Project EGG EGGDATA file encryption

[einstein95]

Attached is an EXE for one of the Project EGG emulations. The resources in 1041\EGGDATA\ are encrypted using the same encryption (it seems) as the game saves and config files. The DATA file should contain the GoodNES rom file "Family Quiz - 4-nin wa Rival (J) [!].nes" (although not under that name, obviously).

[aluigi]

http://aluigi.org/papers/bms/others/project_egg.bms

[einstein95]

Nice, works perfectly! Some don't seem to use the same EXE layout though. I've attached one to get your verdict.

ETA: Doesn't even use the EGGDATA format, everything is in the BINARY folder instead. Encrypted files don't have a standard header.


EDIT: I've also replaced the "if TYPE == "END"" block with this code as DATA files with a large amount of files split the file table into pieces. If you can think of a better way of doing this, please tell me.

Code: Select all

        if TYPE == "END"
            break
        elif TYPE == "NEXT"
            get OFFSET long MEMORY_FILE
            math OFFSET * CHUNK_SIZE
            goto OFFSET MEMORY_FILE
            getdstring TYPE 4 MEMORY_FILE
        endif

[aluigi]

I have updated the script to version 0.2 for supporting this new method.
I don't know regarding "NEXT" because I have no samples with that

[einstein95]

Ah, here's one with NEXT.

[aluigi]

Perfect, script updated to version 0.2.1

[einstein95]

I love it!
Here's one where ECOM4001A extracts fine, but ECOM4001B gives this error:

Code: Select all

  offset   filesize   filename
--------------------------------------
- SCRIPT's MESSAGE:
  RVA 0x004bda00

  00000000 512        ECOM4001b.config

Error: [myfseek] the offset 0x89cde100 in the file -1 can't be reached

Last script line before the error or that produced the error:
  184 goto OFFSET MEMORY_FILE

It seems like it's identical to ECOM4001A except that the FM is disabled in the config.

[aluigi]

Needed a toupper on the EXE_NAME.
Released version 0.2.1a

[einstein95]

Now got an older version which uses a different encryption (ECOM0017). Also attached a couple more which may follow the same encryption. Ys1.exe comes from the Ys Collection, and doesn't seem to be based on what the executable is named. ECOM3002.exe is the English translation of Aleste 2.

[aluigi]

Unfortunately all the files use different encryptions or some modifications, so I will drop support for them.
I have updated the script to version 0.2.2 just to fix some things but there will be no other versions for every new exe.

[einstein95]

Ok, fair enough. Thanks anyway!

[mahoho]

Hello,

I appreciate your work and I understand if you do not want to add support yourself for all the kinds of encryption used in EGG archives, but I would like to support older releases. These archives are interesting from a preservation standpoint, because clean disk images for the systems supported by Project EGG are hard to come by, and having multiple independent dumps is very helpful for verifying quality.

I don't mind helping out or doing it myself if I can, but I do not have any experience with this kind of work. If you could at least provide the earlier version of the script that had partial support for decrypting in method 2 (as far as I understand), that would be nice to have.

I can confirm that recent releases still work using the current version of the script, so at least for now there is no concern with new releases having compatibility issues. Older archives (the newest I have that does not work is from 2012) that do not use the EGGDATA format are not compatible and extract to unreadable DATs. Attached are a few extra samples if anyone would like a shot at figuring them out.

The BGT is an exception, it is a newer one but there is an issue with the data extraction as far as I can tell:

00000000 305408 EBGT0001.data2

Error: [myfseek] offset 0x3f165700 in file -1 can't be reached

Last script line before the error or that produced the error:
234 goto OFFSET MEMORY_FILE

The EBS is also different, there is no disk image in there that I can see. Feel free to ignore it. This leaves the BOTs.

Edit: I took a look at the script and this is what I understand based on method 1:
- the base executable name is hashed with MD5
- an XOR is applied to this hash with 0xFF
- this is used as an AES key to decrypt file contents
I tried similar methods and looked into ways to identify compression schemes since it looks to me that the older samples have additional compression on top of that (based on file sizes), but I have not gotten anywhere.

[mahoho]

Since my last message I have tried to reproduce the script manually by extracting the configuration file from an archive that gets processed correctly by the script, but I cannot manage to recover readable text. This is regular EGGDATA. Where is my interpretation wrong?
To reiterate, at least for the first chunk:

1. Extract the CONFIG file (I just used 7-Zip)
2. MD5 hash the executable base name (i.e. EXXX0000 pattern)
3. XOR the result with 0xFF
4. Set this as AES key to decrypt a 0x100 chunk of data offset by 0x20 (EGGDATA header)

I don't think that the extra operations in DUMP are relevant for the first chunk, but after trying to implement those as well I still did not get any readable result.

I gave it a few tries in CyberChef and got nothing useful, so I guess I am reading the script wrong; if the author could correct me and ideally describe the process for all current methods that would be very helpful.

[aluigi]

Sorry if I didn't give a reply before but the script is long and complex so returning on it (even if just for checking what it does) would waste lot of my time.