游戏下载链接:https://yjsg.gamecomb.com/
读so后找到了这个函数EJ::EJAES::DecryptFile,但是文件字节不满足
然后加密的文件有统一的文件头,看起来又像xxtea,我使用里面硬编码的密匙也解不开
这是加密后的样本,为pvr.ccz格式
样本.zip (175.2 KB)
谢谢~
只对前32个字节进行了两轮循环异或
参考加密函数可以得知
int __fastcall cocos2d::CCFileUtils::encrypt(cocos2d::CCFileUtils *this, char *a2, unsigned int a3)
{
int v4; // r0
int v5; // r3
bool v6; // cc
int v8; // [sp+0h] [bp-28h]
char v10[4]; // [sp+8h] [bp-20h] BYREF
int v11; // [sp+Ch] [bp-1Ch]
int v12; // [sp+10h] [bp-18h]
int v13; // [sp+14h] [bp-14h]
int v14; // [sp+18h] [bp-10h]
if ( *((_BYTE *)this + 44) )
{
v13 = 0;
v12 = 0;
v11 = 0;
*(_DWORD *)v10 = 0;
strncpy(v10, *((const char **)this + 10), 0x10u);
v4 = 0;
v8 = 0;
LABEL_3:
v5 = 0;
while ( v4 + v5 < a3 )
{
a2[v4 + v5] ^= v10[v5];
v6 = v5++ < 15;
if ( !v6 )
{
v4 += 16;
v6 = v8++ < 1;
if ( v6 )
goto LABEL_3;
return _stack_chk_guard - v14;
}
}
}
return _stack_chk_guard - v14;
}
解密函数如下:
def decrypt_file(input_file, output_file, key="wzwlqyyl2013win"):
key = key.ljust(16, '\0')[:16]
key_bytes = key.encode('utf-8')
with open(input_file, 'rb') as f_in:
data = bytearray(f_in.read())
for i in range(min(32, len(data))):
data[i] ^= key_bytes[i % 16]
with open(output_file, 'wb') as f_out:
f_out.write(data)
return True
if __name__ == "__main__":
import sys
input_file = sys.argv[1]
output_file = sys.argv[2]
decrypt_file(input_file, output_file)
需要用TexturePacker之类的打开并转换图片
好滴,谢谢大佬~