Reversing dwarf fortress for !!fun!! and ruby presented at REcon 2012

by Yoann Guillot,

Tags: Reverse Engineering Gaming


Summary : Last year I gave a talk on Memory Eye, a memory analysis tool, which was used to look at the memory of the Dwarf Fortress game (

This year I'd like to cover what has been done since then, including one guy that wrote a graphic tool in lisp to analyse the heap of the game and spit out an XML description of the data structures ; a perl script that reads the XML and outputs c or c++ headers ; a binary hook to allow loading 'dfhack' inside the memory space of the game ; and finally my own contribution, loading a ruby interpreter in the game address space using dfhack, with access to all the game internal structures thanks to generated bindings from the XML.

The talk would include technical info, eg on how to allocate and initialize c++ objects manually, how we hook the game to initialize malloc()ed space to some marker and use that to match patterns in the c++ standard objects (std::string or std::vector), and how we reuse that to track changes in the data structures between one game version and the next ; but it would also show how a loose team of hacker from all around the world cooperate on this project.