Skip to content
View in the app

A better way to browse. Learn more.
ResHax

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.
Help us keep the site running.

How to crack an encrypted XML file

ZenHAX
in Zenhax

Featured Replies

  • Author
  • Localization

IGBT001, posted Sat Jun 11, 2022 6:31 am (71954)

As mentioned in the title, I found in localizing a game called "Ship Simulator Extreme Edition",
All the strings of the game are stored in XML files, try to open and modify, but it is garbled.
But when I entered the game, I found that he could load and display normally. I tried to use OllyDbg to analyze it, but I still couldn't analyze how he decrypted the XML file normally.
I used Google Translator to translate all the above words.
  • Author
  • Localization

IGBT001, posted Sat Jun 11, 2022 6:38 am (71955)

After Mr. ikskoks' analysis, Language_EN.xml Those XML files are not encrypted, they are compressed with ZLIB. He recommended me to use offzip software for decompression operation.
Yes, it's perfect. I successfully extracted the string I wanted, but I'm having problems with the packing operation.
If you use offzip for packaging, the program will report an error:
Code:
C:\Users\pengzhen\Desktop\5555\offzip>offzip.exe -a -r Language_EN.xml

Offzip 0.4.1
by Luigi Auriemma
e-mail: [email protected]
web:    aluigi.org

- open input file:    Language_EN.xml
- zip data to check:  32 bytes
- zip windowBits:     15
- seek offset:        0x00000000  (0)

 ------------ ----- ---------------------------- ---------------------- 
| hex_offset | ... | zip -> unzip size / offset | spaces before | info |
 ------------ ----- ---------------------------- ---------------------- 
  0x00000008 . < reimporting 00000008.wdproj
.........
Error: the compressed data is bigger than the original one by 0x17 bytes
  • Author
  • Localization

IGBT001, posted Sat Jun 11, 2022 6:44 am (71956)

If I use pakzip for packaging, the file is successfully generated, but the game cannot be loaded normally, even if I don't modify a single byte.
Code:
packzip -o 0x00000008

Image
Image
  • Author
  • Localization

h3x3r, posted Sun Jun 12, 2022 12:53 pm (71991)

Use this script to decompress loc files.
Code:
####################################
get FILESIZE asize
get FILENAME basename
idstring "ENC"
get VERSION byte
get SIZE long
string NAME p= "%s/%s.xml" decompressed FILENAME
math FILESIZE -= 8
math ZSIZE = FILESIZE
savepos OFFSET
clog NAME OFFSET ZSIZE SIZE

Replace original file with decompressed. Game loads decompressed files. Tested on Language_EN.xml
  • Author
  • Localization

IGBT001, posted Sun Jun 12, 2022 1:31 pm (71993)

h3x3r wrote:
Use this script to decompress loc files.
Code:
####################################
get FILESIZE asize
get FILENAME basename
idstring "ENC"
get VERSION byte
get SIZE long
string NAME p= "%s/%s.xml" decompressed FILENAME
math FILESIZE -= 8
math ZSIZE = FILESIZE
savepos OFFSET
clog NAME OFFSET ZSIZE SIZE

Replace original file with decompressed. Game loads decompressed files. Tested on Language_EN.xml

Thank you for your reply, the decrypted file has been loaded into the game normally, but quickbms encryption will report an error, prompting:
Code:
QuickBMS generic files extractor and reimporter 0.11.0
by Luigi Auriemma
e-mail: [email protected]
web:    aluigi.org
        (Apr  5 2021 - 13:56:34)

                          quickbms.com  Homepage
                            zenhax.com  ZenHAX Forum
                     @zenhax @quickbms  Twitter & Scripts

- GUI mode activated, remember that the tool works also from command-line
  where are available various options like folder scanning, filters and so on

- select BMS script. type ? for using the content of clipboard like a script
- select input archives/files, type * for the whole folder and subfolders
- select output folder where extracting files
- open input file C:\Users\pengzhen\Desktop\002\????\Language_EN.xml
- open script C:\Users\pengzhen\Desktop\002\001.txt
- set output folder C:\Users\pengzhen\Desktop\002\????

  offset   filesize   filename
--------------------------------------

- signature of 3 bytes at offset 0x00000000 doesn't match the one
  expected by the script:

  this one: "  3c 21 2d                                          
  expected: "ENC"
  45 4e 43                                          ENC

- 0 files found in 0 seconds
  coverage file 0     0%   3          135134     . offset 00000003
  • Author
  • Localization

IGBT001, posted Sun Jun 12, 2022 1:50 pm (71994)

The text encryption is done, and the Chinese font library has to be done. Thanks for the help of h3x3r, thank you!
Image
Image
Guest
This topic is now closed to further replies.
Go to topic listing

Account

Navigation

Search

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.