XML videos decrypt help

raykingnihong · Post by **raykingnihong** » Sun Dec 28, 2014 7:29 pm

This is an encrypted XML files and guessing is FLV or SWF files. How to decrypt, ask God to help here is a sample file https://onedrive.live.com/redir?resid=6 ... file%2cxml

aluigi · Post by **aluigi** » Sun Dec 28, 2014 8:46 pm

The file is simply xored with 0x05.
You can use my xor tool or the following script:

Code: Select all

get NAME basename
get SIZE asize
get XOR_VALUE byte
savepos OFFSET
math SIZE -= OFFSET
filexor XOR_VALUE
getdstring EXT 3
string NAME += "."
string NAME += EXT
log NAME OFFSET SIZE

*script updated to work with any file*

raykingnihong · Post by **raykingnihong** » Mon Dec 29, 2014 6:39 am

aluigi wrote:The file is simply xored with 0x05.
You can use my xor tool or the following script:
Code: Select all
get NAME basename
string NAME += ".flv"
get SIZE asize
filexor 0x05
log NAME 0 SIZE

My good friend, thank you very much for your help, I am testing the script and FLV files are extracted. But that doesn't play FLV video files, FLV video I compared the other seems different here are sample https://onedrive.live.com/redir?resid=6 ... =folder%2c

aluigi · Post by **aluigi** » Mon Dec 29, 2014 8:36 am

Probably they are modified to avoid playback but the xoring is correct.

raykingnihong · Post by **raykingnihong** » Tue Dec 30, 2014 5:25 am

Thank you, my friends, thank you for your help

MerlinSVK · Post by **MerlinSVK** » Tue Dec 30, 2014 11:22 am

That FLV is playable. Just delete first 0x00 byte.

aluigi · Post by **aluigi** » Tue Dec 30, 2014 12:03 pm

Well done, I have updated the script accordingly

ZenHAX

XML videos decrypt help

XML videos decrypt help

Re: XML videos decrypt help

Re: XML videos decrypt help

Re: XML videos decrypt help

Re: XML videos decrypt help

Re: XML videos decrypt help

Re: XML videos decrypt help