ZenHAX

Free Game Research Forum | Official QuickBMS support | twitter @zenhax | SSL HTTPS://zenhax.com
It is currently Tue Jun 19, 2018 6:42 am

All times are UTC




Post new topic  Reply to topic  [ 319 posts ]  Go to page Previous 112 13 14 15 16
Author Message
PostPosted: Sat Jun 09, 2018 5:28 pm 

Joined: Tue Jul 26, 2016 12:07 am
Posts: 15
aluigi wrote:
In that case how can you know what files have been skipped?
Maybe it has more sense to allow the existent -0 option (it's used in extraction) to be used with the reimport feature for "testing" the injected files, and it would tell you "file1.txt" is ok, "file2.txt" can't be reimported and so on.
That would be easy to implement.


I do not need to know which files were skipped yet. Just make that it skips all the files that are larger than the original at a time so as not to press a button y each time. But thanks for the advice. In my case, I want it to cut files that are larger than the original. But if you will think of adding and this function, it would be cool.


Top
   
PostPosted: Sat Jun 09, 2018 9:46 pm 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 8290
Truncating a file is for sure something I will never implement because reimporting 8 bytes is not the same as reimporting the 10 bytes I need. There is reimport2.bat for trying reimporting bigger files.

The automatic skip is difficult to insert because there are already 4 choices for the user... a lot, adding a 5th one would be confusing.

-0 in riemport mode is ok


Top
   
PostPosted: Sun Jun 10, 2018 7:05 am 

Joined: Tue Jul 26, 2016 12:07 am
Posts: 15
aluigi wrote:
Truncating a file is for sure something I will never implement because reimporting 8 bytes is not the same as reimporting the 10 bytes I need. There is reimport2.bat for trying reimporting bigger files.

The automatic skip is difficult to insert because there are already 4 choices for the user... a lot, adding a 5th one would be confusing.

-0 in riemport mode is ok


With this -0 nothing happens. Everything also lists that list.

- do you want to skip this file? (y/N/force)
y will continue with the next file and skip the current file
N (default) will terminate QuickBMS, maybe you can try with the -r -r mode
force will force the reimporting of the file (NEVER use this!!!)

And where should I punch the button y every time until I hang myself.
The automatic skip would be nice. And the fact that someone to confuse and press the wrong option is already his problem.


Top
   
PostPosted: Sun Jun 10, 2018 8:03 am 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 8290
Dima Bilan wrote:
With this -0 nothing happens.

in next quickbms


Top
   
PostPosted: Sun Jun 10, 2018 8:33 am 

Joined: Tue Jul 26, 2016 12:07 am
Posts: 15
aluigi wrote:
in next quickbms


And when will the next quickbms?


Top
   
PostPosted: Fri Jun 15, 2018 7:13 am 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 8290
QuickBMS will be released this week-end, hopefully tomorrow.


Top
   
PostPosted: Sat Jun 16, 2018 1:14 am 
User avatar

Joined: Tue May 29, 2018 9:07 pm
Posts: 5
There's no way to know if NameCrc command's lookup has failed and thus, no way to have a fallback naming method. Comparing output variable to "" after running the command returns false. Not sure if it's a bug or not so I eventually decided it to post it here.


Top
   
PostPosted: Sat Jun 16, 2018 7:26 am 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 8290
Here it works correctly in the sleeping dog script, example:
Code:
    namecrc NAME hash MEMORY_FILE10 32 "" "32 -1 0 1 1 1"
    if NAME == ""
        string NAME p "%08x." hash


Top
   
PostPosted: Sat Jun 16, 2018 6:13 pm 
User avatar

Joined: Tue May 29, 2018 9:07 pm
Posts: 5
aluigi wrote:
Here it works correctly in the sleeping dog script, example:
Code:
    namecrc NAME hash MEMORY_FILE10 32 "" "32 -1 0 1 1 1"
    if NAME == ""
        string NAME p "%08x." hash

Strange, I'm pretty sure I tried this before and it didn't work. Oh, well, thanks.


Top
   
PostPosted: Sun Jun 17, 2018 6:51 am 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 8290
I'm going to release quickbms 0.9.0 and the following are 2 examples of C code for using the 3 available IPC interfaces of "quickbms.exe -W 1234" (1234 is the port of the web API which is not covered by the example) and the quickbms_compression function of quickbms.dll:

Code:
// ipctest.c
#include <stdio.h>
#include <stdlib.h>
#include <windows.h>



// example
char            compressed_algo[]   = "zlib";
unsigned char   compressed_data[]   =
                    "\x78\x01\x53\xa6\x0e\xe0\xe5\x02\xc1\xc0\xd2\xcc\xe4\x6c\x27\xdf"
                    "\x60\x5e\xae\xa4\x4a\x05\x9f\xd2\xcc\xf4\x4c\x05\xc7\xd2\xa2\xcc"
                    "\xd4\xdc\xdc\x44\x5e\xae\x54\xdd\xdc\xc4\xcc\x1c\x2b\x85\xdc\x54"
                    "\x87\xc4\x1c\x90\x9c\x5e\x7e\x51\x3a\x2f\x57\x79\x6a\x92\x95\x02"
                    "\x10\x20\x8b\x65\xe4\xe7\xa6\x82\x04\x33\x4a\x4a\x0a\xac\xf4\xf5"
                    "\x0b\x41\xc6\x26\xe5\x16\xeb\x25\xe7\xe7\x02\x25\x53\x73\x0a\x90"
                    "\x24\xab\x52\xf3\x32\x12\x2b\x20\x52\x20\x48\x35\x0f\x01\x00\xe7"
                    "\x38\x3d\x1c";
int             compressed_size     = sizeof(compressed_data) - 1;
unsigned char   *decompressed_data  = NULL;
int             decompressed_size   = 282;



int main(int argc, char *argv[]) {
    HANDLE  h   = INVALID_HANDLE_VALUE,
            h2  = INVALID_HANDLE_VALUE;
    DWORD   dw;
    int     ipc_mode,
            size;
    char    *name,
            tmp[32];

    if(argc < 2) {
        printf("\nUsage: %s <mode(0,1,2)>\n", argv[0]);
        exit(1);
    }

    ipc_mode = atoi(argv[1]);
    switch(ipc_mode) {
        case 0: name = "\\\\.\\pipe\\quickbms_byte";        break;
        case 1: name = "\\\\.\\pipe\\quickbms";             break;
        case 2: name = "\\\\.\\mailslot\\quickbms\\send";   break;
        default: exit(1); break;
    }

    printf("name %d %s\n", ipc_mode, name);
    h = CreateFile(name, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    printf("handle %p\n", h);
    if(h == INVALID_HANDLE_VALUE) exit(1);

    switch(ipc_mode) {
        case 0:
            dw = PIPE_READMODE_MESSAGE;
            SetNamedPipeHandleState(h, &dw, NULL, NULL);
            break;
        case 1:
            dw = PIPE_READMODE_BYTE;
            SetNamedPipeHandleState(h, &dw, NULL, NULL);
            break;
        case 2:
            SetMailslotInfo(h, MAILSLOT_WAIT_FOREVER);
            h2 = CreateMailslot("\\\\.\\mailslot\\quickbms\\recv", 0, MAILSLOT_WAIT_FOREVER, NULL);
            if(h2 == INVALID_HANDLE_VALUE) exit(1);
            break;
    }

    SetLastError(0);    // useful but not necessary

    sprintf(tmp, "comtype %s\n", compressed_algo);
    WriteFile(h, tmp, strlen(tmp), &dw, NULL);
    printf("dw %d (%d)\n", (int)dw, (int)GetLastError());

    sprintf(tmp, "%d\n", compressed_size);
    WriteFile(h, tmp, strlen(tmp), &dw, NULL);
    printf("dw %d (%d)\n", (int)dw, (int)GetLastError());

    WriteFile(h, compressed_data, compressed_size, &dw, NULL);
    printf("dw %d (%d)\n", (int)dw, (int)GetLastError());

    sprintf(tmp, "%d\n", decompressed_size);
    WriteFile(h, tmp, strlen(tmp), &dw, NULL);
    printf("dw %d (%d)\n", (int)dw, (int)GetLastError());

    if(ipc_mode == 2) {
        CloseHandle(h);
        h = h2;
    }

    ReadFile(h, tmp, sizeof(tmp), &dw, NULL);
    printf("dw %d (%d)\n", (int)dw, (int)GetLastError());
    size = atoi(tmp);

    decompressed_data = calloc(1, size);

    ReadFile(h, decompressed_data, size, &dw, NULL);
    printf("dw %d (%d)\n", (int)dw, (int)GetLastError());

    CloseHandle(h);

    fwrite(decompressed_data, 1, size, stdout);

    return 0;
}

Code:
// dlltest.c
#include <stdio.h>
#include <stdlib.h>
#include <windows.h>



// example
char            compressed_algo[]   = "zlib";
unsigned char   compressed_data[]   =
                    "\x78\x01\x53\xa6\x0e\xe0\xe5\x02\xc1\xc0\xd2\xcc\xe4\x6c\x27\xdf"
                    "\x60\x5e\xae\xa4\x4a\x05\x9f\xd2\xcc\xf4\x4c\x05\xc7\xd2\xa2\xcc"
                    "\xd4\xdc\xdc\x44\x5e\xae\x54\xdd\xdc\xc4\xcc\x1c\x2b\x85\xdc\x54"
                    "\x87\xc4\x1c\x90\x9c\x5e\x7e\x51\x3a\x2f\x57\x79\x6a\x92\x95\x02"
                    "\x10\x20\x8b\x65\xe4\xe7\xa6\x82\x04\x33\x4a\x4a\x0a\xac\xf4\xf5"
                    "\x0b\x41\xc6\x26\xe5\x16\xeb\x25\xe7\xe7\x02\x25\x53\x73\x0a\x90"
                    "\x24\xab\x52\xf3\x32\x12\x2b\x20\x52\x20\x48\x35\x0f\x01\x00\xe7"
                    "\x38\x3d\x1c";
int             compressed_size     = sizeof(compressed_data) - 1;
unsigned char   *decompressed_data  = NULL;
int             decompressed_size   = 282;



int __stdcall (*quickbms_compression)(char *algo, void *in, int zsize, void *out, int size) = NULL;



int main(int argc, char *argv[]) {
    printf("LoadLibrary %s\n", "quickbms.dll");
    HMODULE hlib = LoadLibrary("quickbms.dll");
    printf("hlib %p\n", hlib);
    if(!hlib) exit(1);

    quickbms_compression = (void *)GetProcAddress(hlib, "quickbms_compression");
    printf("quickbms_compression %p\n", quickbms_compression);

    decompressed_data = calloc(1, decompressed_size);

    printf("input size  %d\n", compressed_size);
    printf("output size %d\n", decompressed_size);
    int size = quickbms_compression(compressed_algo, compressed_data, compressed_size, decompressed_data, decompressed_size);
    printf("output_size %d\n", size);

    if(size >= 0) {
        fwrite(decompressed_data, 1, size, stdout);
    }
    return 0;
}

The compressed data used in the example (same for both) is the header of quickbms.txt

*edit* fixed calling convention, needs to be stdcall.


Top
   
PostPosted: Sun Jun 17, 2018 10:34 am 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 8290
QuickBMS 0.9.0 is finally out:
http://quickbms.com


Top
   
PostPosted: Mon Jun 18, 2018 5:01 pm 

Joined: Sun Aug 10, 2014 12:49 pm
Posts: 262
aluigi wrote:
QuickBMS 0.9.0 is finally out:
http://quickbms.com



Perfect. thx a lot any chance of C# example of usage of dll pls?


Top
   
PostPosted: Mon Jun 18, 2018 5:23 pm 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 8290
Come on there are tons of examples on the Internet about how calling an unmanaged C function of a DLL in C# :D


Top
   
PostPosted: Mon Jun 18, 2018 8:37 pm 

Joined: Sun Aug 10, 2014 12:49 pm
Posts: 262
aluigi wrote:
Come on there are tons of examples on the Internet about how calling an unmanaged C function of a DLL in C# :D


Well yeah u right, i just being lazy, but still it would be perfect to add it to quickbms.txt :D

Hmm but still not sure how build the compress and decompress functions after DLLimport call :(


Last edited by michalss on Mon Jun 18, 2018 8:42 pm, edited 1 time in total.

Top
   
PostPosted: Mon Jun 18, 2018 8:41 pm 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 8290
Homework for you: write a simple test in C# for calling quickbms_compression and post the code here in this topic :)


Top
   
PostPosted: Mon Jun 18, 2018 8:44 pm 

Joined: Sun Aug 10, 2014 12:49 pm
Posts: 262
aluigi wrote:
Homework for you: write a simple test in C# for calling quickbms_compression and post the code here in this topic :)



Nice ill do my best ill try tommorow.. :) Anyway i think this DLL is best approach i have to say. If all algos working then mate KUDOS... :)

LM : Next job would be to export all functions... :D


Top
   
PostPosted: Mon Jun 18, 2018 8:58 pm 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 8290
michalss wrote:
LM : Next job would be to export all functions... :D

Both quickbms.dll and quickbms.exe 0.9.0 export over 11800 functions


Top
   
PostPosted: Mon Jun 18, 2018 9:38 pm 

Joined: Sun Aug 10, 2014 12:49 pm
Posts: 262
aluigi wrote:
michalss wrote:
LM : Next job would be to export all functions... :D

Both quickbms.dll and quickbms.exe 0.9.0 export over 11800 functions


That is just perfect. U exported all functions releated to bms itself and dont need to use qbms.exe anymore? Not sure how u doing it but u are very good dev and revers engineer...


Top
   
PostPosted: Mon Jun 18, 2018 9:55 pm 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 8290
No, you can use only some few functions for specific jobs, for example some encryption functions or directly some compression algorithms or some utility functions.
Remember that the calling convention is ever cdecl and stdcall is used only for quickbms_compression and quickbms_encryption.


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic  [ 319 posts ]  Go to page Previous 112 13 14 15 16

All times are UTC


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Powered by phpBB® Forum Software © phpBB Limited