Community
SCI Programming => SCI Development Tools => Topic started by: ZvikaZ on May 19, 2020, 04:03:26 AM
-
Hi.
I'd like to check something in Sierra's original adl.drv (for qfg1 ega, if that matters)
Is there source code of it, or of any other Sierra's drivers? I haven't found in https://github.com/OmerMor/SCI16/tree/master/INTERP
Or maybe someone has good disassemblies?
And anyway, how can I disassemble it myself?
(I have never done reverse engineering, but I'm a quick learner ;-) )
I've downloaded Ghidra. Is it a good tool for this?
Just opened the driver in Ghidra, selected the language as "x86/Real Mode/16 bit/LE" (is it??), and it doesn't look very nice :-\
Does it need some more information/configuration?
-
The Sierra drivers start with a jump instruction to the entry point followed by a bunch of data. The actual code is near the end of the file.
I haven't tried Ghidra, so I don't know if it needs to be configured in any way to handle these files. Sounds like it's interpreting the data area as code?
-
Take a look at Ravi's research on SCI drivers: http://sci.sierrahelp.com/Tools/RavisSoundDrivers.html
You can also try contacting NewRisingSun who I believe have experience reverse engineering the drivers.
-
Thanks you both!
With your tips, it started to make sense...
@OmerMor - using Ravi's 'Framework Driver' is a very good reference - disassembling his driver with one hand, and reading his commented source assembly on the other hand...
@lskovlun - you were right - Ghidra was a little bit confused - it somehow thought it's all data. I just had to right click on the first 'data', and choose 'Disassemble', and it started working.
-
Also: https://helmet.kafuka.org/logopending/2019/08/13/sci-drivers-how-do-they-work/