Onigiri Online

[aluigi]

http://aluigi.org/papers/bms/others/onigiri_online.bms

Script for the kxr archives of Onigiri Online.

[Ekey]

Yes local archives do not contain the filenames. They contained in other kxr archive which will downloaded from server while start game.

• cobralaunch.kxr

• pkg.json // <- Filenames

Mega Encryption for kxr. Also seems used for decrypt pnut files

Code: Select all

int oni_decrypt(unsigned int dwOffset, int pBuffer)
{
  unsigned int Offset;
  unsigned int Buffer;
  int dwSize;
  int Size;
  int result;
  int i;
  char Seed;
  unsigned int NextKey;
  int j;

  Offset = dwOffset;
  Buffer = *(DWORD *)pBuffer;
  dwSize = 4 * *(DWORD *)(pBuffer + 8) / 4;
  Size = dwSize + *(DWORD *)pBuffer;
  if ( *(DWORD *)pBuffer < (unsigned int)Size )
  {
    do
    {
      *(DWORD *)Buffer ^= Offset;
      Buffer += 4;
      Offset = ~(unsigned __int8)((Offset ^ (Offset >> 3)) >> 13) & 1 | 2 * Offset;
    }
    while ( Buffer < Size );
  }
  result = *(DWORD *)(pBuffer + 8) - dwSize;
  i = 0;
  if ( result > 0 )
  {
    Seed = 0;
    j = 0;
    do
    {
      NextKey = Offset >> Seed;
      ++i;
      Seed = j + 8;
      *(BYTE *)(i + Buffer - 1) ^= NextKey;
      j += 8;
    }
    while ( i < result );
  }
  return result;
}

Values endian big.

Code: Select all

struct KXRHeader {
 DWORD dwID; // kxrf
 DWORD dwNull; // null
 DWORD dwTableOffset;
 DWORD dwTableSize;
};

   KXRHeader pHeader;
   fread(&pHeader, sizeof(pHeader), 1, fi);
   fseek(fi, pHeader.dwTableOffset, SEEK_SET);

   unsigned char* pBuffer = new unsigned char[pHeader.dwTableSize];
   memset(pBuffer , 0, pHeader.dwTableSize);
   fread(pBuffer, pHeader.dwTableSize, 1, fi);
   
   oni_decrypt(pHeader.dwOffset, (int)pBuffer);

for kotori.pnut

Code: Select all

   oni_decrypt(0x3716F028u, (int)pBuffer);

[aluigi]

oh come on, that's not fair
I went offline to make the job and when I return online I see you did the same.

Anyway I have updated the post.
The only missing thing is the compression algorithm.
My scanner found nothing already existent in the quickbms compression algorithms.

[Ekey]

Well compressed data featured in this code (see attach). Seems it's zlib.. Maybe modified?

[aluigi]

That algorithm is clearly zlib, but type 0 is different.
Type 0 is more like a rle or something easier than zlib (the first bytes are in clear text like PNG and ggS)

[Ekey]

Ok Luigi. Type 0 it's mean not compressed but encrypted. Algoritm the same

Example:

Archive: snd0-0001.kxr
FileName: /2
Type: 0
FileData Offset: 0001a5cb

Here first DWORD already decrypted because passed cycle 1 times


After full cycle

[aluigi]

How it's possible that I didn't notice it yesterday?! Too much stress
I have updated the script.

I don't know for what reason but the feature of quickbms that autoguesses the extensions doesn't work, I will check the cause later.

*edit*
The cause is a bug in quickbms, the new feature doesn't work if there are paths in the name (the name must end with a dot or '*' to enable the auto-extension feature with filenames).

[Ekey]

Just need rest!

[aluigi]

I have replaced the decryption function written in bms language, with a dumped one.
Now there are no problems with the slowness.

Unfortunately this is the only method to bypass the speed limitations of quickbms

[huehuehue]

is it possible to encrypt it again?

[aluigi]

type 0 files cannot be reimported because they use that custom encryption, you can reimport files only if they use a native compression/encryption supported by quickbms.

[HSReina]

Heyllow everyone, Just released my new unpacker who support Onigiri kxr, pnut files.
http://hsreina.shadosoft-tm.com/
I you check well game files, you should be able to repack the game without the future updatae of my tool.

[aluigi]

It asks username and password.

[Ekey]

It asks username and password.

Same

[HSReina]

Sorry, I've edited the link, it was a preview of the web site.
To Unpack Onigiri files, you must use KGL Unpacker. You'll can use it on some other Cyberstep games.

[Apeiron]

Is there a way to encrypt it again besides re importing?

[Amped]

Sorry, I've edited the link, it was a preview of the web site.
To Unpack Onigiri files, you must use KGL Unpacker. You'll can use it on some other Cyberstep games.

Where can I find KGL Unpacker? And do you think it will work on GetAmped2's .kxr files?

EDIT: I found it on your site. And it does not work on those files.

[aluigi]

I thought that the getamped2.bms script worked, right?
It's valid also for reimporting.

[Amped]

I thought that the getamped2.bms script worked, right?
It's valid also for reimporting.

Yes, yes, the getamped2.bms script works perfectly. I just thought somebody had an unpacker that could properly view the files within for a second. My bad.

[huehuehue]

is it possible while extracting , it use the name inside the cobralaunch.kxr>pkg.json?