Problems with exestringz [Diablo 1]

[raulpuro]

Hi,

This application is great, I could change some executables that were pending. The application usually does not show some lines, well this is logical, I usually use a hex editor to translate what little is missing, the problem is that I would like to translate games like Diablo 1 containing all the text in the executable.

But do not use a regular patterns (||, |, | &, and many separate texts) and only shows a small part of the texts to translate.

The only way I have found to display all text is:

exestringz -f -b 1 diablo.exe diablo.txt

with the result and eliminating lines, I get all the necessary texts, but when I try to insert them again with the -b option, the game shows the texts bad, with the other options, it works perfectly, but omits most of the texts.

Is there any solution for this? It would be great to translate all text, without worrying about size.

Greetings and thanks.

[aluigi]

Feel free to provide the executable so that I can take a look at it.
Maybe there is some space to improve the recognization engine of exestringz or to put an option to allow it to catch these strings.

[raulpuro]

Hi,

Thanks Luigi, i thought i could not upload the executable. Well, here are some groups of texts that I have found, but there are more texts that are not displayed.

"Unholy Altar
Bone Spirit
Steelskull the Hunter
$ Keyboard Shortcuts: | F1: Open Help Screen | Esc:
Ahh, the story of our King".

It is a complicated executable. I use a lot the program, if the changes are simple and you could tell me how to do it, i can try to update the application with new patterns to other games, so I do not have to be bothering you.

Greetings.

[aluigi]

These strings come from an array of a structure containing also other fields other than the address of the strings, so exestringz is not able to guess it correctly.
It's something that I can't patch because it's too heuristic and not easily guessable.

So it's not a filter on the characters because -f (without -b) doesn't catch them too, although it gets 2150 strings against the 1691 collected without -f (so I suggest you to use this option).

The alternative would be to copy&paste the missing strings from the -b output and manually fixing their addresses located at the end of the _______ pattern, plus replacing ffffffff with the exe address where the string is referenced... definitely not easy or quick.

For example the header of the following entry:

Code: Select all

________________________________________________________________________________1-000a29d0___000a29d0/ffffffff
You kill uglies, get banner. You bring to me, or else... |

should be replaced with:

Code: Select all

________________________________________________________________________________1-0007ddc8___000a29d0/004A4BD0

[raulpuro]

Hi,

Ok, if no other option, I can go adding the missing lines. But I have a problem

Code: Select all

_______________________________________________________________1-0007ddc8___000a29d0/004A4BD0

000a29d0 is the first hexadecimal text position, but the other two, I do not know how to find them .

Greetings.

[aluigi]

That's why I said it's not easy

A possible idea may be to use the following quickbms script that should be able to fix these addresses automatically:

Code: Select all

open "." "diablo.exe" 1
get SIZE asize
log MEMORY_FILE 0 SIZE
for
    findloc OFFSET string "/ffffffff" MEMORY_FILE ""
    if OFFSET == ""
        break
    endif
    math OFFSET - 19
    goto OFFSET MEMORY_FILE
    getdstring ADDR 8 MEMORY_FILE
    get DUMMY line MEMORY_FILE
    string ADDR p "0x%s" ADDR
    xmath RVADDR "ADDR + 0x402200"

    goto 0 1
    findloc XADDR long RVADDR 1 ""
    if XADDR != ""
        string TMP p "%08x___%08x/%08x" XADDR ADDR RVADDR
        goto OFFSET MEMORY_FILE
        putct TMP string -1 MEMORY_FILE
        print "FIXED: %TMP%"
    endif
next

get NAME basename
get EXT extension
string NAME + "_new."
string NAME + EXT
log NAME 0 SIZE MEMORY_FILE

Try it and let me know if the replaced "new" strings now work.

[raulpuro]

Hi,

He remains as blocked, I'm as input the .txt, with the extracted text, if I use for testing the exe as input generates another exe.



Greetings.

[aluigi]

Ok, I have edited the previous script, now it should work.

[raulpuro]

Hi,

I've been testing and is partially functional, well there are some lines that do not translate the text, looking more closely, I think I've seen the possible error. There are entries in the first group ("offsets where is pointed the string") contain multiple values, these values are not added to the script * .bms and translation changes are not applied.

Example:

Code: Select all

________________________________________________________________________________1-00004266-000030dd___00081d4c/00483f4c
1 Charge
________________________________________________________________________________1-00004762-0001de83-00022050___00081f44/00484144
%i gold %s
___________________________4-00003c62-00023214-000234b8-0002b5f4-0004c16a-0004d6ea-00042fca-00055984-000559ec___000b62d8/006aead8
Diablo was unable to properly initialize your video card using DirectX.  Please try the following solutions to correct the problem:

Moreover, the first script you've created works (except the mistake that I mentioned earlier), the application was blocked by a corrupt line in the txt. The second script fails.

Copy the first script:

Code: Select all

open "." "diablo.exe" 1
get SIZE asize
log MEMORY_FILE 0 SIZE
for
    findloc OFFSET string "/ffffffff" MEMORY_FILE ""
    if OFFSET == ""
        break
    endif
    math OFFSET - 19
    goto OFFSET MEMORY_FILE
    getdstring ADDR 8 MEMORY_FILE
    string ADDR p "0x%s" ADDR
    xmath RVADDR "ADDR + 0x402200"

    goto 0 1
    findloc XADDR long RVADDR 1 ""
    if XADDR != ""
        string TMP p "%08x___%08x/%08x" XADDR ADDR RVADDR
        goto OFFSET MEMORY_FILE
        putct TMP string -1 MEMORY_FILE
        print "FIXED: %TMP%"
    endif
next

get NAME basename
get EXT extension
string NAME + "_new."
string NAME + EXT
log NAME 0 SIZE MEMORY_FILE

Greetings.

[raulpuro]

Hi,

I guess the solution of adding all values of "offsets where is pointed the string" is complicated, it is strange (well for me everything is strange, I do not understand this) but not always adds the first value in the group.

In this example the script.bms adds the second value of the group, "00022ec0"

Example with exestringz -f

Code: Select all

________________________________________________________________________________1-000230bf-00022ec0-00057a57___00091598/00493798
%s %i Dex

Example with script.bms

Code: Select all

________________________________________________________________________________1-00022ec0___00091598/00493798
%s %i Dex"

In these examples the script.bms adds the first value of the group "00022d7c, 00022d5f, 00022d27"

Example with exestringz -f

Code: Select all

________________________________________________________________________________1-00022d7c-00022fd0___000915fc/004937fc
armor: %i  Dur: %i/%i
________________________________________________________________________________1-00022d5f-00022fb3___00091614/00493814
armor: %i  Indestructible
________________________________________________________________________________1-00022d27-00022f3d___00091630/00493830
damage: %i-%i  Dur: %i/%i

Example with script.bms

Code: Select all

________________________________________________________________________________1-00022d7c___000915fc/004937fc
armor: %i  Dur: %i/%i
________________________________________________________________________________1-00022d5f___00091614/00493814
armor: %i  Indestructible
________________________________________________________________________________1-00022d27___00091630/00493830
damage: %i-%i  Dur: %i/%i

Is it possible to find a solution to this?

Greetings and thanks.

[aluigi]

I guess that probably in this case it's better to opt for -b (with the limit of text size) or finding other solutions.
I can't help much on that tool to be honest.

[raulpuro]

Yes, but with -b, the txt contains /ffffffff so it would be necessary to use the script, and unfortunately the script.bms adds not all values (the XADDR variable not contains the entire value chain). It's a shame because almost tapeworms. I use a lot this application, and for me solve many of my problems, but if not possible ...

Thanks for the time spent.

Greetings

[aluigi]

-b works in a completely different way, that's why there are only /ffffffff values.
exestringz -b simply overwrites the old strings with the new ones while without -b it creates new references in the executable if the new ones are longer.

[raulpuro]

Hi,

ok thanks for the explanation, -b is very useful, but to translate, which is really what I use the application without -b I can easily import the texts.

I tried all possible convinations and only showing all text is -f -b is true that displays many false positives but that does not matter to me.

I've been looking at the code exestringz, well I do not understand almost anything XD, but I've seen that pointer_offset variable (in the BMS script is XADDR), it really is an array that can go to show whether it contains multiple values. But doing that is not possible in the script.bmp.

Code: Select all

if(!quiet) {
                fprintf(fd, "%s%d", MYLINES, strindex[i].string_type);
                for(j = 0; j < strindex[i].offsets; j++) {
                    fprintf(fd, "-%08x", strindex[i].pointer_offset[j]);
                }

I keep trying, thanks for everything Aluigi.

Greetings

[raulpuro]

Hi,

Sorry for reopening the post, the devil script has finally been very useful is it possible to make another script for hellfire?

Greetings and thanks.

[raulpuro]

Hi,

Aluigi, when you have time, can you look at this please and comment if possible?

Greetings and thanks.

[aluigi]

Comment on what?

[raulpuro]

Hi,

Make a script fix for the addresses automatically for exestringz from Hellfire, just like you did in the previous post with diablo but for its expansion Hellfire. If is possible.

Greetings.