use http://aluigi.altervista.org/papers/bms/unity.bms the script doesn't working
Samples:
http://www66.zippyshare.com/v/36LNEYR4/file.html
thx!
Tale of Wuxia(resources.assets)
-
aluigi
- Site Admin
- Posts: 12984
- Joined: Wed Jul 30, 2014 9:32 pm
Re: Tale of Wuxia(resources.assets)
Encrypted.
Try to use signsrch on the game exe and probably it's an algorithm like tea or blowfish.
Try to use signsrch on the game exe and probably it's an algorithm like tea or blowfish.
-
Savage
- Posts: 176
- Joined: Thu Oct 02, 2014 4:58 pm
Re: Tale of Wuxia(resources.assets)
This is what signsrch detected
- open file "wuxia.exe"
- 11631104 bytes allocated
- load signatures
- open file c:\Program Files (x86)\Tale of Wuxia\signsrch.sig
- 3069 signatures in the database
- WARNING:
the file loaded in memory is very big so the scanning may take many time
- start 4 threads
- start signatures scanning:
offset num description [bits.endian.size]
--------------------------------------------
0041700c 1018 MD5 digest [32.le.272&]
0041702a 2053 RIPEMD-128 InitState [32.le.16&]
00526978 1036 SHA1 / SHA0 / RIPEMD-160 initialization [32.le.20&]
00589b26 1299 classical random incrementer 0x343FD 0x269EC3 [32.le.8&]
0062ce40 954 DES SPR SPtrans [32.le.2048]
00638544 876 SHA256 Initial hash value H (0x6a09e667UL) [32.le.32&]
00650140 874 SHA256 Hash constant words K (0x428a2f98) [32.le.256]
00650c00 878 Hash constant words K for SHA-384 and SHA-512 [64.le.640]
00658640 937 camellia [32.le.48&]
0065ab00 894 AES Rijndael S / ARIA S1 [..256]
0065af00 915 Rijndael rcon [32.be.40]
0065c180 895 AES Rijndael Si / ARIA X1 [..256]
00679b80 1051 Whirlpool rc [64.be.80]
006fd609 2249 TEA1_DS [32.le.4]
007eef69 948 DES [32.le.20&]
00854d96 3048 DMC compression [32.le.16&]
0089b7c0 681 CRC-32C (Castagnoli) [crc32.0x1edc6f41 le rev int_min.1024]
0089b7c0 688 CRC-32C (Castagnoli) [crc32.0x82f63b78 lenorev 1.1024]
008ce994 2600 LZMA compression [..24]
008d3c11 1038 padding used in hashing algorithms (0x80 0 ... 0) [..64]
0092d670 871 ACSS reverse sbox [..256]
0092d670 1963 FFT and FHT routines rv_tbl [..128]
0092fc10 2875 libavcodec ff_mjpeg_val_ac_luminance [..162]
0092fcc8 2876 libavcodec ff_mjpeg_val_ac_chrominance [..162]
0092fedd 2417 MBC2 [32.le.248&]
0092fee0 2418 MBC2 [32.be.248&]
0092ffc0 1115 Jpeg dct 14 bit aanscales [16.le.128]
00930b28 648 CRC-32-IEEE 802.3 [crc32.0xedb88320 lenorev 1.1024]
00930b28 641 CRC-32-IEEE 802.3 [crc32.0x04c11db7 le rev int_min.1024]
00930f28 129 Adler CRC32 (0x191b3141) [32.le.1024]
00931328 131 Adler CRC32 (0x01c26a37) [32.le.1024]
00931728 133 Adler CRC32 (0xb8bc6765) [32.le.1024]
00931b28 652 CRC-32-IEEE 802.3 [crc32.0xedb88320 benorev 1.1024]
00931b28 645 CRC-32-IEEE 802.3 [crc32.0x04c11db7 be rev int_min.1024]
00931f28 130 Adler CRC32 (0x191b3141) [32.be.1024]
00932328 132 Adler CRC32 (0x01c26a37) [32.be.1024]
00932728 134 Adler CRC32 (0xb8bc6765) [32.be.1024]
00932cb8 2289 zinflate_lengthStarts [16.le.58]
00932d38 2296 zinflate_distanceStarts [16.le.60]
00932db8 2294 zinflate_lengthExtraBits [32.le.116]
00932e40 2303 zinflate_distanceExtraBits [32.le.120]
00933400 1086 Zlib dist_code [..512]
00933600 1087 Zlib length_code [..256]
00933700 1089 Zlib base_length [32.le.116]
00933778 1091 Zlib base_dist [32.le.120]
009496b8 1996 rfc3548 Base 64 Encoding with URL and Filename Safe Alphabet [..62]
009496b8 2005 B64EncodeTable [..64]
009599e0 639 CRC-32-IEEE 802.3 [crc32.0x04c11db7 lenorev int_min.1024]
009599e0 650 CRC-32-IEEE 802.3 [crc32.0xedb88320 le rev 1.1024]
0095a3c0 3038 unlzx table_three [32.le.64]
0095a3c0 1605 Generic bitmask table [32.le.128]
0095a3c4 2588 bitmask [32.le.128]
0095a434 3051 compression algorithm seen in the game DreamKiller [32.be.12&]
0095a437 3050 compression algorithm seen in the game DreamKiller [32.le.12&]
0095d2d0 1933 Vorbis FLOOR1_fromdB_LOOKUP [float.le.1024]
0097c0f8 839 ADPCM index table (step variation) [32.le.64]
0097c138 841 ima_adpcm step table [16.le.178]
0097e130 950 DES odd_parity [..256]
0097e250 951 DES semi weak keys [..96]
0097e2b0 952 DES skb [32.le.2048]
0097e330 2229 DES2_DS [32.le.128]
00990a98 971 EC curve _EC_NIST_PRIME_192_SEED [..20]
00990b50 972 EC curve _EC_NIST_PRIME_224_SEED [..20]
00990c20 973 EC curve _EC_NIST_PRIME_384_SEED [..20]
00990d68 974 EC curve _EC_NIST_PRIME_521_SEED [..20]
00990f18 975 EC curve _EC_X9_62_PRIME_192V2_SEED [..20]
00990fd0 976 EC curve _EC_X9_62_PRIME_192V3_SEED [..20]
00991088 977 EC curve _EC_X9_62_PRIME_239V1_SEED [..20]
00991160 978 EC curve _EC_X9_62_PRIME_239V2_SEED [..20]
00991238 979 EC curve _EC_X9_62_PRIME_239V3_SEED [..20]
00991310 980 EC curve _EC_X9_62_PRIME_256V1_SEED [..20]
009913f8 981 EC curve _EC_SECG_PRIME_112R1_SEED [..20]
00991470 982 EC curve _EC_SECG_PRIME_112R2_SEED [..20]
009914e8 983 EC curve _EC_SECG_PRIME_128R1_SEED [..20]
00991570 984 EC curve _EC_SECG_PRIME_128R2_SEED [..20]
00991688 985 EC curve _EC_SECG_PRIME_160R1_SEED [..20]
00991730 986 EC curve _EC_SECG_PRIME_160R2_SEED [..20]
00991bc0 987 EC curve _EC_SECG_CHAR2_113R1_SEED [..20]
00991c40 988 EC curve _EC_SECG_CHAR2_113R2_SEED [..20]
00991cc0 989 EC curve _EC_SECG_CHAR2_131R1_SEED [..20]
00991d50 990 EC curve _EC_SECG_CHAR2_131R2_SEED [..20]
00991f90 993 EC curve _EC_SECG_CHAR2_193R1_SEED [..20]
00992050 994 EC curve _EC_SECG_CHAR2_193R2_SEED [..20]
009921d8 995 EC curve _EC_NIST_CHAR2_233B_SEED [..20]
00992460 996 EC curve _EC_NIST_CHAR2_283B_SEED [..20]
009926a8 997 EC curve _EC_NIST_CHAR2_409B_SEED [..20]
009929c8 998 EC curve _EC_NIST_CHAR2_571B_SEED [..20]
00992ba0 999 EC curve _EC_X9_62_CHAR2_163V1_SEED [..20]
00992c48 1000 EC curve _EC_X9_62_CHAR2_163V2_SEED [..20]
00992cf0 1001 EC curve _EC_X9_62_CHAR2_163V3_SEED [..20]
00992e38 1002 EC curve _EC_X9_62_CHAR2_191V1_SEED [..20]
00992ef0 1003 EC curve _EC_X9_62_CHAR2_191V2_SEED [..20]
00992fa8 1004 EC curve _EC_X9_62_CHAR2_191V3_SEED [..20]
00993118 1005 EC curve _EC_X9_62_CHAR2_239V1_SEED [..20]
009931f0 1006 EC curve _EC_X9_62_CHAR2_239V2_SEED [..20]
009932c8 1007 EC curve _EC_X9_62_CHAR2_239V3_SEED [..20]
00993588 1008 EC curve _EC_X9_62_CHAR2_359V1_SEED [..20]
009984e8 1009 ASCII to BIN table [..128]
00999220 2121 CAST128 / CAST256 sbox1 [32.le.1024]
00999220 2333 CAST_S [32.le.8192]
00999620 2123 CAST128 / CAST256 sbox2 [32.le.1024]
00999a20 2125 CAST128 / CAST256 sbox3 [32.le.1024]
00999e20 2127 CAST128 / CAST256 sbox4 [32.le.1024]
0099a220 2113 CAST128 sbox5 [32.le.1024]
0099a620 2115 CAST128 sbox6 [32.le.1024]
0099aa20 2117 CAST128 sbox7 [32.le.1024]
0099ae20 2119 CAST128 sbox8 [32.le.1024]
0099b250 2065 Haval init [32.le.32&]
0099b250 919 Blowfish bfp table [32.le.72]
0099b270 1054 Haval hash pass2 [32.le.128&]
0099b298 921 Blowfish ks0 table [32.le.1024]
0099b298 2335 Blowfish_s_init [32.le.4096]
0099b2f0 2067 Haval mc3 [32.le.128]
0099b350 2219 HAVAL2_DS [32.le.32]
0099b370 2069 Haval mc4 [32.le.128]
0099b3d0 2217 HAVAL1_DS [32.le.32]
0099b3f0 2071 Haval mc5 [32.le.128]
0099b698 923 Blowfish ks1 table [32.le.1024]
0099ba98 925 Blowfish ks2 table [32.le.1024]
0099be98 927 Blowfish ks3 table [32.le.1024]
0099c2c0 1021 RC2 skey key_table [..256]
0099c3c0 2152 seed_SS0 [32.le.1024]
0099c7c0 2154 seed_SS1 [32.le.1024]
0099cbc0 2156 seed_SS2 [32.le.1024]
0099cfc0 2158 seed_SS3 [32.le.1024]
0099dffa 1947 small prime numbers used in libgcrypt [16.le.1336]
009a0665 2079 Generic squared map [32.be.64]
009a0668 2078 Generic squared map [32.le.64]
009a06c0 1049 Whirlpool C0 table [64.be.2048]
009a06c0 2171 WHIRILPOOL_DS [64.be.64]
009b8d20 1563 libavcodec ff_zigzag_direct [..64]
009ba080 1994 power2 table [16.le.30]
009fd610 2545 anti-debug: IsDebuggerPresent [..17]
009fe334 1286 Windows CryptHashData [..14]
009fe35a 1284 Windows CryptCreateHash [..16]
009fe36c 1283 Windows CryptAcquireContext [..21]
009fe46c 1285 Windows CryptImportKey [..15]
00a13af0 892 AES Rijndael Logtable [..256]
00a13bf0 893 AES Rijndael Alogtable [..256]
00a13ef0 897 Rijndael Te0 (0xc66363a5U) [32.be.1024]
00a142f0 899 Rijndael Te1 (0xa5c66363U) [32.be.1024]
00a146f0 901 Rijndael Te2 (0x63a5c663U) [32.be.1024]
00a14af0 903 Rijndael Te3 (0x6363a5c6U) [32.be.1024]
00a14ef0 906 Rijndael Td0 (0x51f4a750U) [32.be.1024]
00a152f0 908 Rijndael Td1 (0x5051f4a7U) [32.be.1024]
00a156f0 910 Rijndael Td2 (0xa75051f4U) [32.be.1024]
00a15af0 912 Rijndael Td3 (0xf4a75051U) [32.be.1024]
00a17009 2414 Noekeon Nessie round [32.be.68]
00a1700c 2413 Noekeon Nessie round [32.le.68]
00a1a248 1801 mp3lib intwinbase [32.le.1028]
00a1b2d0 1800 mp3lib bandInfo [..2592]
00a1bcf0 1766 mp3lib huffman tab1 [16.le.14]
00a1bd00 1768 mp3lib huffman tab2 [16.le.34]
00a1bd24 1770 mp3lib huffman tab3 [16.le.34]
00a1bd48 1772 mp3lib huffman tab5 [16.le.62]
00a1bd88 1774 mp3lib huffman tab6 [16.le.62]
00a1bdc8 1776 mp3lib huffman tab7 [16.le.142]
00a1be58 1778 mp3lib huffman tab8 [16.le.142]
00a1bee8 1780 mp3lib huffman tab9 [16.le.142]
00a1bf78 1782 mp3lib huffman tab10 [16.le.254]
00a1c078 1784 mp3lib huffman tab11 [16.le.254]
00a1c178 1786 mp3lib huffman tab12 [16.le.254]
00a1c278 1788 mp3lib huffman tab13 [16.le.1022]
00a1c678 1790 mp3lib huffman tab15 [16.le.1022]
00a1ca78 1792 mp3lib huffman tab16 [16.le.1022]
00a1ce78 1794 mp3lib huffman tab24 [16.le.1022]
00a1d278 1796 mp3lib huffman tab_c0 [16.le.62]
00a1d2b8 1798 mp3lib huffman tab_c1 [16.le.62]
00a2697c 1039 SSL3 pad 1 and 2 [..96]
- 169 signatures found in the file in 6 seconds