ZenHAX

Free Game Research Forum | Official QuickBMS support | twitter @zenhax | SSL HTTPS://zenhax.com
It is currently Sun Oct 22, 2017 4:44 am

All times are UTC




Post new topic  Reply to topic  [ 27 posts ]  Go to page 1 2 Next
Author Message
PostPosted: Sat Mar 25, 2017 6:50 pm 
User avatar

Joined: Tue Feb 02, 2016 2:35 am
Posts: 969
Here is a sample. It seems to be XOR judging from the beginning of the file.

_________________
Expect my username to be everywhere, whether you're using the internet or not.


Top
   
PostPosted: Tue Apr 18, 2017 6:15 pm 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 6896
For example xored with the bytes: 0xb3 0x98 0xcc 0x66


Top
   
PostPosted: Wed Apr 19, 2017 1:29 am 
User avatar

Joined: Tue Feb 02, 2016 2:35 am
Posts: 969
Okay, now I`m getting somewhere with this.

The script shows the whole progress I`ve been having with some of those Ubisoft games that used Jade engine(Ubisoft Montpellier`s post-2003 games, and the Prince of Persia trilogy courtesy of Ubisoft Montreal), or we were never told it was used in the first place(Just Dance(2009) by Ubisoft Paris).


Attachments:
jade_WIP.bms [3.7 KiB]
Downloaded 25 times

_________________
Expect my username to be everywhere, whether you're using the internet or not.


Last edited by AnonBaiter on Mon Jun 26, 2017 1:54 pm, edited 2 times in total.
Top
   
PostPosted: Wed Apr 19, 2017 6:21 am 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 6896
It's a big script, the format seems quite complex


Top
   
PostPosted: Wed Apr 19, 2017 3:17 pm 
User avatar

Joined: Tue Feb 02, 2016 2:35 am
Posts: 969
aluigi wrote:
It's a big script, the format seems quite complex

Well, I decided to just go and look out for Ubisoft games that used this format. Which is why the script grew this much.

_________________
Expect my username to be everywhere, whether you're using the internet or not.


Top
   
PostPosted: Fri May 19, 2017 5:09 pm 

Joined: Tue Sep 30, 2014 5:59 pm
Posts: 68
AnonBaiter wrote:
Okay, now I`m getting somewhere with this.

The script shows the whole progress I`ve been having with some of those Ubisoft games that used Jade engine(Ubisoft Montpellier`s post-2003 games, and the Prince of Persia trilogy courtesy of Ubisoft Montreal), or we were never told it was used in the first place(Just Dance(2009) by Ubisoft Paris).


And for the game Peter Jackson's King Kong does not work :cry: . Is it possible to alter the script for this game?


Top
   
PostPosted: Fri May 19, 2017 8:39 pm 
User avatar

Joined: Tue Feb 02, 2016 2:35 am
Posts: 969
ponaromixxx wrote:
And for the game Peter Jackson's King Kong does not work :cry: . Is it possible to alter the script for this game?
It`s because the script is not ready and I would rather fill in the puzzles for an entire filename of just one file than just extract the archives without the filenames(a.k.a. hashes as filenames, or just "").

_________________
Expect my username to be everywhere, whether you're using the internet or not.


Top
   
PostPosted: Sat May 20, 2017 3:55 pm 

Joined: Tue Sep 30, 2014 5:59 pm
Posts: 68
AnonBaiter wrote:
ponaromixxx wrote:
And for the game Peter Jackson's King Kong does not work :cry: . Is it possible to alter the script for this game?
It`s because the script is not ready and I would rather fill in the puzzles for an entire filename of just one file than just extract the archives without the filenames(a.k.a. hashes as filenames, or just "").


Clearly, we will wait for the development of the script)


Top
   
PostPosted: Sun Jun 18, 2017 8:11 pm 

Joined: Sun Jun 12, 2016 2:59 pm
Posts: 4
This tool was found in a (likely unofficial) Russian installer for the game. It was named bftool.exe but it self-identifies as dpktool. It seems to sucessfully unpack Rayman4.bf at least partially, but always crashes in the same place while unpacking. It's meant to also have a function to repack back into a BF but that hasn't sucessfully worked for me yet. Maybe this EXE could be analysed to further decode the BF format?


Top
   
PostPosted: Sun Jun 18, 2017 9:22 pm 
User avatar

Joined: Tue Feb 02, 2016 2:35 am
Posts: 969
Interesting how you managed to find that...

_________________
Expect my username to be everywhere, whether you're using the internet or not.


Top
   
PostPosted: Wed Jun 21, 2017 6:15 pm 

Joined: Wed Jun 21, 2017 6:13 pm
Posts: 3
Hi! I have the .bf archive from Just Dance 1 but the script won't extract any files from it. I tried using the debug function of quickbms to see what is wrong but I can't see what is happening. I have uploaded a sample to see if you would like to test or edit the script for it.
https://drive.google.com/open?id=0B-YcY ... EoyM3Qxbmc


Top
   
PostPosted: Wed Jun 21, 2017 8:40 pm 
User avatar

Joined: Tue Feb 02, 2016 2:35 am
Posts: 969
mzkoops56 wrote:
Hi! I have the .bf archive from Just Dance 1 but the script won't extract any files from it. I tried using the debug function of quickbms to see what is wrong but I can't see what is happening.
It actually works well with my script, but it's still skeleton at its core. I advise you to read the entire thread for details as to why it won't work as you expect it to.

_________________
Expect my username to be everywhere, whether you're using the internet or not.


Top
   
PostPosted: Wed Jun 21, 2017 10:20 pm 
User avatar

Joined: Tue Feb 02, 2016 2:35 am
Posts: 969
Okay, now here's a question for aluigi(although anyone can answer as well).

So, I've already XOR-ed the header, right? However, turns out it also affects the entire archive as well, right after the entire header(which is TOTAL_INFO_SIZE) since they didn't go through the same encryption process anyway.

I had this solution that could've XOR-ed everything back to normal after all the information has been obtained but it doesn't work:
Code:
      if BF_SIGN == "BUG"
         filexor "\xb3\x98\xcc\x66" OFFSET
      endif
See this file for example.

_________________
Expect my username to be everywhere, whether you're using the internet or not.


Top
   
PostPosted: Sun Jun 25, 2017 9:58 pm 
User avatar

Joined: Tue Feb 02, 2016 2:35 am
Posts: 969
Never mind, I had thought of another method.

So I decided to do something like this:
Code:
log MEMORY_FILE OFFSET SIZE
So by logging MEMORY_FILE with the OFFSET and SIZE field you can see the script trying to get away with the whole "filexor" process by saving every single byte that came from the original archive with an encrypted header(Rayman4.bf in this case). I have updated the script so it now supports extraction, although its filename is assigned through a DUMMY1 variable.

_________________
Expect my username to be everywhere, whether you're using the internet or not.


Top
   
PostPosted: Mon Jun 26, 2017 1:43 am 

Joined: Tue Sep 30, 2014 5:59 pm
Posts: 68
And there is a possibility how to extract files with names for example here such names are there for sounds en_de_03a_code_09.wad

Sound_Common.bf


Top
   
PostPosted: Mon Jun 26, 2017 2:06 am 
User avatar

Joined: Tue Feb 02, 2016 2:35 am
Posts: 969
ponaromixxx wrote:
And there is a possibility how to extract files with names for example here such names are there for sounds en_de_03a_code_09.wad
Figuring out the directory tree is my highest priority, so until I find a way to support this tree assigning the filename to what was the original filename might be considered.

_________________
Expect my username to be everywhere, whether you're using the internet or not.


Top
   
PostPosted: Mon Jun 26, 2017 3:30 am 

Joined: Tue Sep 30, 2014 5:59 pm
Posts: 68
AnonBaiter wrote:
ponaromixxx wrote:
And there is a possibility how to extract files with names for example here such names are there for sounds en_de_03a_code_09.wad
Figuring out the directory tree is my highest priority, so until I find a way to support this tree assigning the filename to what was the original filename might be considered.


So, so far there is no way to assign names in any other way?


Top
   
PostPosted: Mon Jun 26, 2017 3:36 am 
User avatar

Joined: Tue Feb 02, 2016 2:35 am
Posts: 969
ponaromixxx wrote:
AnonBaiter wrote:
ponaromixxx wrote:
And there is a possibility how to extract files with names for example here such names are there for sounds en_de_03a_code_09.wad
Figuring out the directory tree is my highest priority, so until I find a way to support this tree assigning the filename to what was the original filename might be considered.
So, so far there is no way to assign names in any other way?
There are currently two choices:
1. Assign the filename by the NAME variable, at which point you need to modify a few lines.
2. Assign the filename as a 32-bit hash value(what the script does).

_________________
Expect my username to be everywhere, whether you're using the internet or not.


Top
   
PostPosted: Mon Jun 26, 2017 5:00 am 

Joined: Tue Sep 30, 2014 5:59 pm
Posts: 68
AnonBaiter wrote:
ponaromixxx wrote:
AnonBaiter wrote:
Figuring out the directory tree is my highest priority, so until I find a way to support this tree assigning the filename to what was the original filename might be considered.
So, so far there is no way to assign names in any other way?
There are currently two choices:
1. Assign the filename by the NAME variable, at which point you need to modify a few lines.
2. Assign the filename as a 32-bit hash value(what the script does).


Sorry, but I do not understand scripts very well, and I can not fix it myself, could you help me !?


Top
   
PostPosted: Mon Jun 26, 2017 1:55 pm 
User avatar

Joined: Tue Feb 02, 2016 2:35 am
Posts: 969
ponaromixxx wrote:
Sorry, but I do not understand scripts very well, and I can not fix it myself, could you help me !?
Help you through what exactly?
Also I just updated the script for you.

_________________
Expect my username to be everywhere, whether you're using the internet or not.


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic  [ 27 posts ]  Go to page 1 2 Next

All times are UTC


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Powered by phpBB® Forum Software © phpBB Limited