![]() ![]() Set $ x_child = $ child_num % $ width set $ y_child = $ child_num / $ width 1 if $ x_child = 0 set $ x_child = $ width set $ y_child = $ y_child - 1 end set $ child_num_trans = $ height * ( $ x_child - 1 ) $ y_child set $ unused = sprintf ( $ buf, ".tile:nth-child(=) \n ", $ child_num_trans ) set $ unused = strcpy ( $ gtk_style, $ buf ) set $ gtk_style = $ gtk_style strlen ( $ buf ) set $ mines_discovered = $ mines_discovered 1 else #printf " %s\n", $x, $y, $clear Set $ unused = strncpy ( $ mf , $ mine, 1 ) # Transpose the child number # Saved the result of the function to avoid printing While $ y < $ height # Convert address to (QWORD*) Set $ gtk_style = ( char * ) malloc ( 2048 ) set $ saved_gtk_style = $ gtk_style set $ child_num = 1 set $ buf = ( char * ) malloc ( 64 ) # Go from left to right, line by line, so we can build the matrix string Set $ minefield =* ( $ minefieldview 0x30 ) 0x28 set $ width =* ( * $ minefield 0x20 ) printf "Minefield width: %d \n ", $ width set $ height =* ( * $ minefield 0x24 ) printf "Minefield height: %d \n ", $ height set $ n_mines =* ( * $ minefield 0x28 ) printf "Number of mines: %d \n ", $ n_mines set $ x = 0 set $ y = 0 set $ mf = ( char * ) malloc ( 100 ) set $ saved_mf = $ mf set $ mine = "X" set $ clear = "-" set $ mines_discovered = 0 # Style for discovered mines Set $ minefieldview = $ arg0 # Reconnaissance # Initialise MiefieldView with the value from gtkparasite In the source code ( minefield.vala) we see however that all the interesting fields are stored in a **_minefield class: From gtkparasite we can see that the mine field is stored in a ** MinefieldView _ class.The goal for this section is to perform simple identification of data structures in memory, like obtaining the number of mines and details of the board (width, height) for example. Luckily, the source code is available online. To be able to mess with objects in memory, we need to understand the internals of Minesweeper first. Then navigate to the properties of text field and change it to whatever you like.In the right pane with the object’s properties, double-click on the buffer’s value.Use the magnifying glass to select the text box.If everything worked fine, when launching the calculator ( gnome-calc) you should also see also the gtk-parasite window.Now that gtkparasire is up and running, let’s make sure we can perform some basic inspection of GUI widgets: $ sudo cp /usr/local/lib/gtk-3.0/modules/libgtkparasite.so /usr/lib/x86_64-linux-gnu/gtk-3.0/modules usr/local/lib/gtk-3.0/modules/libgtkparasite.so usr/lib/x86_64-linux-gnu/gtk-3.0/modules/libgtkparasite.so home/liv/Downloads/gtkparasite/src/.libs/libgtkparasite.so ![]() Gtk-Message: Failed to load module "gtkparasite" $ find / -name "libgtkparasite*.so" 2>/dev/null A few things are needed to quickly get it working: I opted for the Parasite, which seems to be more established and has interesting features, like the ability to interact with GTK widgets from a Python shell, and apply CSS styles globally or individually per objects. To perform debugging and inspection of GTK applications, we have two quite stable options: GTKInspector and gtkparasite (on which the GTKInspector is also based). As a bonus, the result has to be as visually pleasing as possible! No pre-requisites are strictly necessary to follow along, but basic reversing knowledge and familiarity with GDB is always nice to have! Most important of course is a desire to learn. My goal in this post is to reverse engineer the GNOME Minesweeper game and locate relevant areas in memory to patch. ![]() This would be a great opportunity for me to learn some new skills, like debuging stripped GTK applications or becoming a GDB ninja (not!) while doing something interesting all along and with potential applications outside the gaming area. It’s awesome, thank you!Īfter reading Game Hacking: WinXP Minesweeper I realised I wanted to do something similar but on a Linux system. First I would like to give credit to the author of the picture I’ve used above, taken from pxleyes. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |