XeNTaX Forum Index
Forum MultiEx Commander Tools Tools Home
It is currently Thu Dec 14, 2017 11:13 am

All times are UTC + 1 hour


Forum rules


Please click here to view the forum rules



Post new topic Reply to topic  [ 22 posts ]  Go to page 1, 2  Next
Author Message
 Post subject: Helldorado
PostPosted: Mon May 04, 2009 8:42 pm 
Offline
beginner

Joined: Thu May 24, 2007 7:21 pm
Posts: 39
Has thanked: 13 times
Have thanks: 4 times














You can make the ads go away by registering

The contents of this post was deleted because of possible forum rules violation.


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Tue May 05, 2009 1:14 am 
Offline
VVIP member
VVIP member
User avatar

Joined: Thu Dec 08, 2005 12:26 pm
Posts: 1925
Location: www.ZENHAX.com
Has thanked: 4 times
Have thanks: 631 times
extracting the files is ok, the only problem is retrieving their names.
I have made only a quick external analysis of the archives but I guess that if the names are really stored in them they are located in the bytes between the offset/size table and the first file in a compressed form.
the following is the quickbms script for extracting the files without names:
Code:
idstring "SBPAK V 1.0\r\n\0\0\0"
get DUMMY long  # ever the same
get DUMMY long  # ever the same
filexor 0x08

get DUMMY long
get DUMMY long
get DUMMY long
get FILES long
get DUMMY long
get BASE_OFFSET long
get TOTAL_SIZE long

for i = 0 < FILES
    get SIZE long
    get OFFSET long
    get DUMMY long
    get DUMMY long
    math OFFSET += BASE_OFFSET

    log "" OFFSET SIZE
next i


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Tue May 05, 2009 6:10 pm 
Offline
beginner

Joined: Thu May 24, 2007 7:21 pm
Posts: 39
Has thanked: 13 times
Have thanks: 4 times
Thx Bugtest :)


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Wed May 06, 2009 10:16 pm 
Offline
veteran
User avatar

Joined: Sun Jun 08, 2008 10:32 pm
Posts: 127
Location: Developers Country
Has thanked: 1 time
Have thanks: 29 times
Yes, the only - and biggest - problem is to retrieve the filenames. They seem to be encrypted in a special way.
Also, the whole file seems to be XORed with 0b6h - but according to a flag somewhere. I haven't been able to analyze this further...


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Thu May 07, 2009 12:08 am 
Offline
VVIP member
VVIP member
User avatar

Joined: Thu Dec 08, 2005 12:26 pm
Posts: 1925
Location: www.ZENHAX.com
Has thanked: 4 times
Have thanks: 631 times
an idea for catching the right XOR byte can be the reading of the byte at offset 0x18 which is 0xff in clear mode so it's enough to xor it with 0xff to get the right xor value.
the only problem is that now the Filexor command uses a fixed number/string as argument while in the past it used a variable so now I need to re-introduce that old argument type for allowing the usage of dynamic xor values

*edit* I have figured the filenames encryption


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Fri May 08, 2009 7:57 pm 
Offline
beginner

Joined: Thu May 24, 2007 7:21 pm
Posts: 39
Has thanked: 13 times
Have thanks: 4 times
Great work as always Bugtest.
Can it be handled with a BMS script?


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Fri May 08, 2009 8:29 pm 
Offline
VVIP member
VVIP member
User avatar

Joined: Thu Dec 08, 2005 12:26 pm
Posts: 1925
Location: www.ZENHAX.com
Has thanked: 4 times
Have thanks: 631 times
sure and indeed I have already written the script yesterday but the dynamic xor value has been re-introduced in the new version that I will release tomorrow.
so you need only to wait some hours :)


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Sat May 09, 2009 4:33 pm 
Offline
VVIP member
VVIP member
User avatar

Joined: Thu Dec 08, 2005 12:26 pm
Posts: 1925
Location: www.ZENHAX.com
Has thanked: 4 times
Have thanks: 631 times
as promised:
http://aluigi.org/papers/bms/helldorado.bms

remember to update QuickBMS!


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Sat May 16, 2009 10:06 pm 
Offline
veteran
User avatar

Joined: Sun Jun 08, 2008 10:32 pm
Posts: 127
Location: Developers Country
Has thanked: 1 time
Have thanks: 29 times
@bugtest:
I was using your BMS-script and it is able to recover the file structure properly. Evaluating it I found out that lines 7...9 are not necessary, because the XOR-value is 0xB6 in any case (it is EXE-hard-coded).
But that's not the problem.
The actual problem is that not the whole PAK-file is XORed. Certain files are stored in their original form (like BIK-videos, WAV-sounds and maybe other files which format I don't know.)
I tried to analyze the PAK-structure but I am overextended to find a solution.
There must be a XOR-flag somewhere...


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Sat May 16, 2009 11:45 pm 
Offline
VVIP member
VVIP member
User avatar

Joined: Thu Dec 08, 2005 12:26 pm
Posts: 1925
Location: www.ZENHAX.com
Has thanked: 4 times
Have thanks: 631 times
from what I have understood (I don't have all the files or the full game) and verified with the demo only some types of files are not xored, like BIKs.
so seems extension-based because the other fields (like the 2 DUMMYs in the table) have a content which is not constant also for the bik files.

so, resuming, here after having checked the content of data.pak of the demo I have seen only the bik files which don't use the xor obfuscation while all the other files are correct.
have you verified if there all the wav files don't use xor or only some of them?


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Tue May 19, 2009 9:16 pm 
Offline
veteran
User avatar

Joined: Sun Jun 08, 2008 10:32 pm
Posts: 127
Location: Developers Country
Has thanked: 1 time
Have thanks: 29 times
After investigating extracted files I can confirm that only BIK-files seem to be stored without XORing (maybe for performance reasons).
Comparing with the extension ".BIK" to make a XOR-decision might be sufficient, I think.


Top
 Profile  
 
 Post subject: need help
PostPosted: Wed May 20, 2009 5:58 am 
Offline
ultra-n00b

Joined: Tue May 19, 2009 9:51 pm
Posts: 1
Has thanked: 1 time
Have thanks: 0 time
I can not use helldorado.bms unpack a locale language file(ZH.PAK ia a chinese)
I put in
http://cid-12e5359bddd15270.skydrive.live.com/self.aspx/SBPAK-ZH/Helldorado-GB%7C_v1.01.rar
please help me unpacker it
thanks!


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Wed May 20, 2009 11:51 am 
Offline
VVIP member
VVIP member
User avatar

Joined: Thu Dec 08, 2005 12:26 pm
Posts: 1925
Location: www.ZENHAX.com
Has thanked: 4 times
Have thanks: 631 times
well finally we know when it's used the additional xoring I saw in the code :)
redownload my script and go down until you see the message "# uncomment the following 5 lines if you get wrong filenames!" and remove the # char in the lines which follow it:
Code:
    if XBYTE & 1
        math BYTE ^= 0x6e
    else
        math BYTE ^= 0x65
    endif

now you can extract the files from zh.pak without problems.
indeed 0x6e and 0x65 are the "en" string so I guess that in other country based paks will be needed to change it.
for example in the german demo that value was set to "de" (0x65 0x64) but as far as I know it wasn't used while in an hypothetic italian version it will be 0x74 0x69

at the moment I have not found a way to implement this check automatically at runtime in the script, so the manual editing of the script is necessary


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Thu May 21, 2009 8:49 am 
Offline
Site Admin
User avatar

Joined: Wed Jan 15, 2003 6:45 pm
Posts: 4020
Location: Dungeons of Doom
Has thanked: 414 times
Have thanks: 554 times
Nice going bugtest!


Top
 Profile  
 
 Post subject: Re: Helldorado
PostPosted: Sun Mar 20, 2011 1:09 pm 
Offline
n00b

Joined: Sat Sep 04, 2010 1:37 pm
Posts: 10
Has thanked: 0 time
Have thanks: 0 time
Hey guys! I used the script posted here. In misc.pak file there is a small program packed inside called "sbpacker.exe", which can create, list and unpack pak-files for the game. It extracts all the data including folders. :) It's the official tool, I guess...


Attachments:


You do not have the required permissions to view the files attached to this post. Register to gain access.



Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 22 posts ]  Go to page 1, 2  Next

All times are UTC + 1 hour


Who is online

Users browsing this forum: Yahoo [Bot] and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group