Reverse Engineering/Game Patching Tutorial: Full Res Roller Coaster Tycoon with Ghidra+x64dbg+Python

GitHub Repo: Time Markers: 00:00:00 - Introduction 00:01:57 - Target audience and caveats note 00:03:10 - Start of tutorial 00:07:08 - Loading the file into Ghidra/First steps of RE workflow 00:14:27 - Static analysis of window creation functions (CreateWindowExA) 00:25:42 - Quick detour to learn about Window Style values 00:37:07 - Dynamic analysis of window creation functions in x32dbg 00:48:38 - Static analysis of default window height/width values 00:58:21 - Dynamic analysis of default window height/width values 01:03:30 - Static analysis of window constraints and patching for windowed mode 01:12:15 - Patching to enable full screen mode 01:15:00 - Python patching script review and wrap-up Corrections: 00:34:30: When viewing GetSystemMetrics, 0x20 and 0x21 are seen passed into this function in Ghidra, but the MSDN page is in decimal, so those values (32 and 33 decimal) are actually specifying SM_CXSIZEFRAME and SM_CYSIZEFRAME, the sizing borders of the window. I mistakenly confused them for SM_CYVSCROLL/SM_CXHSCROLL. Hey everyone, I appreciate you joining me for this inaugural tutorial. I’m usually playing with malware, but I thought a game patch was a more fun and light endeavor for beginners, and I hope that this video strikes that balance of being fun and informative. I hope to do more of these sometime, if there is an appetite. Reach out any time with questions or feedback. Twitter: Free Learning Resources (Let me know if you have more, and I will update this list): * Programming and Operating System Concepts: * Harvard’s CS50 Course: * MIT OpenCourseWare - Introduction to C and C : * Beej’s Guide to C Programming (H/T Echo): * Reverse Engineering: * /r/reverseengineering Beginner Resources: * CS6038 (Spring 2020) - Malware Analysis - University of Cincinnati - Coleman Kane: * hasherezade’s 1001 nights: * Reverse Engineering for Beginners (H/T Echo): * Tools: * Intro to RE with Ghidra (wrongbaud): * x64dbg Documentation: * Books: * Practical Reverse Engineering: * The Ghidra Book: The Definitive Guide: