It’s not perfect, but you can tweak the source code (for example, changing how long rp_thread::sleep() is called, and where), and probably get some better performance. If you’re up for a challenge, you can also try to improve the code that decides on the next move! (if you do, it’d be great if you shared the changes!).

Anyway, here is the zip file. [ autoblitz-export.zip ]

The binaries are in the export directory. You will be asked for a “hWnd” (window handle), which can be found using the program “Spyxx” which comes with visual studio.

That happened with me with a game called Bejeweled Blitz on Facebook. My friends online have been competing for high score for the past few weeks. I got to thinking…”How hard would it be to write a program to automate playing this game..?”.

This is the result of that question. It took a few days at a few hours per day. Probably about 6 hours combined time. Right now the bot is able to play pretty well. It can do better than I can most the time (although my high score currently beats the bot’s high score). With some improvements, I expect that will dramatically change.

Anyway, here’s a video of the program in action.

[youtube=http://www.youtube.com/watch?v=WRqGzqnip-w]

Update:

The autoblitz bot just scored 258,400.

text made out of smileys. kthx.

Why Not?

I have been talking to a developer, Martin, who has spent some of his extra time fiddling with Cxbx. He was able to get some teaser screenshots from Battlestar Galactica. The game displays the menu, and even some in-game. I won’t get into too many details, but here are a couple screenshots.

I have not started to work on Cxbx on a regular basis — but I think this progress is very motivating, and it is tempting me to boot back up my development setup and take another look after a very long absence.

Many thanks to Martin for the contributions and for allowing me to post about his progress. Cheers.

Sometime’s I goof off a little..

This is a video of a small application I made on the Chumby. You touch the screen, and a small blob of “lava” follows your finger around. You basically get the sense of smearing the blobs around the touch screen.

[googlevideo=http://video.google.com/videoplay?docid=-3183080343701099686&hl=en]

And this is a funny video of a Chumby with two USB dogs humping it.

[googlevideo=http://video.google.com/videoplay?docid=-2315250673640190670&hl=en]

There is a nice tool created by Microsoft Research, called Detours. This is basically an API which helps you to perform binary function interception and instrumentation. This API is fairly robust and well thought out, and I use it in this project. However, there is certainly a fair amount of missing functionality.

While testing my application against a popular product that uses the “unicows” library, I stumbled across a very interesting situation during which the Detours method of function interception will not apply.

Basically, unicows has it’s own custom version of GetProcAddress build in. This custom code crawls through the in memory PE header and obtains function offsets by hand. This means that, for dynamically loaded function addresses, using the Detours functionality I am unable to intercept functions loaded at run-time.

So, in order to properly intercept these functions, it was necessary to create an additional API from within Detours. This function needs to crawl through the PE header, and replace the Export Directory entry for a given API with the virtual address of the function you wish to be called, instead. The function will also return the original virtual address, so that you can call that function within your intercepted version.

The new code is here: DetourReplaceExport.txt

So, now I have a working solution for hijacking an API which is linked dynamically using a non-standard GetProcAddress. Yays!

Here is a video of the etching of Ignignokt in progress:

[youtube=http://www.youtube.com/v/Q1u3H6NpbHQ]

The following is an example of something simple but cool you can do with this program. I will be using some basic DOS interrupts in order to do console input and output. (Lookup ‘DOS interrupt 21h’ on google to find out more).

I’ll highlight everything i’m typing in green so you can try this at home. You won’t need to type the optional comments (anything after the semicolon is ignored), and they get lost when you write the file anyway.

C:>debug kthx.com

-a 100
1476:0100 mov cl, d7 ; default cl to character 'd7'
1476:0102 mov ah, 6  ; ah:6 is console input/output
1476:0104 mov dl, ff ; dl:ff specifies input
1476:0106 int 21     ; interrupt 21 call
1476:0108 jz 10c     ; skip next instruction if failure
1476:010A mov cl, al ; save result of console input
1476:010C mov dl, cl ; load current character as output
1476:010E int 21     ; interrupt 21 call
1476:0110 jmp 102    ; loop forever!
1476:0112
-r cx
CX 0012
:12
-w
Writing 00012 bytes
-q
C:>

Now, when you execute “kthx.com”, you will see the screen swamped with the funky ‘d7′ ASCII character.

Whenever you type a character, the screen with update to display that character. Try alternating between visible characters and not visible characters (like space). For more fun, try to as quickly as possible type “\|/-\|/-” (animates like a little progress bar).

Note that you cant really exit the program. Pressing ctrl+c will actually just display a little heart character. It would be easy to modify the code to accept a character (like escape or control+c) to exit, but i’ll leave that up to you :].

This is just one basic thing you can make a .com file do. For a cooler example, check out neetro. Neetro is a little bit more complex than the program above, so it would have been a pain to write using “debug”. The source is instead compiled using nasm.