[Reverse Engineering] Disassembling a Wii/Gamecube game

Discussion in 'Wii - Emulation and Homebrew' started by Cubedevelop, Jul 6, 2017.

  1. Cubedevelop
    OP

    Cubedevelop Newbie

    Newcomer
    4
    0
    Jul 6, 2017
    United States
    Hi all engineers.
    Let's talk about how to disassemble Wii/Gamecube games.
    As far as i know the only possible way is with IDA Pro disassembler and a few of its plugins, right?

    I have IDA Pro v6.8 and i'm trying to make it understand the DOL executable file format (from a Gamecube game, in this case Luigi's Mansion USA ).
    And also i want IDA to read important debug symbols ( API function names and their references ).

    Even though i have put the Gekko plugin and DOL loader in the proper subfolders,
    the executable is seen as just binary and i don't see anything in the Imports tab (debug symbols should appear there, right?? ).

    The Dol loader i have used is this one, for IDA 6.1: http://blog.delroth.net/2012/03/gcwii-dol-plugin-built-for-ida-6-1/

    And the Gekko plugin i used is: https://github.com/nihilus/PPCAltivec

    Here are the folders which i have put these plugins in:

    [​IMG]

    [​IMG]

    To extract the files from the game iso, i have used GC-tool: http://wiki.gbatemp.net/wiki/GC-Tool

    As you can see i have extracted the files by doing ISO=>"Extract whole ISO..." with also the extra options to extract the DOL, Apploader, etc.

    [​IMG]

    Here are the extracted files. I think that &&systemdata folder does not belong to the original game itself,
    it is an extra folder created by GC-tool to put the DOL file in because i have enabled the extra options.

    [​IMG]

    [​IMG]

    And here i have tried loading the Start.dol file ,... but it does not recognize it as a DOL and that's also evident because it does not know where the entry point is.
    As you can see there are no entries that start with "DOL", "Gamecube", "Nintendo" or even "Wii" in the dropdown for the processor type:

    [​IMG]
    [​IMG]
    [​IMG]
    [​IMG]

    I ended up choosing just big-endian PowerPC:

    [​IMG]

    And here are the next steps i've taken, for example i have loaded the disassembler in 32-bit mode and not 64 because the PowerPC instructions are all 32bits, ... is this correct? I am a bit ignorant on PPC , sorry.
    And also for the "device name" i really did not know what to choose , so i picked "ppc".

    [​IMG]
    [​IMG]


    Here the result, it just does not understand a DOL and i don't see API function names in the debug symbols / Import section...

    [​IMG]
    [​IMG]

    What am i missing?
    Maybe i need to use another version of IDA, or different tools?
    The only thing that comes to my mind is.. my IDA is 6.8 but the DOL loader is for 6.1 and the Gekko extension... don't know actually :O .
    But i think that IDA 6.8 is retro-compatible with plugins for older version, isn't it?

    Thanks guys
     
  2. mrvirr3

    mrvirr3 Newbie

    Newcomer
    1
    0
    Aug 6, 2017
    Sweden
    I know this was a while ago but make sure you run the 32-bit version of IDA and not the 64-bit version.