search

bucanero / apollo-ps3

Apollo Save Tool (PS3)
http://www.bucanero.com.ar/
GNU General Public License v3.0
357 stars 23 forks source link

Automatically brute force hash when inserting custom configs for The Orange Box #98

Closed OCsonic closed 1 year ago

OCsonic commented 1 year ago

The Orange Box (HL2, Portal, and TF2) validates your config file when you boot the game, it would be nice if this could be simplified since I don't have access to a Windows pc (I use Linux) so brute forcing the save from pc is a pain since it involves firing up a VM.

bucanero commented 1 year ago

I'm not sure about your request... I assume that you talk about modifying a save data file from the "Orange Box", but the game has an integrity check or hash that needs to be regenerated after editing the save?

You also mention some PC tool to "bruteforce" but I don't know if you're using a specific tool for that game or not. Is there a windows tool to fix "Orange Box" save hashes?

As I said, the use-case is not clear so you'll need to provide all the details to actually provide a proper answer about it.

OCsonic commented 1 year ago

I'm not sure about your request... I assume that you talk about modifying a save data file from the "Orange Box", but the game has an integrity check or hash that needs to be regenerated after editing the save?

Sorry I was really tired when I wrote this, Anyways:

You also mention some PC tool to "bruteforce" but I don't know if you're using a specific tool for that game or not. Is there a windows tool to fix "Orange Box" save hashes?

People typically use BruteCRC32 to brute force the config file until the CRC32 hash matches the same as before it was touched.

As I said, the use-case is not clear so you'll need to provide all the details to actually provide a proper answer about it.

In Orange Box you have to modify the config file to use console commands like changing fov and using a keyboard and mouse to play, Also you can use it to bind server operator commands to do stuff like host custom gamemodes (and theoretically maps) or play against bots when the servers are down. But the game does an integrity check via a CRC32 hash on the config file.

bucanero commented 1 year ago

Alright, now I understand the issue.

I don't own the game, but I could take a look to the save files if you can provide a few samples:

if you can provide these sample save files, I can probably add a cheat-patch code to Apollo that regenerates the hash directly on the PS3.

bucanero commented 1 year ago

Note: I have checked online and I couldn't find saves for the ps3 "Team Fortress 2", and all the references about BruteCRC32 talk about team fortress 2 .CFG file.

So to compare results with the available online references I'd need to get some TF2 ps3 saves.

I'll wait for your files to figure a checksum fix for this game.

OCsonic commented 1 year ago

Alright, now I understand the issue.

I don't own the game, but I could take a look to the save files if you can provide a few samples:

* original working save file without changes

* modified save file (before using bruteCRC32)

* fixed modded save file (after using bruteCrc32)

if you can provide these sample save files, I can probably add a cheat-patch code to Apollo that regenerates the hash directly on the PS3.

Here they are! Saves.zip

bucanero commented 1 year ago

thanks for sharing the save-game examples. 👍

I was reviewing the data and some other saves I downloaded (Portal, Half Life), and I found that the CRC32 checksum from the .CFG file is actually stored (and encrypted) in the .CHK file.

Based on this analysis, I think there are two possibilities to checksum-fix the saves:

The bruteCrc32 solution has been tested and works, but I think that the first solution would be optimal if it can be tested and works as expected.

So if you have time to do some tests, I can provide a patch script to test the first solution, and if it works I'll include it in the next Apollo release.

bucanero commented 1 year ago

here's the patch file to test out. Create a BLUS30055.ps3savepatch text file with these codes, and then upload it to the PS3, /dev_hdd0/game/NP0APOLLO/USRDIR/DATA/

If you don't have the USA version, change BLUSxxx for your title ID, maybe BLESxxx if you have the euro version. Once the ps3savepatch file is uploaded, when you open the save with Apollo you should see two cheat codes. You'll need to select both, one to calculate CRC32 for "CFG" and another to write the crc32 to "CHK". After you selected the two codes and the files, click to apply changes and resign. Then test if the save works or not.

Let me know the results

; The Orange Box
; BLUS30055

:*.CFG

[Calculate CRC32 for .CFG]
set range:0x00,eof+1
set [hash]:crc32

:*.CHK

[Write CRC32 to .CHK]
write at 0x00:[hash]
OCsonic commented 1 year ago

here's the patch file to test out. Create a BLUS30055.ps3savepatch text file with these codes, and then upload it to the PS3, /dev_hdd0/game/NP0APOLLO/USRDIR/DATA/

If you don't have the USA version, change BLUSxxx for your title ID, maybe BLESxxx if you have the euro version. Once the ps3savepatch file is uploaded, when you open the save with Apollo you should see two cheat codes. You'll need to select both, one to calculate CRC32 for "CFG" and another to write the crc32 to "CHK". After you selected the two codes and the files, click to apply changes and resign. Then test if the save works or not.

Let me know the results

; The Orange Box
; BLUS30055

:*.CFG

[Calculate CRC32 for .CFG]
set range:0x00,eof+1
set [hash]:crc32

:*.CHK

[Write CRC32 to .CHK]
write at 0x00:[hash]

Worked flawlessly! Thank you!

bucanero commented 1 year ago

Worked flawlessly! Thank you!

thanks for confirming that it worked 👍 I'll include this new patch file for "the Orange box" in the next version. 😄