The closest thing I can think of for graphical rehauls is probably shader pack type stuff - Minecraft is a great example of this.
I always thought it was a clever way to get insights in to software while it was running that wasn't available to people with 8086 systems, and it's interesting to see this idea so many years later.
- https://www.vogons.org/viewtopic.php?t=3944
- https://github.com/joncampbell123/dosbox-x/wiki/DOSBox%E2%80...
https://github.com/joncampbell123/dosbox-x/blob/master/READM...
USE="debugger" emerge -vaD bochs #portage reads env and will set flags this way or in /etc/portage/packages.use/bochs (folder name packages.use is arbitrary and I'm old school.)
Curious if BSD is like that too and I am way to tired to attempt to search for it with correct words...
to clarify: USE="debugger" would be a flag that the package has, when you call the package manager to build it from source it just enables that in the make or whatever. package.use is if you want to make sure that some other package doesn't uninstall/modify your package. I am doing a poor job of explaining.
package.use is useful for maintaining your flags during upgrades. USE="debugger" or USE="-debugger" are one off, and i should have specified by putting emerge -va1D bochs (or whatever)
gentoo is a source-based OS, in a similar way to at least the bsds i've used.
Gentoo does have "system wide USE flags" they go in /etc/portage/make.conf, where you would set like USE="-gtk -alsa -X" or whatever, and portage will balk if some package tries to pull in masked packages. "Package has been masked by USE -X"
make.conf makes sure that specific tech stacks won't be pulled in as dependencies unless you specifically unmask the flag for that package in package.use or USE="" emerge[...].
package.use is where you keep your "this is how i want this software built when you do it for me" {this part is wrong, but i don't feel like explaining all of the portage package dot whatever weirdness, because anyone who started using gentoo in the last decade or so might strongly disagree with my assertions about naming and other convention - Ed.}
USE="" is if i need to install some package with a specific feature that isn't enabled by default. Such as debugging real mode or whatever. I generally only USE="" if it's something i need for a few moments and then gets uninstalled. On a source based OS keeping oddball archive support packages or whatever adds time and heat to your updates.
In general, compared to gentoo, things like buildflags, for CPU(-features/levels/generations), general compilerflags like -02 or -O3, and linker-flags would be set for the build of the kernel, or additionally the 'world'.
IF you are building from source at all. 'World' meaning the complete basic userland, in sync with the kernel, as one cohesive thing, (or in linux-speak the base image of the 'Distro/Distribution')with individual choices of 'ports' runnig atop of that.
That's less granular than gentoo. OTOH gentoo can be used with binaries too, or not?
Anyways, the fine granularity of gentoos use-flags isn't replicated anywhere else, afaik.
(Yah well, Paludis on Exherbo possibly, but too much hassle for me)
If you ask nixers (Nix-Os) about it, they don't get it, because of reproducible builds.
And on FBSD, I had the feeling that too much 'ricing' is being frowned upon.
Though I did that, a looong time ago, with both Free- and NetBSD.
Nowadays I'm just relying on others doing the 'tuning' and compiling for me(mostly), and in case of CachyOS that works really well for me, atm.
But surely reading tutorials is useful to learn techniques and tricks. I recommend this article to start: https://www.lodsb.com/reversing-lz91-from-commander-keen (not totally for beginners, but very friendly, and it can help to get used with the jargon). I am also publishing war stories on this topic on my blog (marnetto.net).
https://neuviemeporte.github.io/category/f15-se2
In this case one hard part was trying to get code to compile to identical byte for byte output. Which meant working out which compiler options were used, and which specific compiler too. That gives you a hint of what kinda things are involved.
Why can't ghidra (or any other reverse engineering tool) be used directly on the .exe? Why do you have to go through this emulator? Is it because the thing you want to debug only runs in x86 realmode?
Very roughly spoken, the older the platform, the "weirder" stuff that happens at runtime gets in order to make the best of the measly hardware.
I'm looking at a many decades old C64 game right now, and the way I'm doing it is by having taken a memory snapshot when the game was in the state that I'm most interested in at first.
Starting with just the "binary" on disk would be much harder, since there's so much code that just loads, decompresses, initializes overlays etc. which isn't particularly interesting from an actual game logic point of view (though may be very interesting for other reasons), and only exists because the whole game just doesn't fit into all of memory.
There's also a bunch of loading and overlay magic at runtime of the game, but by looking at a snapshot of the game in the state that interests me, I don't have to dive into that (yet).
-there is sometimes not a single statical exe (that means all code inside) but overlays(DOS like DLLs) or serveral other ways of loading code at runtime (example for sound/gfx-drivers) - DOS allows technicaly nearly everything so everything is done in games :)
-many game loaders combine code/data parts of a game in memory - for keeping floppy releases smaller
-self modifying code, also hard to disassemble statically with Gidrah/IDA
-good old segment/offset 16bit realmode games - a complete different beast compare to 32bit linear DOS games (Ghidra isn't very good at this, IDA is much much better)
some examples:
the Stunts loader combines several (in itself non valid) files in memory to create a exe (the single files are packed and the result in exe in memory is also packed) - not that easy to static disassemble something like that
Alpha Waves also got an loader and self modifying code that is not easy to reverse statical
its good to have the best disassemblers available and the best (or better dedicated) debuggers around to keep your reversing project shorter then decades :)
It takes my computer on a single core about 7 minutes to find a nonce for an arbitrary files sha256 to prefix the left side with 4 or 5 zeros (like bitcoin difficulty doubling). Obviously the heat death of the universe would occur trying to collide sha256 on a single core, but CRC - Gemini says it depends on the algorithm, but crc 32 should take about an hour to collide, but it didn't specify "any" or "arbitrary" collisions, but mentioned "any" right before that. So if the most probable sentence after "any collision" is a time estimate, with the logic of LLM implies that's the easier case of any collision.
nonces tried: 515000000 nonces tried: 516000000 Collision found with nonce: 1327202703
walltime ~12 minutes. So whoever i replied to (sorry my vision is going blurry so i don't want to breadcrumb back) was correct, modern CPUs just blow through this.
you'll note the nonce is > 2^32. Cute.
This is what AI does. This sort of crap is going to make everything feel slower. except now instead of inefficient humans making inefficient code because "hey, just scale" or "my desktop has 32 threads, why do i care about a 50ms hot loop? one of the other 31 threads can pick up slack" - now it's ... this.
i absolutely cannot believe it chose the absolute most naive way to accomplish this monumentally trivial task.
Oddly, this kind of topic doesn’t get a lot of attention
Actually, my experience is that things are much easier in protected mode. Since selector values are chosen by the OS, that means you rely a lot more on internal relocations. And the use of segment selectors is a strong indicator that you have a pointer in the first place.
Unfortunately, ghidra itself struggles to apply these techniques, especially in the decompiler, which seems completely unable to cope with the concept of far pointers.
so indeed you'd know it is a far pointer, but may not know what to :D
edit: actually there is a specific answer for this particular project - "We had to rewrite the project in C# to add automated code generation (java doesn't have the goto keyword, making automated ASM translation challenging)". There you are.
I dabbled in both at around the same time a long time ago for console apps and visual studio's autocomplete / assist / library fetch etc made it easier than Java to get working in but...
Its been so long I forget the origin stories sometimes.