User:32th System/SA Replay Info Collection

Replay header THIS INFORMATION IS INCOMPLETE

Finding replay loading code These steps should also be possible with any other Touhou game. If saving a replay twice results in a completely different replay (like it's the case in ) this exact method will not work  Save 2 of the exact same replay with a different name Make sure that there are only a few bytes that differ in your replays In one of the replays, edit a byte that is different from the other Enter the replay menu, your game should crash! If it does, enter the replay menu again, this time run the game with a debugger The address at which the game crashes should be in the replay loading function 

Alternative method that worked in  Put a breakpoint on WriteFile Save a replay</li> When you hit this breakpoint, look on the stack to find the function that called WriteFile. This is the replay saving function</li> Right below it should be the the replay loading function</li> </ul>

What I know about decryption so far Start at replay start + offset after decrypting a byte with initial key AA, add a number specified by function argument decrypt_adder (argument 3 of function Rx581c0), go 2 bytes before the byte just decrypted and repeat until the variable/register (in this case eax) with initial value offset/2 that gets decremented every loop is 0