ZenHAX

Free Game Research Forum | Official QuickBMS support | twitter @zenhax | SSL HTTPS://zenhax.com
It is currently Mon Oct 26, 2020 7:31 am

All times are UTC




Post new topic  Reply to topic  [ 41 posts ]  Go to page 1 2 3 Next
Author Message
PostPosted: Thu Mar 19, 2020 5:05 am 

Joined: Thu Mar 19, 2020 4:50 am
Posts: 4
Hey, Genshin Impact's closed beta began today.
It runs on Unity, but everything except for audio and video files are saved in .blk files
I'm not sure what they are, and normal unity extraction tools don't work on them. But I have a sample for you guys since I can't figure it out.

https://drive.google.com/file/d/1xqnKJE ... sp=sharing


Top
   
PostPosted: Thu Mar 19, 2020 2:14 pm 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 11690
"blk\0", 32bit 0x10 and then just nonsense data, probably encrypted


Top
   
PostPosted: Thu Mar 19, 2020 3:17 pm 

Joined: Sat Nov 15, 2014 9:03 am
Posts: 12
knightheart wrote:
Hey, Genshin Impact's closed beta began today.
It runs on Unity, but everything except for audio and video files are saved in .blk files
I'm not sure what they are, and normal unity extraction tools don't work on them. But I have a sample for you guys since I can't figure it out.

https://drive.google.com/file/d/1xqnKJE ... sp=sharing


send some dll or .so or download url to me.


Top
   
PostPosted: Thu Mar 19, 2020 9:08 pm 

Joined: Thu Mar 19, 2020 4:50 am
Posts: 4
Quote:
"blk\0", 32bit 0x10 and then just nonsense data, probably encrypted


Any idea how to decrypt it?


Quote:
send some dll or .so or download url to me.



I don't understand what you're asking for
the assembly dlls? and I don't see any .so files in this game.


EDIT:
Actually, the first closed beta used different files, being .asb
I can't get into them either, so https://drive.google.com/open?id=14zgee ... q8sBfZMrAr


Top
   
PostPosted: Fri Mar 20, 2020 5:05 am 
User avatar

Joined: Thu Jan 11, 2018 7:14 am
Posts: 32
The blk file uses a key group for XOR encryption

asb file xor key
Code:
\x71\x98\xaa\xe6\xce\x1b\x05\x4a\xe9\xff\x45\x21\xc3\x38\x5e\x3c
\x0f\xfb\xf5\xbb\xf6\x81\x48\x15\xfa\xd7\x77\x35\x82\x17\xd9\x9d
\x56\x28\x2e\xa9\x51\xba\x66\x2f\x22\xdd\xbb\x8a\x3b\xad\x90\x63
\xc6\x64\xfb\xd6\xcf\xa8\xbc\x48\x02\xc3\xbe\x36\xb2\x93\xbc\xd9

Skip "mark" at the beginning of asb
asb has 4 data blocks 612 and a 112 byte data block
4 bytes separated by each block need to be ignored
Image
Image


Top
   
PostPosted: Fri Mar 20, 2020 1:19 pm 

Joined: Sat Nov 15, 2014 9:03 am
Posts: 12
Genshin Impact PC version,

This is some logs of Genshin Impact PC version;

Hope that can help you


Attachments:
File comment: Some Logs
Logfile.7z [331.17 KiB]
Downloaded 220 times
Top
   
PostPosted: Fri Mar 20, 2020 8:24 pm 

Joined: Thu Mar 19, 2020 4:50 am
Posts: 4
lisomn wrote:
The blk file uses a key group for XOR encryption

asb file xor key
Code:
\x71\x98\xaa\xe6\xce\x1b\x05\x4a\xe9\xff\x45\x21\xc3\x38\x5e\x3c
\x0f\xfb\xf5\xbb\xf6\x81\x48\x15\xfa\xd7\x77\x35\x82\x17\xd9\x9d
\x56\x28\x2e\xa9\x51\xba\x66\x2f\x22\xdd\xbb\x8a\x3b\xad\x90\x63
\xc6\x64\xfb\xd6\xcf\xa8\xbc\x48\x02\xc3\xbe\x36\xb2\x93\xbc\xd9

Skip "mark" at the beginning of asb
asb has 4 data blocks 612 and a 112 byte data block
4 bytes separated by each block need to be ignored
Image
Image



Thank you, but I don't quite understand what I'm supposed to do with this info.
Do you mind walking me through the process of decrypting the files?


Top
   
PostPosted: Mon Mar 23, 2020 7:38 am 

Joined: Mon Mar 23, 2020 7:33 am
Posts: 1
knightheart wrote:
lisomn wrote:
The blk file uses a key group for XOR encryption

asb file xor key
Code:
\x71\x98\xaa\xe6\xce\x1b\x05\x4a\xe9\xff\x45\x21\xc3\x38\x5e\x3c
\x0f\xfb\xf5\xbb\xf6\x81\x48\x15\xfa\xd7\x77\x35\x82\x17\xd9\x9d
\x56\x28\x2e\xa9\x51\xba\x66\x2f\x22\xdd\xbb\x8a\x3b\xad\x90\x63
\xc6\x64\xfb\xd6\xcf\xa8\xbc\x48\x02\xc3\xbe\x36\xb2\x93\xbc\xd9

Skip "mark" at the beginning of asb
asb has 4 data blocks 612 and a 112 byte data block
4 bytes separated by each block need to be ignored
Image
Image



Thank you, but I don't quite understand what I'm supposed to do with this info.
Do you mind walking me through the process of decrypting the files?


Where did you get the files for the first closed beta? I might be able to help you figure out the process if I can get them.


Top
   
PostPosted: Mon Mar 23, 2020 8:31 am 

Joined: Thu Mar 19, 2020 4:50 am
Posts: 4
Rongril wrote:

Where did you get the files for the first closed beta? I might be able to help you figure out the process if I can get them.


I was chosen for the first closed beta, so I got them directly from Mihoyo

I can't upload the entire thing, but i'm willing to send any individual files you'd need though, just let me know what it is.


Top
   
PostPosted: Mon Mar 23, 2020 1:42 pm 

Joined: Mon Mar 23, 2020 1:37 pm
Posts: 4
removed

link added below


Last edited by jovehong on Tue Mar 24, 2020 2:02 pm, edited 1 time in total.

Top
   
PostPosted: Tue Mar 24, 2020 10:03 am 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 11690
Please just limit yourself to provide only the requested files for analysis.
If it's a closed beta probably you are not allowed to share the whole game (not sure how it works but check by yourself).
So, jovehong, I guess it's better if you edit your links.


Top
   
PostPosted: Tue Mar 24, 2020 1:45 pm 

Joined: Mon Mar 23, 2020 1:37 pm
Posts: 4
aluigi wrote:
Please just limit yourself to provide only the requested files for analysis.
If it's a closed beta probably you are not allowed to share the whole game (not sure how it works but check by yourself).
So, jovehong, I guess it's better if you edit your links.


this closed beta needs invited account to play game
isn't it ok to share?

whatever, currently upload zip to google drive


*edit*
https://drive.google.com/drive/folders/ ... sp=sharing
2 assets .blk zip, 1 localge.pak


Top
   
PostPosted: Tue Mar 24, 2020 2:47 pm 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 11690
jovehong wrote:
this closed beta needs invited account to play game

Good point, thanks for the info.


Top
   
PostPosted: Tue Mar 24, 2020 5:41 pm 

Joined: Sat Nov 15, 2014 9:03 am
Posts: 12
Block Cipher
such as AES/DES
it get the key from "MiHoYo.SDK.HTTPServer.exe"


Top
   
PostPosted: Wed Mar 25, 2020 1:51 am 

Joined: Mon Mar 23, 2020 1:37 pm
Posts: 4
heng32032 wrote:
Block Cipher
such as AES/DES
it get the key from "MiHoYo.SDK.HTTPServer.exe"


that .exe uploaded on above drive link


Top
   
PostPosted: Wed Mar 25, 2020 7:32 am 

Joined: Thu Jun 15, 2017 5:12 am
Posts: 11
Anyone already figure out the AES encryption key for blk files?


Top
   
PostPosted: Wed Mar 25, 2020 8:02 pm 
User avatar

Joined: Wed Mar 25, 2020 7:41 pm
Posts: 9
The game will run fine if you delete this exe file. But on the other side, removing "mihoyo_sdk_res" will make the game unloadable, it'll not be able to go further than the main screen. However the content of this file is pretty much unknown to me yet, All I can see is that it's Unity related because at the start of the file there's "UnityFS 5.x.x 2017.1.0p5". But you can see content of "mihoyo_sdk_res.manifest" (the game will also runs without this file). I will attach both file so anyone can take a look and maybe have an idea. I will also attach some extra files that may help the process but I'm not sure. I may add or remove stuff if I get more infos.

https://mega.nz/#F!1IhGgCTT!xplK0h7Hhr-_qIRjKlZhwA

EDIT: those "mihoyo_sdk_res" and "PC" file are packed Unity assets file and can be explored with UABE.


Top
   
PostPosted: Sun Mar 29, 2020 3:12 am 

Joined: Sun Mar 29, 2020 3:10 am
Posts: 1
With that xor key what i should i exactly do and what software is used to decrypt them?


Top
   
PostPosted: Thu Apr 02, 2020 11:36 pm 
User avatar

Joined: Wed Mar 25, 2020 7:41 pm
Posts: 9
knightheart wrote:
Rongril wrote:

Where did you get the files for the first closed beta? I might be able to help you figure out the process if I can get them.


I was chosen for the first closed beta, so I got them directly from Mihoyo

I can't upload the entire thing, but i'm willing to send any individual files you'd need though, just let me know what it is.


Can you find a way to upload the entire thing for me? I want to compare the files, it'll be easier for me like this. I'm also a CBT2 tester but I wasn't a CBT1.


Top
   
PostPosted: Fri Apr 10, 2020 1:55 am 

Joined: Mon Nov 07, 2016 1:25 pm
Posts: 6
I decrypted the .blk file, but I don’t want to disclose the source code, I can provide a decryption tool


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic  [ 41 posts ]  Go to page 1 2 3 Next

All times are UTC


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Powered by phpBB® Forum Software © phpBB Limited