Hey there. I am leaving here samples which i can't recognize. Already tried comtype_scan2 but with no good results.
I think they are xored or something. Maybe with 0x89. They are from xbox game.
Thank you for anything!
xbox data
-
grandshot
- Posts: 42
- Joined: Mon Jun 07, 2021 8:20 pm
Re: xbox data
Its compressed by custom algo. Only way is find the decompress function in xex\xbe executable and trying to implement on C++ or other prefer lang.
-
h3x3r
- Posts: 165
- Joined: Wed Jun 01, 2016 5:53 pm
Re: xbox data
Well... Tried IDA Pro but can't find anything useful or related to compression/decompression. But most likely because of lacking knowledge...
This is from xbe tool:
Game: Black from Criterion running on their RenderWare. Really don't know why they compress info about materials at static models. Dynamic models have material names fine. No compression over it.
Also if it somehow helps...
Attached xbe from game. Just in case someone could look at it. Thanks grandshot for tip!
This is from xbe tool:
Code: Select all
XBE Header Details
----------------------------------
(d:\alienbrainwork\CG2Game\Code\xbox\unity external\Black.exe)
** Image header size is unusual!
Base Addr: 0x00010000 65536
Size of Image: 0x00577A60 5732960
Number of Sections: 0x0000000D 13
Initialization Flags: 0x00000005 5
(Mount utility Drive)
(Limit memory to 64MB)
Entry Point Address: 0xA8FE0D94 2835221908
Entry Point Real: 0x00015A3F 88639
Original Base Address: 0x00010BE0 68576
Original Size of Image: 0x00596480 5858432
Original Checksum: 0x005A45B8 5916088
Certificate Details
----------------------------------
Black
** Certificate size is unusual!
Certificate Size: 0x000001EC (492 bytes)
Title ID: 0x45410083 (EA-00131)
Allowed Media: 0x00000202 (unknown)
Game Region: 0x00000004 (Rest of the World)
Game Rating: 0x00000000 (All)
Disk Number: 0x00000000 (0)
Version: 0x00000001 (1)
LAN Key: CA628AA259E05BC5DAB94725EE1C5ED5
Signature Key: 87D30D70E361DD1C517B588E0118C3E0
Alt Signature Key: C1D334D71CE6BB046128808E8DD99C60
Alt Signature Key: 5300780073005C00000000004EEF261A
Alt Signature Key: 34006300630066003100640066002200
Alt Signature Key: 74002E00570069006E0064006F007700
Alt Signature Key: 43003A005C00570049004E0044004F00
Alt Signature Key: 65007300740000007800380036005F00
Alt Signature Key: 34003100340034006300630066003100
Alt Signature Key: 310039003000340031002E0032003200
Alt Signature Key: 630072006F0073006F00660074002E00
Alt Signature Key: 72004100720063006800690074006500
Library Version Details
----------------------------------
XAPILIB 1.0.5849.1 0x40
DSOUND 1.0.5849.11 0x40
XBOXKRNL 1.0.5849.1 0x40
XMV 1.0.5849.1 0x40
LIBCMT 1.0.5849.1 0x40
LIBCPMT 1.0.5849.1 0x40
D3D8LTCG 1.0.5849.15 0x40
XGRAPHCL 1.0.5849.9 0x40
Thread Local Storage Details
----------------------------------
Raw Data Start Address: 0x00000000 0
Raw Data End Address: 0x00000000 0
TLS Index Address: 0x002B2818 2828312
TLS Callbacks Address: 0x00000000 0
Size of Zero Fill: 0x00000090 144
Characteristics: 0x00000000 0
Section Details
----------------------------------
Section 1: (.text)
Virtual Address: 0x00011000 69632
Virtual Size: 0x00206FDC 2125788
Raw Data Address: 0x00001000 4096
Raw Data Size: 0x00206FDC 2125788
Flags: 0x00000016 22
(Pre-Load) (Executable) (Head page read-only)
Section 2: (DSOUND)
Virtual Address: 0x00217FE0 2195424
Virtual Size: 0x0000CEF4 52980
Raw Data Address: 0x00208000 2129920
Raw Data Size: 0x0000CC84 52356
Flags: 0x00000007 7
(Writeable) (Pre-Load) (Executable)
Section 3: (WMADEC)
Virtual Address: 0x00224EE0 2248416
Virtual Size: 0x00019C6C 105580
Raw Data Address: 0x00215000 2183168
Raw Data Size: 0x00019C6C 105580
Flags: 0x00000007 7
(Writeable) (Pre-Load) (Executable)
Section 4: (XMV)
Virtual Address: 0x0023EB60 2354016
Virtual Size: 0x00027D34 163124
Raw Data Address: 0x0022F000 2289664
Raw Data Size: 0x00027D24 163108
Flags: 0x00000007 7
(Writeable) (Pre-Load) (Executable)
Section 5: (XGRPH)
Virtual Address: 0x002668A0 2517152
Virtual Size: 0x00001FFC 8188
Raw Data Address: 0x00257000 2453504
Raw Data Size: 0x00001FFC 8188
Flags: 0x00000007 7
(Writeable) (Pre-Load) (Executable)
Section 6: (D3D)
Virtual Address: 0x002688A0 2525344
Virtual Size: 0x00014688 83592
Raw Data Address: 0x00259000 2461696
Raw Data Size: 0x00010DBC 69052
Flags: 0x00000007 7
(Writeable) (Pre-Load) (Executable)
Section 7: (XPP)
Virtual Address: 0x0027CF40 2608960
Virtual Size: 0x000060B8 24760
Raw Data Address: 0x0026A000 2531328
Raw Data Size: 0x000060B8 24760
Flags: 0x00000007 7
(Writeable) (Pre-Load) (Executable)
Section 8: (.rdata)
Virtual Address: 0x00283000 2633728
Virtual Size: 0x000134E8 79080
Raw Data Address: 0x00271000 2560000
Raw Data Size: 0x000134D8 79064
Flags: 0x00000016 22
(Pre-Load) (Executable) (Head page read-only)
Section 9: (.data)
Virtual Address: 0x00296500 2712832
Virtual Size: 0x002E65B8 3040696
Raw Data Address: 0x00285000 2641920
Raw Data Size: 0x0001C250 115280
Flags: 0x00000007 7
(Writeable) (Pre-Load) (Executable)
Section 10: (DOLBY)
Virtual Address: 0x0057CAC0 5753536
Virtual Size: 0x00007180 29056
Raw Data Address: 0x002A2000 2760704
Raw Data Size: 0x0000716C 29036
Flags: 0x00000026 38
(Pre-Load) (Executable) (Tail page read-only)
Section 11: ($$XTIMAG)
Virtual Address: 0x00583C40 5782592
Virtual Size: 0x00002800 10240
Raw Data Address: 0x002AA000 2793472
Raw Data Size: 0x00002800 10240
Flags: 0x00000038 56
(Inserted) (Head page read-only) (Tail page read-only)
Section 12: ($$XSIMAG)
Virtual Address: 0x00586440 5792832
Virtual Size: 0x00001000 4096
Raw Data Address: 0x002AD000 2805760
Raw Data Size: 0x00001000 4096
Flags: 0x00000038 56
(Inserted) (Head page read-only) (Tail page read-only)
Section 13: (.XTLID)
Virtual Address: 0x00587440 5796928
Virtual Size: 0x00000608 1544
Raw Data Address: 0x002AE000 2809856
Raw Data Size: 0x00000608 1544
Flags: 0x00000038 56
(Inserted) (Head page read-only) (Tail page read-only)Also if it somehow helps...
Attached xbe from game. Just in case someone could look at it. Thanks grandshot for tip!