Finding a memory

I was recently back for holidays, vitising at my parents, and found all my old computer games. Among them was ‘Magnus Og Myggen 2: Den Store Skattejagt’ which I loved to play, even though it was among the most difficult games I’ve played to date.

I made an ISO file of it and wanted to boot it up through Wine and play it on my linux machine. However, the game is from 1997, and it ‘erroneously’ told me I had no CD.

So what was I to do? Well, what else? I had to crack the game that I owned!

Cracking a memory

Now, I am by no means a hacker or a reverse engineer, by any caliber. However, I know a few of the tools and so the first thing I did was to open the booting executable in Ghidra.

I searched through all the strings and found the error message’s address:

I looked up where this string is used and found a function which handles the string. Using Ghidras reverse compiler I got the function:

Now, one might notice this arbitrary condition that ‘iVar3 == 4’, even though iVar3 is just fixed as 4. However, we can (ab)use this to our advantage, as we then need only change this integer to something other than 4.

We jot down the address of iVar3, and, using the program hexedit, I changed the byte from 0x04 to 0x03

et voila! The game runs with no complaints!

It’s really a magical moment when you spend hours on something that you have no clue whether or not will work, and then it turns out to work perfectly!

…

Of course, the day after I realised that I could’ve just loaded the ISO-file into a VirtualBox running Windows 95. Ah, well…