Viewing the source code of an exe

[OnePostWonder]

I know this varies from exe to exe and usually isn't a straightforward process, but I'm curious. I have a particularly exe in mind, found in this zip.

I called their support one time with a question about Risen, specifically related to the Tages DRM. I think I was asking how I remove it from my retail copy because it was removed from the Steam version. I was given the instruction to use this zip and replace all of files in my game folder with the files included in the zip.

Well, something about the name of the zip struck me; DVD2ESD. DVD to electronic software distribution? I asked the support rep. For the life of me, I could not get him to give me an answer. I'd tell him I was curious what it was for and he'd beat around the bush. Nice guy though.

So with all that back story, I'd like to know just what the heck it's for. Naturally it's the TagesClient, the DRM Risen uses. When I run it, it says "Please run the software that needs to be activated instead of this one." I've left it at that.

 

[OnePostWonder]

I was able to find some more information about the exe through a really awesome little program called Resource Hacker. From what I can gather, it's part of some way to manually activate the game with Tages.

Anymore insight would still be appreciated.

 

[FordGT90Concept]

Well, something about the name of the zip struck me; DVD2ESD. DVD to electronic software distribution? I asked the support rep. For the life of me, I could not get him to give me an answer. I'd tell him I was curious what it was for and he'd beat around the bush. Nice guy though.

I think you're conclusion here is correct. Developers have to create many releases for their software for different locales and distribution methods. The patch the tech guy linked you to likely updates the DVD release of the game to a different one that likely excluded Tages. Deep Silver/Egosoft do the same for the X series of games (debuts with Tages and is later patched to be DRM free). It also happened with Witcher 2 where they eventually patched all releases (including Steam and DVD) to be compatible with the DRM-free Good Old Games version. When they publish future patches, they then only have to target the GOG version as opposed to four or five different ones.

I really don't understand why you're trying to look at the "source code of an exe." a) it doesn't exist except on the developer's/publisher's computers and b) what you do have access to (machine code) requires advanced knowledge of programming to follow. If you want to look into option b, you need to use a disassembler.

 

[hellrazor]

There is no source in a binary, that's why it's called a binary and not a source.

 

[OnePostWonder]

I thought the source might exist because you can take Minecraft.exe, for example, rename it to Minecraft.jar, extract it and view everything that's in it. Wouldn't all the .class files, etc. be the source?

EDIT: I went ahead and read a bit on this; I guess the .class files aren't technically the source, but compiled source code resulting in bytecode for the JVM.

 

[FordGT90Concept]

C++ (which most games are and most DRM wraps around) is compiled into machine code.

Java is compiled into byte code which runs on the Java Virtual Machine. JVM converts the byte code into machine code to be executed.

C# is compiled into a common language runtime. The .NET Framework converts CLR to machine code to be executed.

JVM and CLR can both be reverse engineered into recognizable code. Machine code cannot without someone spending a lot of time converting assembly back into a programming language.


FYI, there are programs out there that examine binaries for DRM signatures. I really don't know what you're trying to get at with all of this.

 

[OnePostWonder]

I really don't know what you're trying to get at with all of this.

Well that's pretty simple; I'm just trying to figure out its purpose.

So by your definition, does "recognizable code" mean source code or not?

 

[FordGT90Concept]

Source code has everything including comments, debug directives, member names the developer explicitly gave it, etc. "Recognizable code" won't have comments but, if a developer looked at the code, they'd recognize the functional parts of their code (e.g. a function that trims a string will still appear as a function that trims a string). Machine code, the original developer would have to dig very hard to find code he/she explicitly wrote as opposed to what compiler broke down/pulled from standard libraries.

If you want to see what I'm talking about, try it yourself. Compile a simple .NET application then use .NET Reflector on it to rebuild code from the CLR. Then compile a program that does the same thing using C++. Disassemble that using a disassembler (example, I haven't used this one) and you'll see what I'm talking about.

 

[hellrazor]

By the way, whatever you're trying to disassemble won't have nice fancy comments like ODA shows in the example.

 

[OnePostWonder]

By the way, whatever you're trying to disassemble

Lol, you read my original post, right? Anyway, it seems my second post wasn't noticed. I used Resource Hacker to view the resources that are part of the .exe. This enabled me to see different dialog boxes and string tables, among other things.

I didn't give me all the answers though.

So really though, I realize now I'm not trying to strip it to what the programmer saw before they compiled it, but rather to find enough out about it so-as to be able to figure out what its purpose is.

 

[FordGT90Concept]

You didn't really make it clear what your purpose of this thread is. If it is to find out what DRM is in (or not in) the two ZIPs you linked, try Protection iD. I haven't tried it but it is supposed to be the best program out there for identifying application DRM.

The ESD ZIP will likely find some kind of DRM. The MUI ZIP most likely won't. Bare in mind that you need to extract the files before you use Protection iD on it.

 

[OnePostWonder]

You didn't really make it clear what your purpose of this thread is. If it is to find out what DRM is in (or not in) the two ZIPs you linked, try Protection iD. I haven't tried it but it is supposed to be the best program out there for identifying application DRM.

The ESD ZIP will likely find some kind of DRM. The MUI ZIP most likely won't. Bare in mind that you need to extract the files before you use Protection iD on it.

I'll have a look at Protection iD to see what it tells me. What do you mean find out what DRM? The DRM is Tages. Do you mean something other than that?

As far as the purpose of the thread, in the original post I wrote "I'd like to find out just what the heck it's for." Several posts ago, after you asked the same thing that you're asking now, I wrote "I'm just trying to figure out its purpose."

Maybe you could help me out by letting me know the kind of answer you're looking for?

EDIT: I can't get Protection ID to run without crashing. There are probably more programs that do the same thing if I decide to look for one.

 

[FordGT90Concept]

Whether or not Tages is present in both ZIPs.

The purpose is whatever they said it was for. If it was to remove Tages, it was to remove Tages.

It's working for me. You click Scan on the lower left then it shows the results via Log Window in the upper left. Some examples:

Spoiler: The Sims 3

Scanning -> C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3W.exe
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 14125376 (0D78940h) Byte(s)
-> File Appears to be Digitally Signed @ Offset 0D77000h, size : 01940h / 06464 byte(s)
[File Heuristics] -> Flag : 00000000000000001000000000000100 (0x00008004)
[b][!] EA Custom Protection detected !
[!] Possible CD/DVD-Key or Serial Check -> Unregistered[/b]
[CompilerDetect] -> Visual C++ 8.0 (Visual Studio 2005)
- Scan Took : 1.924 Second(s)

I'll download the two ZIPs and try them...

Spoiler: Risen_DVD2ESD_MUI

Scanning -> C:\Users\Admin\Desktop\TagesClient.exe
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 462496 (070EA0h) Byte(s)
-> File Appears to be Digitally Signed @ Offset 06F200h, size : 01CA0h / 07328 byte(s)
[File Heuristics] -> Flag : 00000000000001001100000000000100 (0x0004C004)
[b][!] Tagès Activation Client v. 5.5.3.7[/b]
[CompilerDetect] -> Visual C++ 9.0 (Visual Studio 2008)
- Scan Took : 0.875 Second(s)

Looks like an update for the TagesClient. There was probably an issue with the version released in the game and this executable fixes it.

Spoiler: Risen_Patch_1.10_MUI_HP

Scanning -> C:\Users\Admin\Desktop\Risen_Patch_1.10_MUI_HP\Risen.exe
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 962560 (0EB000h) Byte(s)
[File Heuristics] -> Flag : 00000000000000000000000000000000 (0x00000000)
[CompilerDetect] -> Visual C++ 8.0 (Visual Studio 2005)
[b][!] File appears to have no protection or is using an unknown protection[/b]
- Scan Took : 0.751 Second(s)

Looks like DRM-free 1.1 patch. 1.1 perhaps removed Tages protection from the game.

 

[OnePostWonder]

Well, something about the name of the zip struck me; DVD2ESD. DVD to electronic software distribution? I asked the support rep. For the life of me, I could not get him to give me an answer. I'd tell him I was curious what it was for and he'd beat around the bush. Nice guy though.

Whether or not Tages is present in both ZIPs.

The purpose is whatever they said it was for. If it was to remove Tages, it was to remove Tages.

This was covered in the original post, as bolded.

It's working for me. You click Scan on the lower left then it shows the results via Log Window in the upper left.

I'll download the two ZIPs and try them...

Scanning -> C:\Users\Admin\Desktop\TagesClient.exe
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 462496 (070EA0h) Byte(s)
-> File Appears to be Digitally Signed @ Offset 06F200h, size : 01CA0h / 07328 byte(s)
[File Heuristics] -> Flag : 00000000000001001100000000000100 (0x0004C004)
[b][!] Tagès Activation Client v. 5.5.3.7[/b]
[CompilerDetect] -> Visual C++ 9.0 (Visual Studio 2008)
- Scan Took : 0.875 Second(s)

Looks like an update for the TagesClient. There was probably an issue with the version released in the game and this executable fixes it.

Did you come to that conclusion because it included the version number? Not being facetious, just curious.

Scanning -> C:\Users\Admin\Desktop\Risen_Patch_1.10_MUI_HP\Risen.exe
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 962560 (0EB000h) Byte(s)
[File Heuristics] -> Flag : 00000000000000000000000000000000 (0x00000000)
[CompilerDetect] -> Visual C++ 8.0 (Visual Studio 2005)
[b][!] File appears to have no protection or is using an unknown protection[/b]
- Scan Took : 0.751 Second(s)

Looks like DRM-free 1.1 patch. 1.1 perhaps removed Tages protection from the game.

Actually 1.10 was an update for the game that include a number of fixes, but did nothing to the DRM. This came later to remove the DRM. It seems plausible it includes the fixes the original 1.10 patch did, so it causes me to wonder if installing the original 1.10 patch then the 1.10 DRM-removal patch would be redundant. As an aside, I do recall the tech saying the acronyms are Deutsch acronyms, in case anyone is trying to figure them out.

Thanks for checking those and pasting the info. PID crashes as soon as it starts. Heck, it barely even starts; it's like it just loads the crash window.

 

[FordGT90Concept]

Rereleasing the 1.10 patch was likely the easiest way for them to distribute the Tages-free patch. Hell, all of those files in the patch may have had Tages checks in it. Back when they originally published 1.10 patch, they could have easily built a version with and without Tages. They simply didn't make the Tages-free version available until recently. Look through this if you're interested in understanding how Tages works:
http://www.tagesprotection.com/main.htm

If I were you, I'd apply the 1.10 patch (via setup executable) then copy the files from the ZIP over those in the install directory. The 1.10 patch is 110 MiB and this 1.10 DRM-free patch is 10 MiB. There's no way Tages accounted for 100 MiB--not a chance. You most likely need to apply both, in that order, for everything to work the way it was intended.


The acronym can literally stand for anything. It's not worth anyone's time to figure out what, specifically, it stands for. The ESD you linked is now completely irrelevant anyway because the patched game doesn't reference it at all.


Related: http://forums.steampowered.com/forums/showthread.php?t=2588534

 

[OnePostWonder]

Rereleasing the 1.10 patch was likely the easiest way for them to distribute the Tages-free patch. Hell, all of those files in the patch may have had Tages checks in it. Back when they originally published 1.10 patch, they could have easily built a version with and without Tages. They simply didn't make the Tages-free version available until recently. Look through this if you're interested in understanding how Tages works:
http://www.tagesprotection.com/main.htm

If I were you, I'd apply the 1.10 patch (via setup executable) then copy the files from the ZIP over those in the install directory. The 1.10 patch is 110 MiB and this 1.10 DRM-free patch is 10 MiB. There's no way Tages accounted for 100 MiB--not a chance. You most likely need to apply both, in that order, for everything to work the way it was intended.


The acronym can literally stand for anything. It's not worth anyone's time to figure out what, specifically, it stands for. The ESD you linked is now completely irrelevant anyway because the patched game doesn't reference it at all.


Related: http://forums.steampowered.com/forums/showthread.php?t=2588534

The bolded part is a good point. I hadn't even considered the difference in size of the two. If I ever really want to know the purpose of the DVD2ESD, as irrelevant as it may be to removing the TagesProtection, I'll have to pry Koch Media for info.

I knew the history of the whole Tages thing going into this, it was mainly just to see if anyone could find anymore info about the DVD2ESD.zip than I was able to. The Tages page just gives a general overview of how it works since they can't go into detail for obvious reasons and I've unavoidably read it here and there.

Anyway, I'd consider the saga concluded. Now we'll just wait for Episode VII.

 

[FordGT90Concept]

DVD2ESD only contained TagesClient.exe. I suspect it was a patch for Tages (could add support/bug fixes for new CD/DVD drives). I highly doubt its purpose is to remove the Tages protection because that's done via updating binaries (like Risen_Patch_1.10_MUI_HP does).

 

[OnePostWonder]

DVD2ESD only contained TagesClient.exe. I suspect it was a patch for Tages (could add support/bug fixes for new CD/DVD drives). I highly doubt its purpose is to remove the Tages protection because that's done via updating binaries (like Risen_Patch_1.10_MUI_HP does).

I'm skeptical about it being a patch for Tages for two reasons.

1. The name of the ZIP. DVD2ESD? It seems an odd way to describe a patch for Tages.
2. Resource Hacker shows it to have a dialog box for something like a serial key as well as strings like "Incorrect Activation Code", "Incorrect serial number" and others related to activation.

That said, there are a couple of issues with point number two. It could still be a patch for Tages, but it might require you to have a product that uses Tages, hence why it asks for an Activation code/serial number.

I guess the short version here is that it seems to provide some functionality beyond just patching any instance of Tages found on the system.

 

[kn00tcn]

wait, why arent we running these patches on a functional risen installation to see what happens?? DVD2ESD sounds like... it's a tages exe that will 'convert' a tages protected dvd version of the game

if you want to really dig into the exes, you would have to have some decompiling/cracking experience, use ollydebug, maybe ask on SND forums, etc etc

there's lots of talk about the boogeyman drm of tages (& starforce in the past), but at the same time, many people are running games with these protections all the time (riddick dark athena anyone?)

EDIT: been using protectionID for years, excellent tool though i dont need all those extra features like ram monitoring

 

[FordGT90Concept]

I'm skeptical about it being a patch for Tages for two reasons.

1. The name of the ZIP. DVD2ESD? It seems an odd way to describe a patch for Tages.
2. Resource Hacker shows it to have a dialog box for something like a serial key as well as strings like "Incorrect Activation Code", "Incorrect serial number" and others related to activation.

That said, there are a couple of issues with point number two. It could still be a patch for Tages, but it might require you to have a product that uses Tages, hence why it asks for an Activation code/serial number.

I guess the short version here is that it seems to provide some functionality beyond just patching any instance of Tages found on the system.

1. That's just what the distribution boys at Deep Silver called it. It doesn't particularly need any rhyme or reason to have that name.

2. Proves my point: it's an update to Tages (NOT A PATCHER: newer version of existing file). My guess is people had problems activating Tages before the DRM removal so they released that to fix those issues. Deep Silver likely would have instructed you to drop that TagesClient.exe in place of the existing TagesClient.exe in the game directory then run Risen 2 as normal.

This TagesClient.exe file is likely completely useless now thanks to the other file you linked.

EDIT: been using protectionID for years, excellent tool though i dont need all those extra features like ram monitoring

Indeed, I was dumbfounded seeing all that crap. They made it an all-in-one program which is stupid.