Closed nineteendo closed 2 years ago
First, find the key in .so Second, compute the md5 of the key as KEY (the md5 is the real key for Rijndael) Third, intercept a string with a length of 24 from the fifth character of the key as IV At last, use Rijndael to decrypt the RTON by KEY and IV (ZeroPadding)
Is it in libSrc.so? And what exactly am I searching for? Key, key? And is it stored as text, bytes, hex text?
它是在 libSrc.so 吗?我到底在寻找什么?钥匙,钥匙?它是否存储为文本,字节,十六进制文本?
I'm sorry I can't tell you more info about it. But you need IDA Pro to help you find the answer.
Freeware version won't work? The processor type 'arm' is not included in the installed version of IDA. Please check our web site for information about ordering additional processor modules.
免费软件版本不起作用?处理器类型"arm"不包括在已安装的 IDA 版本中。有关订购其他处理器模块的信息,请查看我们的网站。
I used IDA Pro 7.5 to find the key and the method to decrypt RTON.
Can I use Ghidra too? Because I'm not willing to buy an IDA Pro subscription. Also I'm not going to read though 19 million 543.360 lines on code ... any hint on what I'm searching for?
我也可以使用吉德拉吗?因为我不愿意购买IDA Pro订阅。另外,我不打算阅读1900万543.360行代码...关于我正在寻找什么的任何提示?
Just a tool to disassemble .so is OK. But I'm sorry that any tips is not allowed. I can just tell you that the key is in libSrc.so.
Ok found it, now I can start implementing the encryption.
Implemented in beta 1.1.4, but really slow. Any help?
我需要帮助,当我解包中文版的dynamic.rsb.smf文件时,显示No RTON,无法得到PACKAGE文件夹,我应该怎么做
我需要帮助,当我解包中文版的dynamic.rsb.smf文件时,显示No RTON,无法得到PACKAGE文件夹,我应该怎么做
What you need to do is follow the tutorial to get the encryption key, it is not provided: Q: How to get the encryption key This tutorial was made to allow getting the key on your own, not taking months like for me, Nice Zombies#9673.
DecryptString
in a Hex editor.options/.--Unpack Packages (JSON)--Patch Packages (JSON).json
:
set encryptionKey
to the MD5 hash you found.NO RTON
means the key is incorrect, try again.我需要帮助,当我解包中文版的dynamic.rsb.smf文件时,显示No RTON,无法得到PACKAGE文件夹,我应该怎么做
您需要做的是按照教程获取加密密钥,它没有提供: 问:如何获取加密密钥 本教程是为了允许自己获取密钥,而不是像我一样花费几个月的时间,尼斯僵尸#9673。
- 分享此消息 分享密钥,不要泄露字符串或哈希!如需帮助,请与我联系:https://discord.com/users/594184636389916720
- 解压中文版pvz2的APK:http://g.talkyun.com.cn/files/pvz2-tw.html?myos=android(下载需要一段时间)
- 在十六进制编辑器中打开文件。
DecryptString
- 取紧随其后的字符串的 md5 哈希。
- 编辑 :设置为您找到的 MD5 哈希。
options/.--Unpack Packages (JSON)--Patch Packages (JSON).json``encryptionKey
NO RTON
表示密钥不正确,请重试。
Thanks,I will have a try.
对不起,我实在是太笨了,我不明白“Open the file with DecryptString in a Hex editor”的意思,“file”指的是哪一个文件呢?是libSrc.so吗,“DecryptString”又该如何获取呢?如果您能够再次指导,真是万分感谢!
Well, maybe it's that file ... You'll be opening the file with a Hex Editor and looking for the text "DecryptString", closely followed by the key.
按照您说的所有步骤与方法,经过仔细核查,我仍然没能成功解包smf,或许是我的密匙找错了?不过我会继续找方法的。 现在,我想询问另一个问题,就是如何将解包后的零散文件重新打包成smf(指的是中文版)
It's weird it's not working, you could send me your option file (via e-mail or Discord such that I can verify you're not doing anything dumb)
"Repacking" the files is not possible, but the tool can "patch" the files using the original SMF as input, a new SMF as output and the unpacked SMF as patch directory.
It's weird it's not working, you could send me your option file (via e-mail or Discord such that I can verify you're not doing anything dumb)
"Repacking" the files is not possible, but the tool can "patch" the files using the original SMF as input, a new SMF as output and the unpacked SMF as patch directory.
我通过邮件发送给您了,不知道您是否收到了?
Yeah, got it. I sent a reply, probably just an error in the json formatting.
我又来了!我将中文版中的dynamic.rsb.smf解包后,仅仅修改了其中一个抽奖所需的钻石数量(将35改成350),接着利用patch.exe修补打包并替换了原来的文件,重新打开游戏就发生了闪退,按道理应该不会有这种现象,这是为什么呢?
我又来了!我将中文版中的dynamic.rsb.smf解包后,仅仅修改了其中一个抽奖所需的钻石数量(将35改成350),接着利用patch.exe修补打包并替换了原来的文件,重新打开游戏就发生了闪退,按道理应该不会有这种现象,这是为什么呢?
That's because I set Override Encryption to 2 in all templates. I thought that might work, but it doesn't. Set it to 1.
Great!It worked.Thanks!
我替换了smf中的wem音频文件,然后使用工具修补,但这一修改似乎并没有生效。目前只能修补与json/rton有关的内容吗?
Well, wem patching has no extra changes of the tool applied, just a file replacement. But it's possible the file replacement didn't work, you can check it by extracting the modified smf and comparing the files.
Note: create a new issue if it's not strictly related to encryption, thanks.
The smf files from the Chinese version of PVZ2 use encryption and I haven't figured out the key yet, until then you can only extract the encrypted section.