Chapter 21 General file reverse engineering

This section has thoughts and ideas that go into reverse engineering file formats from scratch. A lot of the concepts are covered partially elsewhere but more importantly many are very simple and although they are far from foolproof they work far more often than they do not.

The two things you want to have when reverse engineering (other than a full spec or maybe source code) are lots of examples of the format and a version of the file containing a lot of primitives of the sort of thing it contains (although having versions with more advanced features is useful as well).

Two popular sites hosting a lot of information about formats are xentax.com and multimedia.cx (aimed more at multimedia but houses a large amount of information on the music and video formats used in games).

DGTEFF has a nice alternative viewpoint on a few of the techniques covered here and “The Definitive Guide to Exploring File Formats” is well worth a read.