11 March 2016 - Forum Rules
Started by Seijuurou Hiko, May 16, 2022, 01:35:22 PM
Quote from: abridgewater on May 17, 2022, 10:40:28 AMThis looks like a read-only data segment or the contents of an initialized data segment produced by a C compiler. Inbound pointers are probably either stored in two parts (a high part and a low part) in nearby (not necessarily adjacent) instructions, or as an offset from some other pointer.I'd recommend either using a debugger breakpoint in an emulator to try and track backwards to find where the pointers are stored (you'll see a variation on this trick used for the GameBoy in the recent "RomHacking 202" document), or using a "smart" disassembler or reverse-engineering tool such as IDA Pro or Ghidra to see if it detects references to these strings.There are further techniques that might work using a "dumb" disassembler, or operating purely in terms of a hex viewer, but they amount to working out what the possible instructions might be for loading part of the pointer and searching for those instructions. Basically trading off more knowledge and effort on your part for being able to use simpler tools.
Page created in 0.047 seconds with 20 queries.