Hacking Castle Shikigami 1[PC]: in waaay over our heads

[cj iwakura]

So yeah, I might have posted about this earlier, but I got the crazy idea to try and undertake a fantranslation of Shikigami no Shiro/Castle Shikigami 1, the PC version.



I figured it couldn't be that difficult. It's a PC game, the text should just be right there, simple cut and paste job, right?

Oh, god no.

Code: Select all

      00000000                    ???                                     EAX=00000000, ECX=00000000, EDX=00000000, EBX=00000000, ESP=00000000, EBP=00000000, ESI=00000000, EDI=00000000
main  00423D96                    MOV AX,WORD PTR DS:[ECX]                EAX=00000000, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE54, EBP=00727208, ESI=00000002, EDI=00000000
main  00423D99                    AND EAX,0000FFFF                        EAX=000000AA, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE54, EBP=00727208, ESI=00000002, EDI=00000000
main  00423D9E                    CMP ESI,EAX                             EAX=000000AA, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE54, EBP=00727208, ESI=00000002, EDI=00000000
main  00423DA0                    JL SHORT 00423DBD                       EAX=000000AA, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE54, EBP=00727208, ESI=00000002, EDI=00000000
main  00423DBD                    MOV EAX,DWORD PTR DS:[ESI*4+ECX+4]      EAX=000000AA, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE54, EBP=00727208, ESI=00000002, EDI=00000000
main  00423DC1                    ADD EAX,ECX                             EAX=00001BF8, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE54, EBP=00727208, ESI=00000002, EDI=00000000
main  00423DC3                    POP ESI                                 EAX=0082D590, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE54, EBP=00727208, ESI=00000002, EDI=00000000
main  00423DC4                    RETN                                    EAX=0082D590, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE58, EBP=00727208, ESI=00000000, EDI=00000000
main  00462100                    PUSH EAX                                EAX=0082D590, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE5C, EBP=00727208, ESI=00000000, EDI=00000000
main  00462101                    CALL 0042DD40                           EAX=0082D590, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE58, EBP=00727208, ESI=00000000, EDI=00000000
main  0042DD40                    PUSH EBX                                EAX=0082D590, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE54, EBP=00727208, ESI=00000000, EDI=00000000
main  0042DD41                    PUSH EBP                                EAX=0082D590, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE50, EBP=00727208, ESI=00000000, EDI=00000000
main  0042DD42                    MOV EBP,DWORD PTR SS:[ARG.1]            EAX=0082D590, ECX=0082B998, EDX=000000D0, EBX=00000000, ESP=000CFE4C, EBP=00727208, ESI=00000000, EDI=00000000

That's the very first segment of a 16MB file of decompressed code.


What the hell have we gotten ourselves into? Is this even possible?

Or are we just doing it all wrong?

Any feedback, or better yet, help would be much appreciated.

[ED-057]

Did you look for JIS or unicode text, or bitmaps containing text? Disassembling compiled x86 code doesn't seem like a good plan due to the sheer size of it and the weird stuff that it tends to contain (like copious stack operations and nonsense padding)

[cj iwakura]

I'll be sure to ask Esper next time he's on. At the moment, we're frankly kind of improvising with minimal knowledge. I appreciate the input.

[cj iwakura]

Update:

its not the code thats the problem
its the file format that's the problem
the code i can understand fine
i should add, the problem that i have with figuring out the file format is tracking down how it uses it

[EsperKnight]

Hey,
I'm the hacker helping out. I did look for SJIS strings but no luck. I haven't tried unicode (I always forget about it since I've only reversed one game that used unicode).

I should say the code isn't the problem as I can read it fine enough to know mostly what's happening. My problem is the graphics themselves since I'm not very good at figuring out graphic formats and such.

The *.dat files are what I suspect holds the text somehow. From what I've seen there a simple archive format (I can describe it if you like) that holds LZSS compressed files. From what I've noticed, the files when uncompressed appear to be some type of image format. My reasoning being how many 0s are in there, as well as the grouping of the bytes (basically a large transparent graphic with something in the middle, like how our text shows up).

I suspect it's *.dat files since those are the ones it keeps accessing right before displaying the text.

One thing I noticed which I found interesting is I found a routine which appears to use those files to index something (maybe a font?) but later on it is accessed by my nvidia driver. I could be mistaken honestly so hey I'm more use to dealing with compressed text of some kind and graphics aren't my thing at all unless there obvious in the format they use. I'm almost certain there TGA files, but i'm not sure how to rebuild the header for it.

Later on I can post up a portion of the uncompressed piece of one of the files. if anyones interested I don't have access to my code on the laptop I'm using right now though.

[ED-057]

Maybe the stuff you're looking at is in one of the DirectX compressed texture formats? http://en.wikipedia.org/wiki/S3_Texture_Compression