Skip to content
View in the app

A better way to browse. Learn more.
ResHax

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.
Help us keep the site running.

Shumenol Data extraction

ZenHAX
in Zenhax

Featured Replies

  • Author
  • Localization

daniil, posted Tue Nov 02, 2021 6:15 am (67318)

Hello everyone.
It's my first time posting here, so I can't help but be thrilled.
I will continue to use this forum to share good opinions.
Now I'm trying to extract the evp files of shumenol V7902, but it doesn't work.

The script I am using is as follows.
Tailsman's previous version evp files can be extracted using this script.
When I tried to analyze client.exe with IDA to extract this shumenol's data, it was packed.

So, when I unpacked and analyzed client.exe, the data structure was definitely different.
We are currently analyzing and unraveling using IDA, X64Dbg, and Quickbms.
But it doesn't work as intended.
If anyone can help, let's discuss it.


get NAME string
get TYPE short # 'h'
get OFFSET longlong
get ZSIZE long # 0x00077506
math ZSIZE & 0xfffffc00
get FILES long # 0x00459e
get DUMMY longlong # 0x1b0
get DUMMY longlong
idstring "mars"

if TYPE == 'h' # 'h'
print "Appropriate file"
else
print "Not proper file"
cleanexit
endif
  • Author
  • Localization

daniil, posted Thu Nov 04, 2021 7:59 am (67362)

Found ALGO & KEY & IVEC of encryption.
encryption ALGO KEY IVEC

The remainder is to get the method how to take OFFSET and ZSIZE and SIZE of each file.
The structure is a bit odd.
  • Author
  • Localization

DKDave, posted Fri Nov 05, 2021 8:58 pm (67383)

It might be better if you post an actual sample of one or two .evp files so that people can look at it.

And also post the encryption method/key/ivec too!
  • Author
  • Localization

daniil, posted Sat Nov 06, 2021 1:27 am (67391)

Only when all are completed, I can post some example.
All the datas are what I've been struggling to find, but I will show gladly.

The number and names of file extensions and folders have been done.
The remainders also will be completed soon.
  • Author
  • Localization

daniil, posted Mon Nov 08, 2021 6:50 am (67430)

I already analyzed everything and created a bms file
I changed my mind when I was about to reveal it.
I'm sorry.
  • Author
  • Localization

daniil, posted Wed Dec 29, 2021 1:38 am (68535)

The bms file I made successfully unpacks the evp files of the latest entertainment including Zui and Shumenol.
Contact me if you need this file.
Please use the pm of this forum if you want to contact me.
If you didn't post even one time, please include your link in pm.
Guest
This topic is now closed to further replies.
Go to topic listing

Account

Navigation

Search

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.