you.