faqy wrote:hhchunter wrote:They encrypted it, don't ask me why.
Didn't take long for it to be broken.
It's using XXTEA
Keys crc32
Hash XXTEA 53527737 7506499E BD39AEE3 A59E7268
Ok, I'm not quite understand.
So,XXTEA keys are "53527737 7506499E BD39AEE3 A59E7268"?
But I cant use them get anything.
I really wish Hunter hadn't posted these... but I'll assume that you're using these keys/information for the purposes of localising the data under a law in your region that covers it, as I'm discussing it from/for the same from/in mine. (e.g. fixing obvious errors in typographical things, or correcting display errors caused by IOI rushing a patch out, or localising to make the game easier/faster to play in a language other than English (so you don't need to pause and pick up a dictionary)).
A couple of things:
1. The ID field is a CRC32 of an uppercase string.
2. The offset list keys match the languages in order of the game's usage -- you can find the full names in-game, these are what the game uses in short form (en,fr,it,de,es,ru,mx,br,pl). Given a list of localisation keys you do full relocalisation, though I've been warned off this topic by Travis (who is the community person for IOI), so I won't go into depth (though it's kind of needless to say that this is why my public repository for tooling and the localisation project are now gone). You can get the full list of active/live languages for LOCR from the thumbs file, which is also XXTEA encrypted (but with different keys). I'm not going to say what the keys are, but they have been revealed elsewhere.
The values are now 8-byte aligned, hinting at a block cipher. Deduction and a negligible amount of work putting together a tool to dump the data later I got the keys, which only a handful of people were meant to see (Hunter included in that list). I believe the source Hunter quoted is from a Vietnamese RE team who float around gamesurge and have been posting wonderfully awful things about me as of late -- the formatting matches their leaks for this and a few other things.
The four keys for XXTEA are: 0x53527737 0x7506499E 0xBD39AEE3 0xA59E7268. I had confirmed this a little over a day after the new patches came out changing the format. What Hunter didn't post was the delta (0x61C88647) or Sum (0xC6EF3720). The delta is two's complement of 0x9E3779B9 (the delta usually used) and 0xC6EF3720 is the sum usually used; most developers use variants of these (something they can easily remember). From there, if you have a decent XXTEA implementation in whatever you use, you have the data. If you don't putting one together is trivial, or finding one is easy
---
Sidenote: there was an effort by a group on freenode to get the game localisation data using memory dumps. The change from their bit-twiddling cipher to XXTEA seems to have changed what's exposed and when it's exposed; the complaint being that the data in memory is limited to what's needed actively, so if you drift too far from the region of the map they reported it's missing. How true this is I couldn't say -- I'm not interested in dumping the game repeatedly while playing to get the data when the RPKG protection is what it is (nor after Travis (who works for IOI) threatened me for "modding the engine" (despite the fact I haven't done any RE on the binary)). However, if the reports are true this means they're doing live cipher work (which is far more expensive than a table-lookup), so this change adds overhead. If it changes again I doubt they'll want to be putting additional overhead into an already fragile engine, so for look obvious/cheap ciphers if that's the case.