• We have added an "AG" Registration date/Username profile option. If you add this upon signup we'll be able to verify faster thanks. (If already joined you can edit under profile settings.)

    If you had an account on OG1 you will need to re-register as this is a new start for all.

PS1 PlayStation RE toolchain for Ghidra

blincoln

Member
Joined
Aug 6, 2019
Messages
8
Reaction score
13
Last year, I worked with several folks in the prototype-collecting world to obtain early versions of a few of my favourite games.

It's been a long time coming, but here's a small thank-you in return:


The PSX-EXE => ELF converter should work with any PlayStation game. Ghidra doesn't support PSX-EXE, but it does support ELF, so that will get you going.

If you have a PsyQ .SYM file for the game, there's a good chance that the remaining three tools will let you generate enough data for Ghidra to recover a fairly accurate approximation of the original source code.

This is very much an alpha release, so feedback and bug reports are appreciated. I mostly tested it on builds of Soul Reaver, but it works on at least one beta version of Biohazard 2 as well.
 

blincoln

Member
Joined
Aug 6, 2019
Messages
8
Reaction score
13
DrMefistO make excelent loader
I'll definitely be taking a look at that. Thanks! I won't have time to do work on the code until after the weekend, but I've got a couple of things to look at in terms of additional features and support for unusual things in some games, plus I want to greatly improve the documentation.

In case it's unclear, one of the big benefits to my tool versus that one is that I don't think DrMefistO's code will import SYM file data currently, and I'd be very surprised if it generated the decompiled source code as individual files from Ghidra's one big .C file.

I originally looked into writing a direct PSX-EXE importer for Ghidra, but I figured if I wrote a PSX-EXE => ELF converter, then it would let people use PSX-EXEs in other tools that also only support ELFs, like RetDec. Both approaches have benefits and drawbacks, though.
 

blincoln

Member
Joined
Aug 6, 2019
Messages
8
Reaction score
13
Just released version 0.3, which you can consider "alpha 2". There are some major improvements based on feedback from people testing it against some other prototypes. One of the most obvious is that static/extern/global variables should have their data type set correctly. I also added a walkthrough of using it with a Need For Speed 4 build that I think was released somewhat recently. That one would crash the 0.2 toolchain, but gets decent result now.

Still a long way to go before it's done, but hopefully it's helpful :).
 

blincoln

Member
Joined
Aug 6, 2019
Messages
8
Reaction score
13
Just released 0.4 / "alpha 3", which works even better. Thanks to Gh0stBlade and everyone else who sent me bugs and other issues.

Look at what a great job Ghidra can do at decompiling a PSX game if it has the right data! This is without any manual work in Ghidra.

TDR03.PNG
 

VGKintsugi

Member
Joined
Jul 31, 2019
Messages
8
Reaction score
16
This is awesome. I've been working on a Sega Saturn loader, will look to see how you did some of the analyzer stuff.
 
Last edited:

Dedok179

New member
Joined
Jul 9, 2019
Messages
4
Reaction score
0
Just released 0.4 / "alpha 3", which works even better. Thanks to Gh0stBlade and everyone else who sent me bugs and other issues.

Look at what a great job Ghidra can do at decompiling a PSX game if it has the right data! This is without any manual work in Ghidra.

View attachment 2594
Where can I download your loader for PS1?
 

blincoln

Member
Joined
Aug 6, 2019
Messages
8
Reaction score
13
Where can I download your loader for PS1?
@Dedok179 , it's the link in the first post: https://www.beneaththewaves.net/Software/This_Dust_Remembers_What_It_Once_Was.html. The downloads are at the bottom of the page.

I've been working on a major update. Hoping to have it released by the end of the week if I can get the docs updated quickly enough. Feel free to try out the 0.7 release that's up there now, but the version I'm working on will be about fifty times better.
 

blincoln

Member
Joined
Aug 6, 2019
Messages
8
Reaction score
13
OMG this is great. Any chance this will work with PS2 games as well?
PS2 games are next on my list :). That should be much easier to get working correctly since they use DWARF symbols embedded in their ELF files, and Ghidra already parses DWARF data.
 

Dedok179

New member
Joined
Jul 9, 2019
Messages
4
Reaction score
0
@Dedok179 , it's the link in the first post: https://www.beneaththewaves.net/Software/This_Dust_Remembers_What_It_Once_Was.html. The downloads are at the bottom of the page.

I've been working on a major update. Hoping to have it released by the end of the week if I can get the docs updated quickly enough. Feel free to try out the 0.7 release that's up there now, but the version I'm working on will be about fifty times better.
As I understand it, it normally decompiles only if me find the SYM file? That is, not all games in a row, but only prototypes and those versions where this file was forgotten to be deleted upon release.
 

blincoln

Member
Joined
Aug 6, 2019
Messages
8
Reaction score
13
As I understand it, it normally decompiles only if me find the SYM file? That is, not all games in a row, but only prototypes and those versions where this file was forgotten to be deleted upon release.
You can still use the ELF converter to import the binary into Ghidra without the SYM file, but you won't get the debugging information.
 

blincoln

Member
Joined
Aug 6, 2019
Messages
8
Reaction score
13
Just released version 0.8, which as promised is a massive improvement over all previous versions.

See the list of changes at https://www.beneaththewaves.net/Software/This_Dust_Remembers_What_It_Once_Was.html#History

Some highlights:
  • Added a custom Ghidra script that exports global/static variables as C code.
  • Added another custom script that attempts to automatically detect arrays.
  • PsyQ memory overlays (e.g. for Diablo) are now handled.
  • Basically all aspects of the toolchain are greatly improved - no manual workarounds required for most of the example games now.
I also added a really detailed tutorial on the overlay functionality, but I recommend it as a general guide/example of the quality of results: I added a new tutorial that covers PsyQ memory overlays, but it's worth reading as a general guide as well: https://www.beneaththewaves.net/Software/TDR_Practice_Using_OVERLAYS.html
 
Top