Thunderbrew:binana: Difference between revisions

(4 intermediate revisions by the same user not shown)

Line 2:

{{Software

|name = Binana

|type = Reverse-engineering ~~information~~

|type = Reverse-engineering toolkit

|authors = Thunderbrew Developers

|license = The Unlicense

Line 13:

Over the years, many individuals have attempted to reverse engineer specific parts of the WoW client. These are usually siloed away into individual IDA Pro databases, making them difficult to locate, and thus more difficult to make use of for the purposes of game preservation.

Binana aims to avoid situations like this by storing RE work as machine-readable code in a public Git repository. This code can then be converted/parsed/encoded any way we like, usable in any tool you care to add support for!

Binana is mainly targeted at version 3.3.5a of WoW. By reducing scope to a single version, the level of difficulty involved in implementing Whoa/Thunderbrew features is lowered significantly.

Line 24:

Line 26:

=== Symbols ===

Each profile consists of a symbol database. This database is text-based, and organized as a root <code>symbol/<code> directory, and is filled with many subdirectories, which contain both <code>func.sym</code> and <code>label.sym</code> text files, pertaining to function symbols and data label symbols, respectively.

Each profile consists of a symbol database. This database is text-based, and organized as a root <code>symbol</code> directory, and is filled with many subdirectories, which contain both <code>func.sym</code> and <code>label.sym</code> text files, pertaining to function symbols and data label symbols, respectively.

The structure of a line (or entry) in the database is formatted thus:

Line 37:

Line 39:

FunctionName1 11223344 f end=22334455 type="void __stdcall func()"

ClassName__MethodName 12345678 f end=23456789 type="void __thiscall func(ClassName* this, int32_t argument)"

</pre>

Our reverse-engineering tools cannot always detect the end address of a function (x64dbg cannot detect this at all!), so you should always give the end address of the function.

For Binana, the convention for the end address of a function is the address that's 1 byte after the last instruction.

For example, <code>0042830B</code> would be the end address of <code>WowConnection__AddRef</code>

<pre>

WowConnection__AddRef:

00428300 b8 01 00 00 00 MOV EAX,0x1

00428305 f0 0f c1 01 XADD.LOCK dword ptr [ECX],EAX

00428309 40 INC EAX

0042830a c3 RET

------> 0042830b cc ?? CCh

0042830c cc ?? CCh

0042830d cc ?? CCh

0042830e cc ?? CCh

0042830f cc ?? CCh

</pre>

@@ Line 2: / Line 2: @@
 {{Software
   |name        = Binana
-  |type        = Reverse-engineering information
+  |type        = Reverse-engineering toolkit
   |authors     = Thunderbrew Developers
   |license     = The Unlicense
@@ Line 13: / Line 13: @@
 Over the years, many individuals have attempted to reverse engineer specific parts of the WoW client. These are usually siloed away into individual IDA Pro databases, making them difficult to locate, and thus more difficult to make use of for the purposes of game preservation.
+Binana aims to avoid situations like this by storing RE work as machine-readable code in a public Git repository. This code can then be converted/parsed/encoded any way we like, usable in any tool you care to add support for!
 Binana is mainly targeted at version 3.3.5a of WoW. By reducing scope to a single version, the level of difficulty involved in implementing Whoa/Thunderbrew features is lowered significantly.
@@ Line 24: / Line 26: @@
 === Symbols ===
-Each profile consists of a symbol database. This database is text-based, and organized as a root <code>symbol/<code> directory, and is filled with many subdirectories, which contain both <code>func.sym</code> and <code>label.sym</code> text files, pertaining to function symbols and data label symbols, respectively.
+Each profile consists of a symbol database. This database is text-based, and organized as a root <code>symbol</code> directory, and is filled with many subdirectories, which contain both <code>func.sym</code> and <code>label.sym</code> text files, pertaining to function symbols and data label symbols, respectively.
 The structure of a line (or entry) in the database is formatted thus:
@@ Line 37: / Line 39: @@
 FunctionName1 11223344 f end=22334455 type="void __stdcall func()"
 ClassName__MethodName 12345678 f end=23456789 type="void __thiscall func(ClassName* this, int32_t argument)"
+</pre>
+Our reverse-engineering tools cannot always detect the end address of a function (x64dbg cannot detect this at all!), so you should always give the end address of the function.
+For Binana, the convention for the end address of a function is the address that's 1 byte after the last instruction.
+For example, <code>0042830B</code> would be the end address of <code>WowConnection__AddRef</code>
+<pre>
+WowConnection__AddRef:
+        00428300 b8 01 00 00 00          MOV        EAX,0x1
+        00428305 f0 0f c1 01             XADD.LOCK  dword ptr [ECX],EAX
+        00428309 40                      INC        EAX
+        0042830a c3                      RET
+------> 0042830b cc                      ??         CCh
+        0042830c cc                      ??         CCh
+        0042830d cc                      ??         CCh
+        0042830e cc                      ??         CCh
+        0042830f cc                      ??         CCh
 </pre>