这种加密的有办法解决吗?
810.zip (191.6 KB)
给正经想处理的后来者:
IDA直接decryptUF还以为搞错游戏了。。。
cocos2d::FileUtils::decryptUF(cocos2d::FileUtils *this, unsigned __int8 *a2, int a3, int *a4, int *a5)
建议ExAndroidNativeEmu:
import os,sys
import logging
import zlib
from unicorn.arm_const import *
from androidemu.emulator import Emulator
from pathlib import Path
emulator = Emulator()
#emulator.load_library("libc++_shared.so", do_init=False)
lib_module = emulator.load_library("libcocos2dlua.so", do_init=False)
#s1=input_data a2 = input_len a3=out_len a4=count
def calldecuf(data):
input_data = emulator.call_symbol(lib_module, 'malloc', len(data))
out_len = emulator.call_symbol(lib_module, 'malloc', 4)
emulator.mu.mem_write(out_len, b"\x00\x00\x00\x00")
#print(s1)
emulator.mu.mem_write(input_data, data)
unk1 = emulator.call_symbol(lib_module, 'malloc', 4)
emulator.mu.mem_write(unk1, b"\x00\x00\x00\x00")
unk2 = emulator.call_symbol(lib_module, 'malloc', 4)
emulator.mu.mem_write(unk2, b"\x00\x00\x00\x64")#不知道为什么是100
input_len = len(data)
outdata_point = emulator.call_symbol(lib_module, "_ZN7cocos2d9FileUtils9decryptUFEPhiPiS2_S2_", input_data, input_len, unk1, unk2, out_len)
result1 = int.from_bytes(emulator.mu.mem_read(out_len, 4),"little")
print("outlen:" + str(result1))
result2 = emulator.mu.mem_read(input_data, result1)
emulator.call_symbol(lib_module, 'free', outdata_point)
emulator.call_symbol(lib_module, 'free', input_data)
emulator.call_symbol(lib_module, 'free', out_len)
emulator.call_symbol(lib_module, 'free', unk1)
emulator.call_symbol(lib_module, 'free', unk2)
return result2
for i in Path("x").rglob("*.png"):
data = i.read_bytes()
if data[:2] == b"UF":
print(i)
dec_data = calldecuf(data)
#print(os.path.abspath(fn))
if dec_data == b"":
continue
if dec_data[:4] == b'CCZ!':
dec_data = zlib.decompress(dec_data[16:])
i.write_bytes(dec_data)
data = dec_data
if data[:3] == b"PVR":
newname = i.with_suffix(".pvr")
i.rename(newname)
1 个赞