Debugging a DOS4GW/Causeway packed program

Question

I have a DOS program that I'm trying to reverse engineer. It uses the Causeway Extender(also known as DOS4GW) in order to load the program into 32-bit protected mode, and IDA Pro 5.0 cannot extract this for me. I saw another post that was similar where a guy said he unpacked the exe, but there was no description as to how he did it. I'd provide the link, but ironically I can no longer find it.

To clarify, I'm looking for an existing tool which I can use to 'unpack' this program for disassembly by IDA Pro or something. So far I've had no luck finding such a program.

I did that once (it was a pain though) - use a freeware dos extender to separate the 32 bit file from the MSDOS stub, use ida 4.1 to convert it to an idc database, open the database with 5.0 (because ida free 5.0 doesn't read the LE format, but can read old databases that use it. Details here. — Guntram Blohm, Jul 24 '15 at 22:34
DOS4GW is not the same as Causeway, what gave you that idea? — Igor Skochinsky, Jul 26 '15 at 12:25

score 1 · Answer 1 · answered Jul 26 '15 at 12:06

1

Causeway extender sources have been released into public domain:

http://www.devoresoftware.com/freesource/cwsrc.htm

The source includes the packer program (CWC) and the decompressor stub(DECSTUB.ASM).

answered Jul 26 '15 at 12:06

Igor Skochinsky

36,553
7
65
115

What gave me that idea was probably some poor choice of words on websites I was looking at. – Sevalecan Jul 26 '15 at 18:27
Causeway != DOS4G, which was provided standalone and as an addon with the Watcom C compiler. – Hernán Aug 20 '16 at 21:04

Debugging a DOS4GW/Causeway packed program

1 Answers1