Looking for a reverse engineer to help modify specific binary file

[monicath133]

I have binary packed file likely containing a series of if/then action statements if decoded and unpacked to modify. I know what to seek for within the file, I need assistance in unpacking, decompiling and repacking/compiling the contents.e.g. There's a bunch like:

If a Target has < 30% Health :: Do This Action

Do this Action on them (Fire magic)and so on.I plan to understand more and modify these 'if/then-esque' game-target statements to something a little more unique.
I've attached the relative file. I'd like to work along with to reach goal
View attachment section_007.zip

 

[zipper20032]

Are you sure this is indeed a script like?

Can you give more details about what game it is and things like that?

It seems your binary is having 8240 bytes, and seems to be non related functions bytes.

I've seen bytes like ASCII symbols and the alphabet like from K to Z.
And 4 numbers at the end of the file 10,30,50,70.

���ÿ --> This is in every line, which means these are some kind of padding bytes.

I've noticed this ASCII in first bytes: "st2e". For me looks like a checksum for the file or an internal naming of what's inside the file.

From my knowledge, there's no binary file decompiler, but only interpreter, which usually this is done manually using 010 Editor.

Probably the binary is encrypted, but... who knows with what and how.

We need more info about your project so we can help, but even so I don't guarantee that this can be "decrypted".


Also, if your game/project is loading this at runtime, I'm sure you can find the function which reads exactly this file and the decryption method used. I would do first some RE regarding this before trying to achieve nothing with this binary file.

 

[monicath133]

Are you sure this is indeed a script like?

Can you give more details about what game it is and things like that?

It seems your binary is having 8240 bytes, and seems to be non related functions bytes.

I've seen bytes like ASCII symbols and the alphabet like from K to Z.
And 4 numbers at the end of the file 10,30,50,70.

���ÿ --> This is in every line, which means these are some kind of padding bytes.

I've noticed this ASCII in first bytes: "st2e". For me looks like a checksum for the file or an internal naming of what's inside the file.

From my knowledge, there's no binary file decompiler, but only interpreter, which usually this is done manually using 010 Editor.

Probably the binary is encrypted, but... who knows with what and how.

We need more info about your project so we can help, but even so I don't guarantee that this can be "decrypted".


Also, if your game/project is loading this at runtime, I'm sure you can find the function which reads exactly this file and the decryption method used. I would do first some RE regarding this before trying to achieve nothing with this binary file.

Sorry for the belated reply.
I have more infoamtion.

section_007.bin is packed inside of battle_pack.bin
That file holds the majority of the games integral workings. I have the tool that unpacks battle_pack into sections, along with the tables for editing it’s sections in real-time during runtime (in-game).

Seciton_007.bin is the key file to crack open from battle_pack.bin.


Next, you are correct, gambits are indeed customizable.

You must be registered to see links

In the table, we see section 7 (the file we have) contents the gambits, and conditions.

Using this table as reference we can perform tasks to edit section 007 in GUI (if possible) and edit those values like in the cheat engine table.


Furthermore, get the parameter values for the game controller button prompts. (like XYAB key on the controller) The goal is to modify the Target/Trigger condition (and parameters) to execute on button/key prompt (in a GUI if possible).


So like:


Trigger Condition reads:

If “X” button is pressed on controller, trigger this condition.

likewise:

If “CTRL” button is pressed on keyboard, trigger this condition.

translated to keyboard keystroke.


The goal is to reverse the structure of the available gambits and yes, goal is to create a method of custom “gambits” injection and create GUI mod kit for editing these binaries of the game. The GUI is to be created by us for the purpose of editing these binaries without restriction.


And furthermore, decompile any remaining ebp scripts with the same GUI. (later, derelict)

The executable using this file is

You must be registered to see links

.

 

[zipper20032]

Hmm, from your screenshot, that's the pointer to the memory of that section part and I can see its structure is already reverse engineered.

For editing, I think it's better to have your own DLL, accessing the memory you want to modify, plus, you can use a GUI such as Imgui to develop an interface to modify that memory. The exe is 64 bits, which I think it can complicate things memory wise.

If you get the same address of those pointers (p->********) every time at runtime, I think you can detour them with an external DLL library injected into your exe. I think it wouldn't matter what packing method they are using, the memory would still be the same (ofc, I'm talking about detouring in case the memory's always at the same address).

In your case, by accessing p->247A966A which is WORD type (2 bytes), you can get or set the value with whatever you want (Trigger condition)

For me, the section 7 is like a class, cause I can see the bytes distributed according to their var type and size

p->247A9660 -- array of 3 bytes
and next is p->247A9663 (+ 3 bytes)

p->247A9663 -- 1 byte
and next is p->247A9664 (+ 1 byte)

The arrays can make you problems, but if you get their size that's perfect, because you know how you can recalculate next bytes and so on.

I'm not an expert, but I would do the detouring and the GUI if I was in your shoes in this case.


The tool which is unpacking the bin file can unpack this section 7 binary file too, or it's just for the entire section of binaries container?

Maybe this will help ya:

You must be registered to see links

Anyway, having an injected DLL there, you would be able to edit the binaries but not save them permanently. You will need to see if that pointer is allocated dynamically or is having the same memory address in order to save them locally and load them at runtime.

And also, you can't get an address without starting the game, lol, so you need to get that address after the game or specific game phase started, so that pointer is allocated somewhere.

Edit: I've also seen in a forum that section_007 is not used.

You must be registered to see links

 

[monicath133]

Edit: I've also seen in a forum that section_007 is not used.

You must be registered to see links

That's old.
section_007.bin is used, it contains the games gambit functions. (if/then-esque statements that are assigned to the player character to take action).

the cheat engine table can (almost) edit it to my goal, it's more so the conditions need to read:
"if gamepad button is pressed, gambit function is TRUE (execution action).