Reversing TP checksum calculation process
Posted by ShovAge
|
Reversing TP checksum calculation process January 19, 2009 10:16PM | Registered: 15 years ago Posts: 19 |
Hello,
I'm currently trying to reverse the checksum calculation process applied on Zelda TP savegames.
I know that segher already wrote a tool which allow to fix the checksum on Zelda savegames.
In fact, I'm curious about how he done it.
I put the main.dol in IDA, and tried to locate it, I also used my gecko usb, run the game with the debugger and tried some breakpoints.
Unfortunatly, I failed.
So, could a skilled reverser give me a clue ("just a very little one :)") ? What is the best way to find this checksum calculation function ?
Regards,
ShovAge
I'm currently trying to reverse the checksum calculation process applied on Zelda TP savegames.
I know that segher already wrote a tool which allow to fix the checksum on Zelda savegames.
In fact, I'm curious about how he done it.
I put the main.dol in IDA, and tried to locate it, I also used my gecko usb, run the game with the debugger and tried some breakpoints.
Unfortunatly, I failed.
So, could a skilled reverser give me a clue ("just a very little one :)") ? What is the best way to find this checksum calculation function ?
Regards,
ShovAge
|
Re: Reversing TP checksum calculation process January 20, 2009 03:59AM | Admin Registered: 15 years ago Posts: 271 |
|
Re: Reversing TP checksum calculation process January 20, 2009 06:51PM | Registered: 15 years ago Posts: 19 |
Thanks for your precious help !
I think that I found the function :
00017278 000040 8001db98 4 mDoMemCdRWm_SetCheckSumGameData(unsigned char *, unsigned char) m_Do_MemCardRWmng.o
Edit: There's another function which calculate a checksum for the 3 slots. I will search it.
I had a look on the ppc code and I think that it's the function that I search for.
it takes the slot number in parameter, read 0xA8C bytes, perform some operations (like not ...).
So i'm pretty sure that's it. I will investigate deeper, because I'll try to rewrite segher's tool. Just to learn.
I have an additionnal question:
- Is there a reason why Nintendo put this set of symbols on the disc ?
Edited 1 time(s). Last edit at 01/20/2009 09:19PM by ShovAge.
I think that I found the function :
00017278 000040 8001db98 4 mDoMemCdRWm_SetCheckSumGameData(unsigned char *, unsigned char) m_Do_MemCardRWmng.o
Edit: There's another function which calculate a checksum for the 3 slots. I will search it.
I had a look on the ppc code and I think that it's the function that I search for.
it takes the slot number in parameter, read 0xA8C bytes, perform some operations (like not ...).
So i'm pretty sure that's it. I will investigate deeper, because I'll try to rewrite segher's tool. Just to learn.
I have an additionnal question:
- Is there a reason why Nintendo put this set of symbols on the disc ?
Edited 1 time(s). Last edit at 01/20/2009 09:19PM by ShovAge.
|
Re: Reversing TP checksum calculation process January 25, 2009 12:23AM | Registered: 15 years ago Posts: 93 |
Sorry, only registered users may post in this forum.