Anyone interested in client development?

**Derision** · #1 03-10-2012, 08:52 AM

Quote:

Originally Posted by PixelEngineer

Is anyone here experienced in reverse engineering files? I have been going through and documenting every type of file the client uses. There is one file however, which seems to stump me.

The file is denoted by:

<shortname>_sounds.eff

I had a look a this, since it piqued my interest.

First of all, since you suggested it may be ZLIB compressed, I wrote a quick program to read one of the files and then move through it byte by byte and attempt a ZLIB decompress.
That failed, so it wasn't zlib compressed.

The next thing I did was open up eqgame.exe in IDA and found where the string %s_sounds.eff was referenced and looked at the dissasembly.

I could see that it reads the file 84 bytes at a time, and indeed, the few files that I looked at were all multiples of 84 bytes.

Next thing I did was write a quick program to read one of the files, 84 bytes at a time, and print out each group of 4 bytes as both an int and a float.

I could see from my output some floats that looked very like groups of co-ordinates to me, so I went in game and did a #goto to some of them to verify
there appeared to be a sound emitted in that location (some were obvious, like camp fires or steam geysers).

Anyway, this is what I figured out:

Code:

Offset
00		int8 Unknown[12]
12		int32 Sequence Number ?		// Increments by one for each entry in the file
16		float Y
20		float X
24		float Z
28		float Radius?			// Radius from position that sound can be heard ?
32		int8 Unknown[52]

PixelEngineer · #2 03-12-2012, 03:13 AM

Quote:

Originally Posted by Derision

I had a look a this, since it piqued my interest.

First of all, since you suggested it may be ZLIB compressed, I wrote a quick program to read one of the files and then move through it byte by byte and attempt a ZLIB decompress.
That failed, so it wasn't zlib compressed.

The next thing I did was open up eqgame.exe in IDA and found where the string %s_sounds.eff was referenced and looked at the dissasembly.

I could see that it reads the file 84 bytes at a time, and indeed, the few files that I looked at were all multiples of 84 bytes.

Next thing I did was write a quick program to read one of the files, 84 bytes at a time, and print out each group of 4 bytes as both an int and a float.

I could see from my output some floats that looked very like groups of co-ordinates to me, so I went in game and did a #goto to some of them to verify
there appeared to be a sound emitted in that location (some were obvious, like camp fires or steam geysers).

Anyway, this is what I figured out:

Code:

Offset
00		int8 Unknown[12]
12		int32 Sequence Number ?		// Increments by one for each entry in the file
16		float Y
20		float X
24		float Z
28		float Radius?			// Radius from position that sound can be heard ?
32		int8 Unknown[52]

Absolutely gorgeous. Thank you so much. I have IDA in my toolbox but I don't really have a great understanding of how to use it. Did you read a guide on it or something?

That leaves virtually no files in the original EverQuest that are unknown now. I am in the process of interviewing for a job so that can explain my absence. I am still however, working on this project and am redoing the way the zones load with WLD classes with several levels of inheritance for their specific purpose.

Thank you again Derision. Very much appreciated.

Taurinus2 · #3 03-12-2012, 03:38 PM

You payed 1000USD for a license to software you don't know how to use? How did you get your developer confirmation for it?

If you got it through an unauthorized channel (would seem the case) then I can say with high confidence that you are root-kit'd (by someone other than yourself).

**Derision** · #4 03-12-2012, 03:55 PM

Quote:

Originally Posted by Taurinus2

You payed 1000USD for a license to software you don't know how to use? How did you get your developer confirmation for it?

If you got it through an unauthorized channel (would seem the case) then I can say with high confidence that you are root-kit'd (by someone other than yourself).

I think you are jumping to conclusions. I was referring to the IDA freeware 5.0 version in my post, and it is quite possible PixelEngineer has the free version too.

Taurinus2 · #5 03-12-2012, 04:45 PM

True. I've forgotten that IDA Pro was once freeware. The warning about root kits still stands tho (for all who might read this).

PixelEngineer,

Have you ever considered switching to Qt Creator as an IDE? This would give you a nice IDE on multiple platforms and relieve you of having to maintain a makefile for linux. qmake really is quite capable and Qt Creator can be used even without using Qt libs in your project.

You would still need a compiler on Windows, but you can always use the latest Platform SDK to keep in sync with the compiler technology. You can also install Visual Studio and just use Qt Creator although that would seem a bit overboard when all you need is the compiler (which is what I do, because I use both and I also need the assembler).

mingw is another option (Qt Creator can use this toolchain also).

Just tossing ideas out there.

PixelEngineer · #6 03-12-2012, 09:37 PM

The IDA I was referring to was indeed the freeware version but for others that may have obtained it in other ways, thank you for the warning.

I like the idea of Qt although I am curious as to how much work it would do in translation for this project. I don't mind not using Visual Studio and if there would be something that would compile well on Mac OS (the other OS I want this client on), that would be fantastic. It is funny you mentioned it because two days ago actually, I downloaded the Qt framework and started messing around with it.

Can you list more advantages for making the switch?

Taurinus2 · #7 03-12-2012, 10:04 PM

Bare in mind that I am only suggesting the Qt Creator IDE and not developing with the libs themselves (although Qt is quite solid - not really suited to your project).

The most profound thing in my mind that stands out is the ability to plug a new toolchain in without much hassle. You just invoke qmake and it can generate a makefile for the new toolchain. This simply cannot be said about Visual Studio.

Having the exact same IDE with the exact same interface on all of your target platforms is a really nice thing to have for productivity. Also, Qt is a standard lib in Debian/KDE distros (and probably more) so you would not face a dependency problem in getting up and running there.

Qt Creator can also use cmake if you wish.

In short, it just jives with cross-platform well.

Browse through the docs for qmake and see what you think.