rtanz wrote:You can try another small file which is from another directory.
Same structure here:
eocd.jpg
But the data is encrypted for sure coz the signature at offset 0x61983 is not 0x02014B50.
This is the file structure of the pak archives:
Code: Select all
char encryptedData[]
long end of central dir signature(0x06054b50)
short number of this disk
short number of the disk with the start of the central directory
short central directory on this disk
short total number of entries in the central directory
long size of the central directory
long offset of start of central directory with respect to the starting disk number
short .ZIP file comment length (alway to be 0x910)
char .ZIP file comment
{
long Size1 // 0x8
short Count1 // 3
short Count2 // 1
long Size2 // 0x84
char Hash[0x80] // MD5?
long Size2 // 0x884
char Data[0x880] // Encryption keys?
}
So the file should be a PKzip archive with custom encryption on all data except for the end of central directory record.
Knowing the decrypted data of some certain fields, like the first 4 bytes must be 50 4B 03 04, and the 4 bytes at offset of start of central directory(0x61983 for scripts.pak, 0x88C for config.pak) must be 50 4B 01 02, might help a bit in determining the algorithm and the keys. But since it's not simple XORed, I'm afraid this's the best I can do. You should look for the experts for further help.
You do not have the required permissions to view the files attached to this post.