Mass Effect Andromeda

[weiyun]

yes audio in general, sfx and dialogue

Using warrantyvoider's tools? Or is there some other way to extract the music?

The music and sound info is stored in ebx, it's a serialized object, the SoundWaveAsset class has fields for Chunks, which stores chunkid and name. Those chunkid points to the actual data. There are also information for RuntimeVariation and Segments, points to the sample offset into chunks.
The chunk file can be decoded into mp3 using ealayer3 tool
https://bitbucket.org/Zenchreal/ealayer3/downloads/

I managed to rip the main theme as it only have one RuntimeVariation.

https://mega.nz/#!9MsnCZxJ!fOLJJgXx8VSZ ... QzyDcWsNhk

[OClear]

I added a log function for you, so you can find out at what point it crashes, also tested it with a reduced set of files and folders and no idea what your problem could be. do you use win10? also, yes, you can use decompressed files, but you have to keep the footer and destroy the signature (change a byte or so)

I think it's crashing on toc files that have been previously decrypted.

Code: Select all

Loading FS...
Selected path = C:\MEA\MassEffectAndromeda_fake.exe
Loading TOC files...
 Loading Data\Win32\ambsibling.toc      -> encrypted
 Loading Data\Win32\anchorchannels.toc      -> decrypted
ERROR: Non-negative number required.
Parameter name: count
Stacktrace:    at System.IO.MemoryStream.Write(Byte[] buffer, Int32 offset, Int32 count)
   at MEAExplorerWV.TOC..ctor(Byte[] data)
   at MEAExplorerWV.FS.TOCEntry..ctor(String path, String display, Byte[] input)
   at MEAExplorerWV.FS.LoadTOCFile(String path, String display)
   at MEAExplorerWV.Form1.LoadFS()

I deleted anchorchannels.toc, and it started working. That was the only decrypted toc in my folder.
Not sure how that file got decrypted by itself. Thanks for the help!

btw, anchorchannels.toc looks like a proper decrypted toc file. No signature on the end.

I used the program, MEATOCDecrypt, posted in this thread to decrypt them. Can you use it to decrypt only one toc file, and see what happens?

[warrantyvoider]

btw, anchorchannels.toc looks like a proper decrypted toc file. No signature on the end.

well so I guess also no footer, that was your problem I guess (see the format description screenshot with the colored rectangles a few pages back)

in other news, im rewriting my texture code to be more flexible. im not even taking dx10 textures into account yet (will add for those formatIds where its needed), but made me some helper functions to generate the header, flags and pixelformat details as simple parameters, and I "just" need to figure out the correct ones for all used formats...

https://pastebin.com/wrD9PEpH

I currently dont have the time to test all the formats, maybe someone who uses those texture librarys, could produce a valid dds for each format, post it and I can simply look the settings from the header up (otherwise I will have to do this later on myself, I just dont want to include those huge librarys for such a simple settings job) so code prepared, but I move on to import next, as I know you translation guys are waiting for the talktables now, if I import a texture or a talktable, is no difference from the engines view, its just easier to test on textures if the import worked, thats why I made this small detour first.

greetz WV

[crackedmind]

What about first 512 bytes of toc files, signature and the bytes at the end of the file? any ideas?

[crackedmind]

another question.
Did anybody try to load decrypted chunks to MEA? i think we may will *SPAM* up with files/chunks encoding, without private keys we can't do anything with files modifications:(

[peacheslamb]

The music and sound info is stored in ebx, it's a serialized object, the SoundWaveAsset class has fields for Chunks, which stores chunkid and name. Those chunkid points to the actual data. There are also information for RuntimeVariation and Segments, points to the sample offset into chunks.
The chunk file can be decoded into mp3 using ealayer3 tool
https://bitbucket.org/Zenchreal/ealayer3/downloads/

I managed to rip the main theme as it only have one RuntimeVariation.

https://mega.nz/#!9MsnCZxJ!fOLJJgXx8VSZ ... QzyDcWsNhk

Sorry if I'm being a noob, but how do you point ealayer3 to the file? It seems to need a physical file for it to decode. Your method uses chunks instead, but how do I get the chunk file? If it wouldn't be too much of a hassle, could you post a short tutorial on how to do this? Thanks

[orangec]

How do i actually load the file structure data in MEAExplorerWV if the file system file is removed to load the exe? I have the tool in the main directory but nothing is loading.

EDIT: nvm figured it out.

[warrantyvoider]

added a function to load&save the current structure loaded into VFS, so you dont have to refind it in the tocs all the time (you still need to load FS tho)


greetz WV

[Devisaur]

btw, anchorchannels.toc looks like a proper decrypted toc file. No signature on the end.

well so I guess also no footer, that was your problem I guess (see the format description screenshot with the colored rectangles a few pages back)

in other news, im rewriting my texture code to be more flexible. im not even taking dx10 textures into account yet (will add for those formatIds where its needed), but made me some helper functions to generate the header, flags and pixelformat details as simple parameters, and I "just" need to figure out the correct ones for all used formats...

https://pastebin.com/wrD9PEpH

I currently dont have the time to test all the formats, maybe someone who uses those texture librarys, could produce a valid dds for each format, post it and I can simply look the settings from the header up (otherwise I will have to do this later on myself, I just dont want to include those huge librarys for such a simple settings job) so code prepared, but I move on to import next, as I know you translation guys are waiting for the talktables now, if I import a texture or a talktable, is no difference from the engines view, its just easier to test on textures if the import worked, thats why I made this small detour first.

greetz WV

Hehe, yeah there are a few of us waiting on the talktables. But you'll get to it when you get to it. No rush.

[warrantyvoider]

ok, last thing before attempting imports... a plugin system and a search plugin as demo


attached is as usual the release, but this time also the plugin as source code, so coders that cant wait for me, can already make use of the filesystems. I only made a basic interface currently, if you need more functions, let me know.

greetz WV

[griggs111]

We can't wait here in Hungary to start the translation of this game with the help of the talktable!
I'm also a programmer, so if I can help in anything, you just need to ask.

[warrantyvoider]

I know, I know, I keep coding simple import works like this: as everything is found by sha1, you can simply overwrite the entry in the cas.cat file for this sha1 with a pointer to a new cas, f.e. cas_99.cas at offset 0 or whatever. I just have to automate it and test it, before I can write tools like a talktable editor, thats based on it

greetz WV

PS: additional difficulty for language and other "emargoed" stuff: the chunks have to also be encrypted, or maybe I can move them to the unencrypted sha1 list, thats why I said, I need to test this^^
PPS: at some future point I plan to create real patches, because you also have to watch out for stuff that gets overwritten by patch after loading, in that case the patch can be prevented by overwriting the "toPatch"-sha1 with some invalid one, and now the system cant apply the patch anymore and loads the unpatched version (this is a very simplefied explanation, tho, there are also ++,+-,-+ and -- patches to make things more complicated)
PPPS:going to sleep, lets see what I can do tomorrow

[michalss]

I know, I know, I keep coding simple import works like this: as everything is found by sha1, you can simply overwrite the entry in the cas.cat file for this sha1 with a pointer to a new cas, f.e. cas_99.cas at offset 0 or whatever. I just have to automate it and test it, before I can write tools like a talktable editor, thats based on it

greetz WV

PS: additional difficulty for language and other "emargoed" stuff: the chunks have to also be encrypted, or maybe I can move them to the unencrypted sha1 list, thats why I said, I need to test this^^
PPS: at some future point I plan to create real patches, because you also have to watch out for stuff that gets overwritten by patch after loading, in that case the patch can be prevented by overwriting the "toPatch"-sha1 with some invalid one, and now the system cant apply the patch anymore and loads the unpatched version (this is a very simplefied explanation, tho, there are also ++,+-,-+ and -- patches to make things more complicated)
PPPS:going to sleep, lets see what I can do tomorrow

We have try import but problem is with this hash in the 256 bytes header from 8th - 264. If you change anything in the game = crash. Means it is different then DAI..Look like RSA 2048

PKCS#1, "the" RSA standard, describes how a signature should be encoded, and it is a sequence of bytes with big-endian unsigned encoding, always of the size of the modulus. This means that for a 2048-bit modulus, all signatures have length exactly 256 bytes, never more, never less.

Prehaps key is in the exe file. Ekey or Rick can you please have a look

[warrantyvoider]

Have you tried to zero the keys out as dai had? I think engine accepts that too

[michalss]

Have you tried to zero the keys out as dai had? I think engine accepts that too

yes, not work... Not same as dai..

[Rick]

Hook BCryptVerifySignature and make it return true. It's a proper RSA public+private key pair, can't forge signatures. So either replace RSA keys or break signature validation.

[warrantyvoider]

I like breaking things^^ you dont have the pattern by chance, right? (I used RSA on my tor servers, I know you cant break the key, but as you said, surely the implementation^^)

[Rick]

I like breaking things^^ you dont have the pattern by chance, right? (I used RSA on my tor servers, I know you cant break the key, but as you said, surely the implementation^^)

It's an import...

https://msdn.microsoft.com/en-us/library/windows/desktop/aa375515(v=vs.85).aspx

[warrantyvoider]

Dang, noticed too late. Nvm

[michalss]

Hook BCryptVerifySignature and make it return true. It's a proper RSA public+private key pair, can't forge signatures. So either replace RSA keys or break signature validation.

Hmm thx Rick is there any chance to find key for us pls ? It is above my knowledge to be honest..