Sunday, January 8, 2012

Minesweeper patch: Stop the timer

In this post I will demonstrate how to patch the Minesweeper game: the task will be to stop the timer from incrementing its count.

The task requires some basic assembly language knowledge. If you don't have that knowledge, then Art of Assembly is a great book to start with.

The executable I will be working on is Windows XP version of Minesweeper, called winmine.exe. The file is also available here (MD5=9c45d38b74634c9ded60bec640c5c3ca), download it and rename it to winmine.exe.

The symbols file is required as well. You can download it using symchk command-line tool (which is part of Debugging Tools for Windows), with the below parameters:
symchk /s SRV*c:\symbols*http://msdl.microsoft.com/download/symbols /if winmine.exe
I will use IDA disassembler (freeware version available here) for generating the assembly source code from winmine.exe executable. To simplify the demonstration, I'm loading the symbols file (winmine.pdb) to IDA as well. Otherwise, function names, for example, will have meaningless names in generated code.