XeNTaX Forum Index
Forum MultiEx Commander Tools Tools Home
It is currently Wed Aug 23, 2017 8:49 pm

All times are UTC + 1 hour


Forum rules


Please click here to view the forum rules



Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: THE KING OF FIGHTERS XIV assets.wad all files decrypt!
PostPosted: Wed Aug 09, 2017 11:02 am 
Offline
n00b

Joined: Fri Jul 10, 2009 10:20 pm
Posts: 13
Has thanked: 1 time
Have thanks: 3 times

Thx 0 DAY-S[EGCG] to post this code update on 3dmgame

Code:
# The King of Fighters XIV (script 0.2)
# script for QuickBMS http://quickbms.aluigi.org
# updated by 0 DAY-S[EGCG] 海叔

idstring "AGAR"
get DUMMY long  # 1
get DUMMY long  # 1
get DUMMY long  # 0
get SIZE long
savepos OFFSET

# TOC
set KEY binary "\xfa\x52\x38\x8c\x66\xd6\x55\xfa\x1a\xfc\x2b\x6f\x97\xd8\x41\x41\xa9\x90\xb4\x41\xd4\xd2\xca\xb7\xa3\x82\xaf\x6d\x8d\xf7\x83\x2f\x82\xaf\x27\xa6\x1e\xc5\x26\x29\x9c\x1c\x6e\x23\xf5\xe4\xa0\xbe\x13\x4f\x13\xe1\x71\xf6\xfe\x31"
math KEYSZ = 0x38

callfunction SET_ENCRYPTION 1
log MEMORY_FILE OFFSET SIZE 0 XSIZE

math BASE_OFF = OFFSET
math BASE_OFF + XSIZE
math BASE_OFF x 8

# weird directory structure
set KEY binary "\x45\xaa\xb7\x2a\x4f\xb3\x1d\xe1\x66\x39\x2f\x5b\xd8\x23\x1f\xa4\xa3\xda\x89\xe5\x5e\x28\x9e\x18\x2c\x68\x71\x39\xec\x8d\xd6\x1a\xcd\xd3\xf8\x3d\xe5\x59\xe5\xd5\x8d\x19\x58\x6a\x9c\x9a\xd3\x81\x3c\xdd\xab\x81\xd8\x46\xda\xb7"
math KEYSZ = 0x38

# lame work-around!!!
math SIZE * 4
math SIZE | 0x80000000
callfunction SET_ENCRYPTION 1
log MEMORY_FILE2 BASE_OFF SIZE
findloc TMP binary "\xef\x4a\xdb" MEMORY_FILE2
math BASE_OFF + TMP
print "guessed base offset %BASE_OFF|X%"

# keys for the files
putarray 0 0  "\x98\x3b\xa6\xcc\xa7\x52\x32\xf9\x23\xbb\xe8\x7d\x39\x6c\xb7\x4e"
putarray 0 1  "\x13\xc7\xe8\x81\xd9\x8c\x75\x16\xf3\x2f\xbb\xf4\x21\x56\xb1\xa6"
putarray 0 2  "\x38\x50\x7b\x33\xee\xe5\xf0\x53\x4c\x5d\x2f\xc7\xf1\x65\xb8\x4a"
putarray 0 3  "\xc4\x55\x7f\x7c\xba\xb4\x42\x91\xee\x51\x2e\x37\xeb\x23\xaf\x54"
putarray 0 4  "\x23\xeb\x2d\xe6\xf7\x49\x92\x7c\x82\xfd\xec\x8e\xdc\x9f\x3e\xbc"
putarray 0 5  "\xcb\x49\xd8\x7c\xcc\x59\x7b\xca\x2d\xe2\x24\xb7\x19\x36\x37\x4d"
putarray 0 6  "\x2d\x3a\xfb\x28\x54\x21\x50\xb4\xa0\x77\xb8\xbb\xbf\xe8\xb1\x67"
putarray 0 7  "\xe3\x6f\xb2\xef\x65\x2b\xa2\x3a\x58\x2a\xba\x1f\xae\x68\xec\xbc"
putarray 0 8  "\xe7\x1e\x3d\xd6\xf5\xe2\x87\x9f\x68\xa1\x8b\xbb\xc7\xd4\xf2\x7d"
putarray 0 9  "\x3e\x3a\x10\xe4\xc1\x7b\xdf\x72\x39\x46\x40\x16\xfe\x94\x6b\xb5"
putarray 0 10 "\x20\x59\x25\xb9\xa6\x6b\x77\xc0\xbd\x4e\xe0\xbd\x1a\x25\x64\x3b"
putarray 0 11 "\x3f\xd0\x85\x35\x18\xd3\x8c\x59\x89\xc6\xd6\x61\x82\xb8\x5f\x75"
putarray 0 12 "\x25\x2b\xbc\xe5\x3a\xb3\x8b\x75\xb1\x2c\x7a\xdf\x98\xe6\x57\x8b"
putarray 0 13 "\x81\x6a\xcb\xb0\x8b\x17\x15\x10\x40\x53\x7b\x4a\x8a\xce\x77\x18"
putarray 0 14 "\x44\xc9\xcb\xd2\xb1\x76\xed\x2b\x18\xc6\x95\xc9\xd9\xda\x5a\xec"
putarray 0 15 "\x6b\x88\xa6\xd4\x16\x57\x3d\xd0\xb2\x4d\x1f\xf2\x48\x73\x17\x44"
math KEYSZ = 0x10

get FILES long MEMORY_FILE
for i = 0 < FILES
   
    get NAMESZ long MEMORY_FILE
   savepos POS MEMORY_FILE
   get N4 long MEMORY_FILE
   goto POS MEMORY_FILE
    getdstring NAME NAMESZ MEMORY_FILE
    get SIZE long MEMORY_FILE
    get DUMMY long MEMORY_FILE  # 0xffffffff or zero
    get OFFSET longlong MEMORY_FILE
    math OFFSET + BASE_OFF
   
    if SIZE & 0x80000000
      callfunction CALC_IDX 1
    endif

    math KEY_IDX & 0xf
    getarray KEY 0 KEY_IDX
    string KEY x KEY

    callfunction SET_ENCRYPTION 1
    log NAME OFFSET SIZE 0 XSIZE
next i

startfunction SET_ENCRYPTION
    if SIZE & 0x80000000    # DUMMY is -1 else is zero
        math SIZE & 0x7fffffff
        math XSIZE = SIZE
        math XSIZE x 8
        encryption blowfish KEY "" 0 KEYSZ
    else
        math XSIZE = SIZE
        encryption "" ""
    endif
endfunction

#calc the key_idx
startfunction CALC_IDX
    math RSIZE = SIZE
   math RSIZE & 0x7fffffff
   math N4 ^ RSIZE
   #print "%SIZE%"

   math TMP1 = N4
   math TMP2 = N4
   math TMP2 >> 24

   math TMP1 >> 8
   math TMP1 ^ N4
   math TMP1 >> 8
   math TMP1 ^ N4

   math TMP1 & 255

   math TMP3 = TMP1

   math TMP1 ^ TMP2
   math TMP3 ^ TMP2
   math TMP3 >> 4
   

   math TMP1 ^ TMP3

   math TMP1 & 15

   math KEY_IDX = TMP1
endfunction


You can make the ads go away by registering





Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: AlphaTwentyThree, Google [Bot], Martin3D and 9 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group