The game is Arena of Valor
This game recently has received big update, and this update makes the game smaller.
And after update, the game now is more complicated.
I have two .xml for example, and one of them is not native xml, i think
The A1-afterupdate.xml will be used for the demonstration.
I guess this xml is not xml as we observe, i put this xml into the hex and here are what I found.
first 4B:22 4A 00 EF ("J/x00/xEF)
next 4B: 02 81 00 00 (02 81 is also the length of A1-beforeupdate.xml in little endian)
4B Zstd: 28 B5 2F FD , Zstd magic number I guess.
A1-beforeupdate.xml is normal at all.
I don't know much about Zstd, hope someone familiar with Zstd can take a look.
Sorry for my bad english.
Need help with zstd
-
aluigi
- Site Admin
- Posts: 12984
- Joined: Wed Jul 30, 2014 9:32 pm
Re: Need help with zstd
It may be possible that the compression uses a custom dictionary.
The Error -32 returned by quickbms is a ZSTD_error_dictionary_wrong indeed (which may be a false positive but I think it's correct).
I'm quite sure that if someone is interested in doing some reverse engineering will take a look at it ("ZSTD_decompress_usingDict", "ZSTD_decompress_usingDDict", "ZSTD_createDDict" are some of the API to search)
The Error -32 returned by quickbms is a ZSTD_error_dictionary_wrong indeed (which may be a false positive but I think it's correct).
I'm quite sure that if someone is interested in doing some reverse engineering will take a look at it ("ZSTD_decompress_usingDict", "ZSTD_decompress_usingDDict", "ZSTD_createDDict" are some of the API to search)
-
zeddvn
- Posts: 2
- Joined: Wed Aug 25, 2021 10:14 am
Re: Need help with zstd
aluigi wrote:It may be possible that the compression uses a custom dictionary.
The Error -32 returned by quickbms is a ZSTD_error_dictionary_wrong indeed (which may be a false positive but I think it's correct).
I'm quite sure that if someone is interested in doing some reverse engineering will take a look at it ("ZSTD_decompress_usingDict", "ZSTD_decompress_usingDDict", "ZSTD_createDDict" are some of the API to search)
Much help from you, thanks a lot!
-
Hoa8888
- Posts: 1
- Joined: Wed Sep 29, 2021 9:43 am
Re: Need help with zstd
Hi Alugi, hi zeddvn,
I have a same problem with zeddvn, but when I see in resource of game, i found a file: bytesDict.bytes, I think it's zstd Dictionary but, it was encrypt with same header "22 4A".
I can't find any information about that header
I have a same problem with zeddvn, but when I see in resource of game, i found a file: bytesDict.bytes, I think it's zstd Dictionary but, it was encrypt with same header "22 4A".
I can't find any information about that header
-
WollieWoltaz
- Posts: 41
- Joined: Mon Dec 04, 2017 5:48 pm
Re: Need help with zstd
Any news on this? Seems that AssetStudio doesn't work with the latest AoV update anymore...
-
aluigi
- Site Admin
- Posts: 12984
- Joined: Wed Jul 30, 2014 9:32 pm
Re: Need help with zstd
@Hoa8888
Still can't decompress the provided xlm sample using the dictionary in bytesDict.bytes, tried taking it from both offset 8 and 0x18 with same result.
I leave here the script I made for the test in case someone else wants to experiment with it:
Still can't decompress the provided xlm sample using the dictionary in bytesDict.bytes, tried taking it from both offset 8 and 0x18 with same result.
I leave here the script I made for the test in case someone else wants to experiment with it:
Code: Select all
open FDSE "bytesDict.bytes" 1
get DUMMY long 1 # 22 4a
get SIZE long 1
#getdstring DUMMY 16 1
getdstring DICT SIZE 1
comtype zstd DICT SIZE
get DUMMY long # 22 4a
get SIZE long
savepos OFFSET
get ZSIZE asize
math ZSIZE - OFFSET
clog "dump.dat" OFFSET ZSIZE SIZE-
nix132
- Posts: 4
- Joined: Fri Feb 18, 2022 6:05 pm
Re: Need help with zstd
anyone got a solution for this?
-
h3x4n1um
- Posts: 2
- Joined: Sun Jun 26, 2022 2:23 pm
Re: Need help with zstd
I code a tool for compress and decompress this but you need to recheck the output when using compress option 
https://github.com/h3x4n1um/AoV-Zstd
https://github.com/h3x4n1um/AoV-Zstd