Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - llm

Pages: [1]
Stunts Reverse Engineering / first alpha version of StuntsVM is ready
« on: August 13, 2015, 08:26:48 PM »
its some sort of Dosbox but based on Fake86 ( and only able to emulate the environment enought to run stunts

the zip contains 3 files

game_pc.exe - the 16bit dos game, build with clvn's execombiner and my own sound driver integration tool for pc-speaker sound
stuntsvm.exe - executes/emulates game_pc.exe
SDL.dll - for Keyboard/Mouse/Gfx (

copy these into your stunts directory (where the tracks, sound and others files are - but make a backup before) and run stuntsvm.exe

what can you do with stuntsvm - test and play - for me its the base of my statical recompilation ideas for stunts

i've installed stunts under

latest fake86 (
DosBox 0.74 (
VMWare Player 7 + MsDos 6.22

and i've get different start positions when just starting the game and fo directly to race

fake86/VMWare showing equal start screen, dosbox a different

why is that - is it a bug?

i talk about the exe result of clvns execombiner - so no code modification

i don't know if it is a known problem also with unmodified stunts - but i get sometimes (svn version) dosbox debuger illegal instruction breakdowns
or my vmware player (v6) totaly crashed with illegal instructions message

it mostly happens when you start a race and directly crash into a wall - anyone else got this problem (very rare)?

Stunts Reverse Engineering / sound driver integration DONE
« on: January 17, 2014, 02:21:34 PM »
i've developed a tool that combines the stunts game.exe with the ad15.drv (adlib/soundblaster) driver (but pc15.drv is also possible)
parts of the game getting patched for disableing the driver (un)loading

why (still same reasons):
-for fun
-reduce the amount of runtime loaded code down to 0% (hope that is reached now) - IDA likes it more then :)

seems to work perfectly - someone want to try?

just copy the attached game_drv.exe into your stunts1.1 directory and start without commandline parameters

Stunts Reverse Engineering / sound driver integration - first steps...
« on: December 29, 2013, 08:16:56 PM »
i've developed a small C/C++ program that attaches the ad15.drv to the stunts game exe

how is it done:
-attached block of 0x00 in size of former uninitialized data to image
-attach drv code
-add new entry for driver-ptr adjust to relocation table
-change position of stack
-change header sizes


IDA can now fully analyse the code of the sound driver in new seg042 :)

1. just for fun
2. reduce the amount of runtime loaded code further (should be now down to 0%) - so IDA can work better
3. just the next step to my 16bit->32/64bit translation idea

but ... BIG TODO - thats why i named the post "first steps..."

1. fix stunts crash "memory manager - BLOCK NOT FOUND at SEG=37eb" at startup - does the stunts code rely more on the image layout then i thought?
2. patch the driver loading code that the attached code is used instead of runtime loading

clvn, dstien, w4kfu - please help... :)

Stunts Reverse Engineering / load.exe compression (first level)
« on: January 10, 2009, 11:48:24 PM »
(this is my first "try" of getting into reverse engeneering the game)

i just found out that load.exe is exepacker based
and can be easily uncompressed with UNP (in zip-archive \unp412b)

and i reduced the normal stunts11 package to the minimal amount of files
(data and "executables") needed to run the game (without the anti-password-crack, setup stuff)
so its easier to use an debugger or disassembler ( on it
and the dosbox debugger could also help:

in the load.asm file is an first-shot-listing from ida freeware

just use start.bat to start the game - happy opcode extracting

Pages: [1]