New XXtea version

[pravda]

Hi all,

I tried to decrypt text asset from cocos2d game : https://apkpure.com/fr/word-swipe/com.wordgame.puzzle.block.crush

I found the key using IDA pro ( 4da84b0a-727f-4a ) but when add it to the existing bms script ( word charm ) it failed for some reason.

the new encrypted file does not contain the regular xxtea header , file here : https://ufile.io/ishru.

Any help will be really appreciated.

Regards.

[hackspeedok]

Hi pravda, can you guide me how to decrypt some normal XXtea encryption on Cocos2d games ? Thanks

[pravda]

The commun fonction is AppDelegate::applicationDidFinishLaunching(), you can found the XXtea key here. It can be visible or encrypted.

It's better to open new topic and put the name of the game i will help you if i can

[hackspeedok]

The commun fonction is AppDelegate::applicationDidFinishLaunching(), you can found the XXtea key here. It can be visible or encrypted.

It's better to open new topic and put the name of the game i will help you if i can

Thanks. But can you say more detail steps because I've never done this through

[pravda]

any help please

[aluigi]

First it's necessary to use deflate and base64 but the key is different, both aes and xxtea fails.
This script does all the work and you only need to set the correct key:

Code: Select all

get NAME basename

comtype deflate_noerror
get SIZE asize
clog MEMORY_FILE 0 SIZE SIZE

comtype base64
get SIZE asize MEMORY_FILE
clog MEMORY_FILE 0 SIZE SIZE MEMORY_FILE

set KEY string "4da84b0a-727f-4a"
encryption xxtea KEY "0x9e3779b9 0" 0 16    # cocos2d
get SIZE asize MEMORY_FILE
log NAME 0 SIZE MEMORY_FILE

[pravda]

Thank you very much.

common function on cocos2d is AppDelegate::applicationDidFinishLaunching() and the key fails, i will try and post result here.

Regards.

[bazickoff]

Thank you very much.

common function on cocos2d is AppDelegate::applicationDidFinishLaunching() and the key fails, i will try and post result here.

Regards.

Hi brother I wonder if the bms script worked for you, because didn't worked for me
have you found a solution ?

[pravda]

No don't work.

[bazickoff]

No don't work.

I think the file encrypted with xxtea and compressed ,
maybe you wanna see this script
this is the game script ( word swipe )
the decryption function is in Line 18506
and compression function 18485

[pravda]

Intersesting how did you get this ?.

But the key extraction is from IDA pro and libcocos2djs.so ( decompiling library arm ), the commun function to decrypt asset on cocos2d is AppDelegate::applicationDidFinishLaunching() ( search this function and you will find the key ) . It works for major cocos2d based games but not for this one and i don't know why.