ZenHAX

Free Game Research Forum | Official QuickBMS support | twitter @zenhax | SSL HTTPS://zenhax.com
It is currently Wed Dec 13, 2017 10:18 pm

All times are UTC




Post new topic  This topic is locked, you cannot edit posts or make further replies.  [ 1 post ] 
Author Message
 Post subject: Intro - FAQ - Rules
PostPosted: Tue Aug 05, 2014 9:30 am 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 7241
Hello,

I'm Luigi Auriemma, I guess you know me as aluigi and for my QuickBMS tool used to extract files from the archives of various games.

This is a "game research community" just like Xentax but it's all free and with more freedom for both users and non-users.
Currently you can consider it a "complement" of Xentax but, who knows, maybe in future it will become even a real alternative :)

I work personally on various research topics and I can provide direct help on them, like archives extraction, compression and encryption, help to locate the correct script for a file format, QuickBMS scripting, tools written by me, some game internals, examples, some programming tips and so on.

Remember that this is a community and NOT a personal forum (like was the good old forum.aluigi.org) so it's not about me or my help moreover because I can't dedicate much time to it.
In short: I pay hosting and domain BUT providing content is your work and your mission :)

If you like the forum and/or the idea, spread the word!


FAQ and rules

What name is ZenHAX?
It's very simple:
  • xentax -> xenhax = Xentax without "tax" and more "hacks"
  • xenhax -> zenhax = the X was difficult to pronounce and "zen" is a relaxing word
Honestly I think that zenhax is a very nice name, short and can be pronunced easily :)

What is ZenHAX?
A community forum about game file formats, protocols, security, information and other "under the hood" stuff.

What is allowed to post on this forum?
The forum is about game research, so it's for things like the following:
  • understanding the format of a game file
  • extracting game archives
  • everything about compression, encryption, obfuscation, encoding/decoding, conversion, extraction/reimporting and other algorithms used in games
  • any other low-level information related to games like protocols and internals
  • game security vulnerabilities and news related to game security in general

What is not allowed?
Anything which is:
  • completely (directly and indirectly) unrelated to the topics of the forum (e.g. cooking)
  • covered by other dedicated external forums (e.g. cheating)
  • illegal (e.g. warez, botnets)
  • advertising (e.g. "best SEO services")

Is it limited only to games?
No, any format of any software is accepted but games are the main software category to use custom file formats and "exotic" algorithms.
For example formats of some software and dumped firmwares.

Is it free?
100% free and will remain free forever: no donations, no advertising, no banners, no strict rules, no private sections.

What are the best ways/guidelines to post?
Be clear and synthetic, aka "go to the point".
A long post will be read by few people, others will give up because annoyed to read lot of useless text.
If you want to post information about a news or a tool, maybe add:
  • the subject of the information (name of the tool and target game)
  • an abstract (files extractor or Steam voip vulnerabilities)
  • the verbose or less verbose information with details

What's the policy about external links for tools and information?
If available, post ever links to the official source of information or the homepage of the tool.
For example if you want to post a link to QuickBMS you will link http://quickbms.aluigi.org or http://aluigi.altervista.org/quickbms.htm and not an executable file on dropbox.

Can I attach files?
Yes, there is plenty of space available. Currently the limit for each file is 5 mb but it may change in future.
When we review an unknown game archive we need to have a sample to review and so you can provide a splitted version of such archive.
There is a quickbms script to split files here (used by users like you), so if your file is very big then upload the 2 files generated by the filecutter.bms script.
For big files you can use any file hoster like mega, mediafire, sendspace, zippyshare, dropbox and so on, then paste the link in your post.

What are QuickBMS and those text scripts that I see in the forum?
QuickBMS is an extraction tool that works with some text files that contain the necessary instructions for reading the format.
It's very useful because it already contains many compression and encryption algorithms and all you need is just the quickbms executable and the script: no installation, no .NET framework, no Python/Ruby/Perl, no external dependencies, no compatibility issues, no bloatware, no requirements (it works even on Windows 98!).
And yes, it's open source (GPL license), multi platform and actively supported by me.

What's the best way to request help for a format?
Usually it's necessary the following:
  • name of the game
    • the platform it may be useful because the same game on PS2 and Xbox may use different formats
  • a small sample of the file in attachment or a link to file hosters
    • if the file is smaller than 10mb you can just upload it entirely, otherwise it's better to split it with the filecutter.bms script
    • an alternative for the sample is the image of the hex edited file or the textual dump of the hex editor
    • sometimes it's just enough to post the "magic" value (a sequence of 4 bytes) located at the beginning of the file, maybe it's a known format
The sample is necessary because often we don't have that game and so we need it only for research purposes.

I have extracted the files from the archive and now how to read them?
Reverse engineering a game for modding it is a process composed by many steps.
First it's necessary to extract the files from the archives (my field).
Some of these files may have common formats like mp3, ogg, png, tga and dds, so there are no problems to open them.
Other files instead may have custom formats like images without headers, codecs that are rarely used or are customized, but the main problems are the 3d models because usually they require a big work of "tuning".
If you want to mod the game probably you need also the last step: allowing the game to read your content.
Sometimes the game accepts the new content outside the archives (some games may require a command-line option when launched) while other times it's necessary to "repack" the content in a new archive.
My preferred method is the reinjection because it means zero additional work, in fact QuickBMS already implements all the code that works with most of the game archives, information in section 3 of http://aluigi.org/papers/quickbms.txt.
Anyway, as you can see, it's a long process requiring multiple skills and often the researchers are good only in some of them, basically it's a team work.
That's why it's necessary to have patience sometimes.

How to reimport files with QuickBMS?
Read section 3 of http://aluigi.org/papers/quickbms.txt
If that's still not clear take a look at this example: viewtopic.php?p=23032#p23032
Long story short: the procedure is the same you used for extraction (I really mean the same: same input file and folder!).

Why nobody replies to my posts/requests?!?
Usually: people are busy and have no time to review or work on your requests.
Often: people have skills in specific fields and so they can help only on their fields.
Ever: people are not directly interested in that game/topic, the task requires too much time and effort, the information you provided are not enough.
I give you an example to explain the situation: let's say that you want to extract the files of game X and its archives are big, complex, encrypted, the game is not available for free/demo, it's an online-only game updated frequently and so on... honestly I would spend not even one minute on it if it's not a game that I own and like personally.

I don't have a website and I would like to maintain a thread in which I provide my scripts, tools and research!
That's great! Open a thread in the Researchers threads section.

I have no programming/research/reversing skills!
It's not a problem, the community is made by people who:
  • request help
  • help others by making the research or finding an already public solution
  • share their information and findings
  • share useful information and links found on other websites to create a sort of collection
  • write tutorials, videos, howto and step-by-steps or translate existing material in their language
  • provide new ideas to improve the community: a wiki? a new section? a new phpbb mod? a new project? new features for a tool?
  • spread the word about the forum
There is FOR SURE something to which you can contribute to, even asking help to extract the files of an unknown game archive is a contribution!

Why there is a market?
Because on Xentax it's full of people willing to pay researchers for having some works.
After having evaluated that it's impossible to go against what people desire, I decided to provide a place where it's possible to ask help for tasks on which nobody was able to help for free.
Topics for selling stuff are NOT allowed, you can only offer money/whateveryouwant for a work you need.
Please note that any possible work and transaction between the users is just their business so the forum is not responsible (like people who don't pay or don't give the work or the work is horrible and doesn't work), consider that section only a space for announcements and nothing else.

Why there are few people and posts?
The forum has been started in August 2014.
This is a community so there are lot of things you can do to contribute and first and most important one is: spread the word about this forum!
If more people are aware of this place then more people will join and will contribute.
After all it's free and there are good chances that you will learn or teach something.

Is it like Xentax? I LOVE/HATE Xentax!!1!
The forum is just like Xentax but hopefully here you will find what you love of Xentax and not what you hate.
Remember that this forum is NOT a competitor of Xentax or against them, I'm their friend and I have been there for many years!.
It's just a way to cover all the things that are not covered there and those that are even unique (like game security).

I would like to remain update about the forum on Twitter and RSS feeds
https://twitter.com/zenhax
feed.php

Why I get a white page when I follow your links on aluigi.org / aluigi.altervista.org?
It's a sort of anti-leech protection of the Altervista hosting, it's enough that you click on the link provided on that page and you will access or download the file.

Regarding the Game security section: how to uze da *boom* tool??/? how can I patch my game server X against the *boom* attack?
That section is only for news and real new research.
So:
  • no old stuff, except if it's still unpatched on new games or is quite recent (3 or 6 months max?)
  • no help on using tools, proof-of-concepts and so on
  • no help on patching servers and games against security issues
  • no cheating: cheats and security bugs are usually called "hacks" in the game community but are completely different - cheats give a gameplay advantage while security vulnerabilities give an advantage against systems and users

I don't like the section X! I would like to see the section Y on the forum to discuss about Z
Ok, send me your suggestions and we will evaluate them, maybe with a poll if they are interesting.

Can I contact you via PM for the game X?
No, use the forum, there are more chances to receive support.

Is the forum available also on HTTPS/SSL?
Update 24 Jan 2017:
YES, ZenHAX works also on HTTPS and it's highly suggested if you log in the forum from untrusted connections (free wifi):
https://zenhax.com

I registered but I didn't receive the registration email!
Wait 5 minutes and check the spam folder.
It may even happen to wait a couple of hours to receive the registration email in some rare cases.
If you still see no email contact me at me@aluigi.org or with a message on twitter @luigi_auriemma.
I periodically check the status of the inactive users so, in any case, you should not wait longer than one week.

The website is down or very slow!
Wait patiently, it will return to work in few minutes.

I have a question not covered by this FAQ
Post in this section if it's something related to the forum, or write me via email or twitter.


Top
   
 
Display posts from previous:  Sort by  
Post new topic  This topic is locked, you cannot edit posts or make further replies.  [ 1 post ] 

All times are UTC


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Powered by phpBB® Forum Software © phpBB Limited