Destiny 2 PKG

[Sir Kane]

It's AES-GCM with one of two static 128 bit keys (a flag in the block table entry indicates which to use). The 12 byte nonce is initialized using some static data, then modified with package ID and a constant that matches the pkg version or whatever it is. The authentication tag is the last 16 bytes in the block table entry.

I've managed to decrypt and decompress some data earlier and just need to make a usable tool.

Attached the source for a simple extraction tool with the keys and nonce stripped.

[Ginsor]

It's AES-GCM with one of two static 128 bit keys (a flag in the block table entry indicates which to use). The 12 byte nonce is initialized using some static data, then modified with package ID and a constant that matches the pkg version or whatever it is. The authentication tag is the last 16 bytes in the block table entry.

I've managed to decrypt and decompress some data earlier and just need to make a usable tool.

Attached the source for a simple extraction tool with the keys and nonce stripped.

works like a charm! honestly, that is great work on how quick you managed find out how the decryption works.
now i assume a specific amount of files will add up to one "real" file? like if i extracted 10 files with 1kb each they would have to be merged in order to be complete?

[toxic72]

It's AES-GCM with one of two static 128 bit keys (a flag in the block table entry indicates which to use). The 12 byte nonce is initialized using some static data, then modified with package ID and a constant that matches the pkg version or whatever it is. The authentication tag is the last 16 bytes in the block table entry.

I've managed to decrypt and decompress some data earlier and just need to make a usable tool.

Attached the source for a simple extraction tool with the keys and nonce stripped.

works like a charm! honestly, that is great work on how quick you managed find out how the decryption works.
now i assume a specific amount of files will add up to one "real" file? like if i extracted 10 files with 1kb each they would have to be merged in order to be complete?

No, the way the game works is all of the entry data is concatenated into blocks. Those blocks were encrypted / compressed (Encryption = AES, Decompress = Oodle). The entry table points to entries within the final decompressed block buffer, so, all of the entries you see are single file entries for each package file. Pretty simple format, pretty similar to Destiny 1's package format.

[sanktanglia]

What sort of data is available in the decrypted chunks? is there anything like item/ability/etc data or is it all just assets? and any hints on where to look for the nonce?

[apollon08170]

Hello ,

I'm not a developer, i have try to attached the file with VisualStudio to some extractor program.
But no success, sorry in advance for the noob question... I'm a beginner.
I do not know how to run this tool , Can you help me with a little tutorial please.

Best Regards

[aluigi]

I can try to write a quickbms script if someone can provide the aes keys and the nonce

[aluigi]

I leave my converted script here:
http://aluigi.org/bms/destiny2.bms

Obviously it has NOT been tested and it's probably wrong, in fact many files are just 1 byte and only the 24% of the decompressed filesystem is parsed, tested with one of the provided samples (with decryption disabled obviously).
I guess there is a problem in how the bitfields of the entries are read but the offsets/next_offsets and the sizes match, feel free to check and fix it.

[Extreme110]

Preloading for the retail version went live today. I can launch the executable and arrive at the loadscreen. Not sure how to grab the AES/Nonce keys so I'd appreciate a bit of help there.

[apollon08170]

+1 =)

[ardvent]

It's AES-GCM with one of two static 128 bit keys (a flag in the block table entry indicates which to use). The 12 byte nonce is initialized using some static data, then modified with package ID and a constant that matches the pkg version or whatever it is. The authentication tag is the last 16 bytes in the block table entry.

I've managed to decrypt and decompress some data earlier and just need to make a usable tool.

Attached the source for a simple extraction tool with the keys and nonce stripped.

This is SO HELPFUL!
I'm working on the oo2core_3_win64.dll trying to create a process dump with tagging to pull out the keys.
Any way you wouldn't mind PMing the keys to add into the code?

GL ALL

[ardvent]

Untested: Destiny2ools looks like it can extract files from memory during play
https://github.com/Ernegien/Destiny2ools

[Sir Kane]

I just checked, the beta keys/nonce init values don't work anymore.

[Ginsor]

I just checked, the beta keys/nonce init values don't work anymore.

hmm for most of the packages it still works for me. just for some (especially the smaller sized ones) it cant read the entry block data.

[ardvent]

I just checked, the beta keys/nonce init values don't work anymore.

Could you PM me your beta keys so I can cross check the decompiled beta exe to my decompiled retail for the new keys/nonce?

[ardvent]

I leave my converted script here:
http://aluigi.org/bms/destiny2.bms

Obviously it has NOT been tested and it's probably wrong, in fact many files are just 1 byte and only the 24% of the decompressed filesystem is parsed, tested with one of the provided samples (with decryption disabled obviously).
I guess there is a problem in how the bitfields of the entries are read but the offsets/next_offsets and the sizes match, feel free to check and fix it.

Still a WIP but I've been pulling AES Keys from Destiny2.exe out of memory at kernel mode.

Destiny 2 Beta:
[000000E44DBEE3C0] AES-256 decryption key: c7edbcad64907d8372d20872e011efe6b4163a5196f5c4f7fe2f68e78097a1a0

Destiny 2 Retail:
[000001D40800B220] AES-256 decryption key: 7a7a2230aae9fa491356143cf0de95c819d21106ff8a010de2f600eaf241cffa
[000001D4FF084060] AES-256 decryption key: c465a7db48eea10f5d38993505cb60d20fa106f7c78529fc6b0034f0eaa07093

[Darpow]

Following this post with intrigue.
Just installed my copy of Destiny 2 on PC, and ready to grab that awesome music from it

There is a guy on the destiny reddit that appears to have datamined it already 'TheEcumene' - https://www.reddit.com/r/DestinyTheGame ... _spoilers/
Maybe they can help?

[Nik Burnt]

Can someone provide info about keys and nounce or how to obtain them?
Thank You!

[Sir Kane]

I was wrong about the keys/nonce having changed, they turned out to be the same as beta. The code just needed to deal with patch archives.

The files reference other files via a package ID and entry index packed into an uint32_t:

Code: Select all

EntryID = (handle & 0x1FFF)
PkgID = (handle >> 13) & 0x3FF

Here's an example:

Code: Select all

0x80A02446 & 0x1FFF = 0x446 (1094)
(0x80A02446 >> 13) & 0x1FF = 0x101

The localized text is obfuscated using a simple additive cipher.

I attached the updated code that works with the release version of the game.

[bobross]

I'm very interested in these files. If anyone could help me understand how to find the keys/nonce I would greatly appreciate it.

[zaramot]

Yes, I'm also very interested in destinty 2. Does anyone was acrually able to extract 3d models/textures? If someone could explain how to extract files from .pkg or could provide some samples of 3d model files, that would be great! Thank you