.lvl files

[Paul]

:

@mlg man, thanks. Those file formats looks like the most common files formats used for PS1 midi. However, I haven't found any documentation yet.

@Paul, mainly intuition. Before looking at the file format itself, I thought it was a sequence of events/actions, and that it would be likely to have a simple structure, fixed in size.
After some tests, I've dismissed the first bytes (which causes the game to crash if not set properly), extracted all the commands from the game's demos, and started working on it.
There are unknown fields yet. Maybe it has no use, or serves to other characters than abe, and that's why I tried to make a custom NxtP file for the demos... But it hasn't been successful yet.

I think the Path format is one of the most useful. There is one for each sublevel, and it seems to deal with "sublevel layout" (the position of the different CAM files), initial state and scripting.
You're saying it's using hardcoded offsets in the exe... That's what I feard... So, it's the same with the map's width and height, isn't it? My first goal being to reimplement the game engine, having all those values hardcoded is quite annoying...

PS: I would be interested in Bits and Anim formats :P

Reimplement the game engine? Check out my "open source ALIVE engine thread" we have the same goal it would seem.

Based on what you've said I could use IDA to see if its easy to find out the demo command bytes. Is it the same format for oddysee? If you can give me a command thats way out of range in the first demo file or something that makes it crash I can back trace it to the switch/case on the commands to try to figure each one out

[ThibG]

Oh, just saw the thread about a recreation of the A.L.I.V.E. engine

On the demo format:
I don't have Abe's Oddyssee, so, I can only guess, but I think it's the same format.
Demo commands can't crash the game. An invalid command would simply do nothing. I think it's merely an abstraction of keyboard/joypad's state.
However, before the commands, there are some bytes that I don't understand. The first 4-bytes word is always "1", maybe a file-wide identifier, as seen with other formats. Modifying it will lead to a crash. I don't know anything about the 12 bytes following it. I first thought those were commands, but changing them doesn't do anything, it seems.

I think another interesting format is the NxtP format. Tweaking them may show some internals of A.L.I.V.E.

[Paul]

Hmm what is NxtP used for? Save state? I've never seen NxtP in AO

[ThibG]

Yeah, that's for saves. Well, there are high chances that the format changed between AO and AE...
If you can't find one in AO .lvl files, maybe there isn't one.
In AE .lvl, they are only used for initial demo's state.
You can try to tweak a saved game, that's the same format (without the header, though).

[Paul]

Where is the save file format documented ?

[ThibG]

It's far from fully documented (especially for characters: I don't know where they are put (this changes over saves). I know that abe's ID is 0x45, at least in AE's first level. So, searching 0x4500 in the SAV file will lead you to Abe's data). It is in doc/formats/nxtp.h

[Paul]

Hmm I think these structures just map onto the games internal structures for the game objects? I will take a look at AO demo files when I get a chance and compare it with what you have found

[mlg man]

Hey paul how the GUI camtool going?

[Paul]

Steady, I would not expect anything for another couple of weeks at least due to my limited free time these days.

[Software Bug]

Just wanted to drop in and say that you sir are doing great work Keep it up!
So whats the actual status on things? Working on the AO ripping tools etc and planning/dreaming/thinking about recreating the A.L.I.V.E. engine?

[Paul]

I'd say ThibG is reversing PC versions of AE formats and I am reversing PC versions of AO formats

I have reversed:
-Cam images
-Type 3 anim files
-Palts
-Paths to some degree..

And currently I'm making a GUI tool to view/edit lvl's and view/replace cam images and view anim files.

I would like to reverse path files to the point where I can figure out how the scripting stuff works, then I would likely create a small proof of concept/demo that allows you to scroll through various cam files with all the scene props in place

But all this stuff is likely a long way a way..

[mlg man]

isn't there some kind of website with a team of hackers that could help?

MAGICAL MOD-MERGE!

Paul, i am pretty advanced in computers. What do you use to reverse everything. Im only young and have a lot of free time on my hands. i could get a lot of work done.
If you can post links to downloads and stuff for what i need. Thanks!

Oops, thats right, i posted 10 mins ago. sorry about double post!

[ThibG]

I've updated DDV and NxtP infos a few days ago, if you are interested in it.
@Paul, I'm interested in Anim files. By the way, did you find out how pixels are compressed in AE version of Bits files?
@mlg man, I'm using hte (package ht in debian and alike, http://hte.sourceforge.net/), and some python scripting.

[Paul]

Type 3 is some basic RLE encoding, type 4 is uncompressed, dunno about the others

edit: I use IDA Pro in windows, I doubt you'll have enough money to buy the full version of that (around $2k)

edit again: But you can grab OllyDbg or the free version of IDA

yet another edit: Looking at the VB/VH stuff did anyone try loading them into that psf lab app to see if they play?

[mlg man]

2k! Ill go to my friend named pirate. Oh yer, the VB and VH files in the pc version are NOT openable by any playstation sound viewer but you can open the VB an VH files in the Playstation version of the game. i really wanna replace sounds in the game. Badly! And go here: http://www.oddworldforums.net/showthread.php?p=364796
i posted some sounds i ripped from ao ps version.

Edit: Ok i have the freeware version. All i want to know is how do you force actions. Example: Force ddcheat menu to pop up.

[Paul]

:

2k! Ill go to my friend named pirate. Oh yer, the VB and VH files in the pc version are NOT openable by any playstation sound viewer but you can open the VB an VH files in the Playstation version of the game. i really wanna replace sounds in the game. Badly! And go here: http://www.oddworldforums.net/showthread.php?p=364796
i posted some sounds i ripped from ao ps version.

Edit: Ok i have the freeware version. All i want to know is how do you force actions. Example: Force ddcheat menu to pop up.

You look at the functions and trace through them, eventually you will find one early on in the games start up thats comparing command line argument strings, hence you will see a "its_me_your_father" string some where. Thus the best plan of action is:

1. Find this string in the "strings" view
2. Find all XREFS to it, there is likely only one in the command line argument parsing function
3. Study the code and figure out what its doing with it, you'll find its looking for the string you found the XREF to and then doing a few more things (it will call a function, reverse what this is doing and you'll see its reading the keyboard, you'll see the constant it passes to the keyboard reading function is VK_ENTER or something)

For anything else that cant be found by tracing references to a string requires a lot more work. I found corrupting a file format I'm trying to reverse so that it crashes the game is the best way. When it crashes you can set break points in the call stack and then replace the file with a good version and check what some of the functions are doing, one of the MUST deal with the file that you screwed up.

Can you post a VB and VH file from both the PC and PSX version from the same lvl archive so we can see what is different between them?

Edit: Oh by the way for the "forcing on bit" that can only really be done at run time by editing the register contents with IDA when you hit your breakpoints. For patching an exe OllyDbg is better so you should do this:

1. Find the instruction(s) location using Ida after you've figured everything out
2. Use OllyDbg to patch those instructions and save a patched exe (Or write your own patching Util since you know the hex for the instructions you want to insert, and the offset of where they start in the binary)

Final edit: Unless you know x86 asm, C, and C++ this is going to be very hard or impossible for you to do most things since you won't know whats going on. When looking at some x86 code you need to know if it was a C function or a C++ function. This means you need to know how the compiler implements vtables and how vtables work and a ton of other stuff. You are effectively trying to get c or c++ representation of what the x86 code is doing. So if you can't read the higher level language you will be screwed.

E.g

:

.text:0048EF50 ; int __stdcall WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd)
.text:0048EF50 _WinMain@16 proc near
.text:0048EF50
.text:0048EF50 hInstance= dword ptr 4
.text:0048EF50 hPrevInstance= dword ptr 8
.text:0048EF50 lpCmdLine= dword ptr 0Ch
.text:0048EF50 nShowCmd= dword ptr 10h
.text:0048EF50
.text:0048EF50 mov eax, [esp+hInstance]
.text:0048EF54 mov ecx, [esp+hPrevInstance]
.text:0048EF58 mov edx, [esp+nShowCmd]
.text:0048EF5C mov gInstance, eax
.text:0048EF61 mov eax, [esp+lpCmdLine]
.text:0048EF65 mov dword ptr gPrevInstance, ecx
.text:0048EF6B mov gShowCmd, edx
.text:0048EF71 mov gcmdLinePtr, eax
.text:0048EF76 call game_init
.text:0048EF7B mov eax, gExitCode
.text:0048EF80 retn 10h
.text:0048EF80 _WinMain@16

You can see I've renamed everything to what it is, such as gInstance which is a global that stores the app instance. I know this because I know that WinMain() is the entry point (you could figure this out from looking at MSDN though)

But you also need to know that when it was C code it would have looked like this:

:

int WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, char* lpCmdLine, int nShowCmd)
{
gInstance = hInstance;
gPrevInstance = hPrevInstance;
gShowCmd = lpCmdLine;
gcmdLinePtr = pCmdLine;
game_init();
return gExitCode;
}

[mlg man]

sorry, i lost my abes oddysee psx disc, but i have both pc exoddus and psx exoddus in another language, but pc is english. Is it possible?

[Paul]

It should be, both ps1 games should have the same vb/vh file formats

[mlg man]

Heres a zip of the pc and psx vb's and vh's for the mines level.

Good Luck!

[Paul]

Looks like the exodus ones are not the same, I think they have taken all of the sound samples out of the vb and placed them into the sounds.dat!

Edit: the vab headers are almost identical though one appears to have a few extra bits tacked onto the end

[mlg man]

i have found out the sounds.dat compression. its a signed 16 bit PCM little endian. raw file. i was able to replace sounds in game. AMAZING!

[Paul]

:

i have found out the sounds.dat compression. its a signed 16 bit PCM little endian. raw file. i was able to replace sounds in game. AMAZING!

You need the info that tells you where the files start and end from the vh headers parsing to make it useful though

[mlg man]

Ok, i'm not that smart. But i will be posting a video on how to replace sounds in audacity. But they have to be same or shorter sound length. I replaced abe's "hello" with the mean muduckon "hi!". Now abe is a badass!

[Naulahauta]

Hmmm.. That opens a lot of doors to localization hacks.

[mlg man]

i am willing to post a stream of sounds, and the first 3 people to send me a modified version of the sound stream, will get it compiled. And after that, i will make a thread on how to replace the sounds yourself.

[Wil]

Regarding localization, do we not already have ways of replacing the backgrounds and the LED messages? If you can now replace in-game sounds, what else is there besides the FMV audio that would require editing for new, custom localizations?

[Naulahauta]

-LED Messages. Can easily be edited.
-Some textual graphics such as the "Elum hates bees" sign (or something like that. Can't remember what it was exactly). Should be editable with the CAM tool.
-The chant messages like "Watch out for that bat". No idea about those.
-FMVs, yeah. I don't know what format they're in, but I guess if one can re-encode, it shouldn't be too hard. Voice actors are a different thing, heh.
-Sounds. Possible.

That's all I can give from the top of my head.

[Wil]

I'm sure I've seen the hint fly messages in the same, um, file as the LED messages.

This is quite exciting. I'd be very interested to see a fan-made localization of the game.

[MeechMunchie]

So... this means you can change everything except the physical placement of game objects and platforms?

[Paul]

Here is version 0.1 of my editor (remove .tff extension, everything else has a file size limit )

You can
-View cam images
-View whats in a lvl archive
-View lvl file "chunks"
-Add files
-Delete files

You can't
-View anything other than a cam image
-Many other things

If you find anything you consider to be a bug then explain it to me in detail long with what OS you are running etc and I'll see about fixing it

Edit: Forgot to mention I stole all icons and images from somewhere on this forum