An introduction to hacking video games with Ghidra

Рет қаралды 10,472

5 ай бұрын

Support my projects on Patreon to get your name added to their in-game credits, and more.
/ hilltopworks
Follow me on Twitter for news on future English patches.
/ hilltopworks
Thumbnail by andmdesigns

Пікірлер: 45

@Llenne 5 ай бұрын

Thank you for sharing your knowledge on this, it's something I've been meaning to learn but I've been busy with other projects but I'll keep this video for when I get around to it. Nice work on all your translation patches by the way, you work at an insanely high standard and insanely fast as well.

@ryuhighabusa430 5 ай бұрын

I love how ASM programming is a prereq but unzipping shareware isn't.

@dathacks8434 2 ай бұрын

I mean if they can't figure the unzip out... they probably shouldn't be using it to begin with yet lol.

@breadcraft3605 2 ай бұрын

if you dont know how to extract a zip file you shouldn't even think about reverse engineering...

@YTDeletes90PercentOfMyComments 4 күн бұрын

Anyone know how to exit vim?

@thomaszim9632 3 ай бұрын

Just came from your interview with "Press Start Turbo" I'll probably never get a chance to give the games you worked on a try, but you're doing really amazing work! I'm definitely telling my friends, who are really into the type of games you work on, about your projects! Nothing but the best for you man! 👍

@Armm8991 5 ай бұрын

I would say to not be discouraged if you don't know C very well, I feel like as long as you vaguely know programming you're good to begin. My only real programming knowledge is python and i've managed to make basic hacks for a PSP game

@TheKrazyKat89 4 ай бұрын

Great video, I love that you give practical examples of how Ghidra can be used in this context

@deonk 5 ай бұрын

Thank you for another big video insight into your process, can't wait to watch it!

@deonk 3 ай бұрын

Update: You're a wizard man the amount of work and understanding you put into translating games that the original IP owners probably won't ever touch again is astonishing and commendable and super impressive, real happy that people like you exist. Thanks for everything. Also hilarious that without the NSA we probably wouldn't get BokuNatsu in english so... thanks guys?!

@foxfoxes1225 3 ай бұрын

Ragnar Rox Video brought me over and i am glad it did.

@averageraiden9900 4 ай бұрын

your thumbnails are awesome

@dirkcoin1037 5 ай бұрын

Becoming a legend in the community awful quick

@freezingcicada6852 7 күн бұрын

This stumbled on my feed and thoroughly enjoyed it, straight to the point. Not really interested in making hacks; mostly thought it would be a good way to have a more through understanding of more low-level stuff and programming in general. I do know some C and use Odin to learn more C, and C to learn more Odin type of situation. But I was fumbling around trying to learn text rendering and image compression without libraries; cause I just wanted to do something simple like get the r/g/b/a variables in a union/struct, change it and slam it back in. Couldnt get a straight answer and felt like going lower would answer the unexplained aspects concerning memory, how its laid out and if/how to read and write it(?)

@kadhamba_topic6941 3 ай бұрын

nice video please make more like a playlist or series

@LiterallyStephenSondheim 17 күн бұрын

God bless you, Hilltop

@sceKernelDestroy 5 ай бұрын

Can’t wait to watch this❤

@user-se8yx4hc1x 4 ай бұрын

Good day, What documentation are you using 8:18 for ps1 library? Can I have a copy or is it as site?

@DemiGodX 5 ай бұрын

Hi Hilltop. appreciate the work you do. I used Ghidra and no$psx a few years ago to modify NBA Jam TE for the PSX, though I didn't know what I was doing. I mainly use Ghidra to find clues on where certain functions were located and then just tinker around with hex values. I was wondering, does Ghidra let you recompile the executable? Because when i was using it, I assume it only analyzes the executable. I would then try to modify the values using a hex editor

@hilltopworks 5 ай бұрын

Ghidra doesn't compile anything. It has an instruction modifying feature but it warns you that you shouldn't use it. It would be much easier to use an assembler like Armips to patch the executable than to use a hex editor to modify any code.

@DemiGodX 5 ай бұрын

@@hilltopworks i see. well i don't know C or assembly, but I feel like I can grasp C code easier which is why I would have liked to modify values in the pseudo C code opposed to Armips. But i'll look into Armips

@nordgaren2358 3 ай бұрын

@@DemiGodX You can modify the assembly in Ghidra and then export the binary back out. It's under file > "export program" and then you select "original file". You can also get to this menu via right click on the binary in the main ghidra window with all the binaries for the project and clicking export This way you can use the pseudo code from the decomp as a guide. You should still learn how assembly works, but this will help you. I learned a lot of the basics of assembly, and then from there I learned by following the pseudo code from the decomp and looking at what the associated assembly looks like. Usually Ghidra will follow along in the decomp when you select something in the assembly, but not always. Another format in the Export Program menu that is important is the ghidra zip file, which basically zips up the entire project with all of the markup and documentation.

@nordgaren2358 3 ай бұрын

I don't know if this method exports any additional memory segments you may have imported from a dump of the process, though. I haven't really looked to find out. I would hope it doesn't, when you select "Original File"

@nordgaren2358 3 ай бұрын

Alright, just checked. It does not export the additional memory segments, but you CAN export them via the options in that menu. Checkbox that says "Save multiple file sources to directory" and then it will put them all in order, I think? Not entirely sure. Sucks cause it doesn't tell you the address of the data :(

@elcrc4786 5 ай бұрын

Omaigad papu esto va tar epico

@yarpen26 Ай бұрын

Just installed Ghidra today and jumped right in. Being a clueless idiot who hasn't even finished a simple Python app he's been building for months, who couldn't hello his world out of a C/C++ box and who only knows assembly from YT videos, I disregarded the tutorial on the official website the moment I installed it and immediately imported a 2016 Unity-made game's exe into a project. Um, shall we say, I didn’t go very far. Who would have thought that the lack of familiarity with basic software engineering concepts would prove a serious obstacle in reverse engineering games? All joking aside, I think that given enough time I might be able to crack this one open. It looks intimidating, but I've seen worse. And hell, at the very least I managed to locate a string loading a library by searching "load" in hexidecimal. So not the worst for a very dirst day, I guess.

@Watteni 19 күн бұрын

Keep at it bro, it gets easier

@Roberto_Milian 2 ай бұрын

May i ask what Emotion Engine you used? i cant find one for the current version of ghidra and older ones dont work for me atleast

@hilltopworks 2 ай бұрын

"Emotion Engine: Reloaded" is a fork of the older one and it supports Ghidra 11.

@Roberto_Milian 2 ай бұрын

@@hilltopworks thank you 🙏

@aurinator 2 ай бұрын

There was a time, long ago, where there was a tool that pre-dated Ghidra, called SoftICE that allowed exactly this and more, because unlike Ghidra it was a kernel-mode debugger, so below even User Mode where Ghidra is limited out-of-the-box. Also though, pretty sure the correct pronunciation is more like "Geedra" not "Giydra."

@r4zi3lgintoro65 5 ай бұрын

thank you for bokunonatsu :)

@234trhbgfdert 5 ай бұрын

woow I dont know any of the pre reqs :(

@shannonwilliams9744 21 күн бұрын

When installing on Linux you can't just unzip and it's ready have to have jdk installed and if it doesn't automatically find it you have to give it's destination and hopefully it works if not gotta find out where and add that and stuff. On Linux little more than just unzip

@johnsimon8457 4 ай бұрын

I wonder if you can use ghidra as a frontend for the debugger within the ps2 emulator. I see Ghidra has support for GDB and windbg - but those are PCs . It’s kinda funny, Ghidra is a tool NSA would use for reverse engineering, say, router and cellular phone firmware for, um, reasons but it can be used for games, too!

@x_goose_x 4 ай бұрын

i've had a little bit of success using GHIDRA with a GBA debugger.

@nordgaren2358 3 ай бұрын

Ghidras debugger is painfully slow, unfortunately. Goose, above me, mentioned GBA, but, this is a very old 32 bit processor. Probably a smaller address space (although IDK) and definitely a lot less complex than modern processors. IDK if the PS2 would run well or not for the debugging process. You absolutely cannot use it on a modern game. As far as the tool being from the NSA and being used for video games, the tool is just generic. It's a binary RE tool. It will work for anything that you hook up to SLEIGH, which is the spec that allows Ghidras decompiler to work on multiple architectures (SLEIGH > PCODE > Decomp).

@remi1771 24 күн бұрын

No audio?

@DeeJayZeeX 3 ай бұрын

more pls

@attherasco 5 ай бұрын

spriggan 👀

@brianmahoney4156 3 ай бұрын

or you could just wait two years and let AI completely reverse engineer any piece of code totally automatically. literally by the time you finish a project you start today, AI will make your effort completely redundant. but people are very hard headed and refuse to admit this.

@0x0michael 3 ай бұрын

AI is just a fancy term for humans trying to make more money from their computer algorithms post-2017. Intelligence agencies already write code/software to reverse engineer most stuff automatically