Status Updates & "Blog"-ish Things

Here, I will host status updates on my efforts. New entries will be closer to the top. If you want a more up-to-date feed, check out the Discord server.

---

30 March 2024 - Two New Versions

Short post today. Thanks to two volunteers from the community Discord (Natsu05290 and nul (if either of you want a mention under a different name, let me know)), the archive now has Alpha v7 (b23079) and Alpha V9 (b35166) respectively!

Alpha V3, as well as the continuous range from Alpha V6 to Alpha V10 marks a couple years worth of coverage which is pretty awesome to see. The only versions missing now are extremely old, and from when the game was less widespread. Even though those versions are inevitably going to be harder to find, what we have now is already more than what I would have ever expected from such a small community. Thank you!

---

29 February 2024 - Research and Development Toolkit Release

Oops, a year passed. Sorry everyone. I meant to write more blog entries in the passing time (and even had one ready but never released it, it has since been replaced by this). Oops. Not dead! ...Yet!

There is significant news this time around!
  • SkySaga R&D is public! See https://github.com/EDITzDev/SkySaga
  • Alpha V3 (build 10414) was found and is now part of the archive!

You can thank EDITz, who honestly is just the most significant member of the project at this point, for both of these developments. The R&D toolkit facilitates some patches to b10414 allowing you to load into the game (not play it completely, however) and also has tools used to extract the game's arbitrary .pc format, again for b10414 only.

As far as things with me go, I have been working on my own projects and learning to reverse engineer assemblies like this. Soon I will be able to make an impact on this project, but as mentioned in the past, my skills are limited and undeveloped right now so EDITz has been carrying the whole thing. Again, a huge thank you for your volunteer work, it means the world to me and the rest of the folks following the project!

I'll see you all soon for the next post. Note that "soon" is measured in Valve time. Thank you for your patience.

---

16 January 2023 - New Year, New Progress

We have a double whammy this time around - two major contributions from community members! First off, thank MelOzone for submitting Alpha V9 (build 30968) to the archive! That makes 4/10 versions archived! It has been added to the downloads on the left.

But that's not all. Perhaps the most exciting news is that someone under the alias "EDITz" - another very generous reverse engineer - has spent a bit of time digging up details on BPC. There's some good news and some bad news. Good news is they figured out how to extract some data out of the files (did a hell of a lot better of a job than I did). Bad news is (and who would have guessed) all of the formats of the extracted files are proprietary, which means we have to reverse engineer the extracted data too. The archive was just the gatekeeper; we're in the labyrinth now. They really didn't want people to get into these files. Makes sense, given the history of the founders of Radiant Worlds (tl;dr they made games in the 1980s and had problems with piracy. Guess that fear never went away. I can't blame them). I'll update the binary template download later, once we have figured out more about the format. My structure as it stands now is wrong. It needs to be fixed.

That aside, progress has been unfortunately slow. I have been focusing on work elsewhere (mostly my mods for Minecraft and Risk of Rain 2), notably including my own game that I plan to release in the coming years.

It's awesome to see this project inspire people to collaborate like this. Admittedly I do feel a little bad that I am not giving as much dedication to it as I used to, especially in the faces of those willing to give it that type of attention, even if for a moment.

---

21 July 2022 - New Progress on BPC!

Someone by the name of Leiko recently popped up with some tools that could help to unpack the exe file, and using this new tool, I did just that. It's called "unlicense". While the EXE is not runnable, I still have code. Figuring out what assembly does without being able to run the code is difficult, but this is still better than nothing. For the record, this post was scheduled to go out on 15 July 2022 but I ended up waiting so that I could do some more digging and check if the EXE unpacked well enough to be worked on.

Right now, I am interested mostly in breaking into the game's BPC format, which is the archive format for all of its data. Thanks to Leiko's contribution, I have now found the code responsible for reading these files and I am browsing through it with IDA, mapping out all of the functions in the vicinity of code that (presumably) handles reading. I am very excited and will keep you all posted.

As is typical, though, my job has been keeping me particularly occupied and I can't divert my full focus to this. This mapping process takes a very long time (especially on an EXE still, metaphorically speaking, 'scarred' by its obfuscator). For those that want to work along, I'll consider how to do this, but IDB files (for IDA) are not small, and IDA is not free software unless you politely coerce it into being free through f u n n y   m e t h o d s. Disclaimer: I do not endorse this act.

No matter -- extend a very big thank you to Leiko. The toolkit recommendation was a serious make or break moment for the project and has made a significant difference despite being such a small action. Thank you!

---

11 July 2022 - Alpha V8 Build 25516 found!

We just got ahold of Alpha V8 (build 25516) from Tynster. It's another entry for the archives which is always a win in my book. It's not a new major version, so I am still getting access violations when I try to tear the program out of its Themida shell (if you the reader wants to lend a hand, please do, I'm out of hair to tear out) - still, beggars can't be choosers. A huge thank you for your contribution!

Aside from that, with the help of one of Arctium's Ko-fi supporters, Zee (side note, real quick shoutout to Arctium, I lent a hand on their archival of WildStar which is another MMO that shut down), I was able to get a bare-bones Binary Template file for the .BPC format of Alpha V10. It doesn't quite seem to map out to earlier versions unfortunately. I was able to get a lot of the data down, but Zee was responsible for pointing out some very slight details (the size of some values, and the structure of some data) that had a pretty big difference. You can download it in the Game Binaries & Content section on the lower left of the screen.

---

12 October 2021 - A gold-plated helping hand

Just recently, someone under the alias of "Rubx" came to me completely by surprise offering me some advice with the project. Let's face it - I may know my x86, but when it comes to obfuscation and the techniques people use to keep people out of their code, you might as well try asking your grandma for help. I don't know squat (unless it's a trick from decades ago). Now this guy? Right out of the gates, he had me directed to resources I didn't even know existed, and had me figuring out key details that would have gone completely unnoticed if it were just me alone working on this. He's been very helpful with giving me the resources to try to free SkySaga from its virtual casing and has remained very patient with me and my lack of knowledge on the process and topic. That's not something you see often with folks like us, even I get impatient with people asking a lot of questions that may be simple for me to answer.

Onto the topic of what progress was made: There's some good news and bad news. Good news is we discovered the obfuscator employed on SkySaga. Bad news is that it's Themida. That's right, they used Themida. On a closed alpha test. If you aren't familiar with what Themida is and why it's insane for them to use that here, think of it like hiring the US military to guard your property 24/7, except you live in a really clean neighborhood with no crime. Not only is it so overkill it might as well be comical, but it's just a waste of resources. The motives of Radiant Worlds are well beyond our feeble, weakling minds... You need an IQ of at least 182,591,134,458,574 to understand why they made this design decision.

Now while reversing Themida is indeed possible, we have run into some unexpected difficulties in doing so. Something about SkySaga is different, and the typical unpackers do not function. We've hit a roadblock and are at a dead stop, and going through SkySaga manually is suicide (and then some). Unfortunately, this means that while there is that glimmer of hope, there's also an unfathomably large abyss waiting to engulf this project, never to be seen again. I can only hope that we resolve this issue. Failure to do so means the end of the project.

---

19 May 2021 - Slowed Progress, Bits and Pieces

I outlined this in the Discord server but I never really put it here -- tl;dr "I work on a lot of stuff and hop between projects regularly, it'll look like miracles are being done to this project and then I'll suddenly cease to exist for a while, rinse and repeat". You get the gist. The full post is in the #tidbits channel on the Discord server.

As far as progress goes (since I assume that's what most of you are here for) I've done more digging into the pc file format seen in Alpha 8 and earlier. I've not exactly managed to figure out what the format is, but I think I'm onto something. I believe part of the file is index data and part of the file is raw data, but I'm not exactly sure yet and I'll need to look into it more before I post anything definitive. I've only come across three headers for these supposed indices: VTXB (vertex buffer?), ACTR (actor/AI?), and DICT (Dictionary? That's specific..)

One of the hardest things to do is dig into a file format without a game's source code. Extracting data is hard but it's often done with the help of the code that reads that data. If you can see how the computer does it, then you can do it too. Without the code, I'm literally just guessing based on what I've seen in other file formats and hoping for the best. It's estimation at the very best. For this reason, file extraction capabilities are coming along slowly.

---

21 March 2021 - A Helping Hand

A couple days ago I was approached by Freki - who you may know for his work on an early-development recreation of SkySaga - wondering if I had cracked open the file format for the game's data. (Spoilers: I haven't yet. Sorry!) After some short discussion, and me showing him how to launch the game with the various parameters required, he set up a bare-bones auth server that (currently) does nothing but spit out what the game sends it in plain text. Despite it's simple nature, this is a pretty big development! Now I'll be honest - I'm way better at the disassembly side of things. Show me networking stuff (especially with encryption) and I don't know anything. Having someone lend a hand who knows at least a little more about me in terms of networking is instrumental to this project's success. So really - give a huge thanks to Freki for his assistance!

---

20 March 2021 - Alpha V10 Build 36546 found!

Special thanks to u/Sharp_Transition6954 for submitting this to me. I initially looked at the game files and went "Oh, this is probably just a dupe of Alpha 10". I'm glad I checked the version.txt file in the Client directory because I wouldn't have seen the difference otherwise. Also, when I ran the client exe, I noticed that the sounds work in the older build but not the newer one. Peculiar. No matter -- b36546 is now available for download, and with it, a slight tweak to the download links on this site, which will now have the build number.

---

16 March 2021 - Launch Flags

For the first post on this little mess of a blog, I'd like to show off the valid launch flags for the game. I don't know what any of these do, most of them have no function right off the bat. The only obvious ones are /showcode (and 2), and /forcerun. You can run the game with an authenticated user by inputting a JSON string: {"username": "joe", "password": "mama"}
/bugcheck2
/bugcheck
/nosplash
/forcerun
/bugcheckfull
/showcode
/showcode2
/clrt
/dis1
/showinstance
/getwlstatus
/logstatus
/dumpstatus
/checkprotection
/skipactivexreg
/deactivate