December 17th, 2012, 07:13 PM
Not quiet sure what this is...
I've been looking around now for the past few hours trying to research in to a file i'm trying to gain access to.
The file is from a game "Call of Duty: Black Ops II" and i'm trying to manipulate the gamesave file. The file however was previously encrypted.
I believe the file has some sort of obfuscation securing the rest of the file but as you may be aware I don't have a clue how to un-obfuscate it.
Here's a screen shot of the file: http://d.pr/i/YlC8
Since I can't paste the code it keeps dissapearing nor can I post it on pastebin for the same reason I have uploaded the file.
cl . ly/2F2H1v0V2Z3R (remove spaces)
(Open in HxD Editor) < I assume you already know.
Any help is appreciated, thanks.
December 17th, 2012, 09:31 PM
Seems like there is actually 2 types of encryption. It's either 3DES or AES i'm not quiet sure.
Originally Posted by WellysWorld
Can anyone determine the encryption type? thanks.
December 18th, 2012, 12:34 AM
Your file isn't compressed.
Data streams encrypted with a decent algorithm cannot be compressed.
$ ls -l GPAD0_MP.DEC
-rw-rw-r-- 1 sc sc 1000 2012-12-18 01:10 GPAD0_MP.DEC
$ gzip GPAD0_MP.DEC
$ ls -l GPAD0_MP.DEC.gz
-rw-rw-r-- 1 sc sc 262 2012-12-18 01:10 GPAD0_MP.DEC.gz
December 18th, 2012, 09:04 AM
Therefore I cannot gain access? Or is there anyway anyway possible to get in to it.
Originally Posted by salem
December 18th, 2012, 12:00 PM
All I can tell you is that it isn't encrypted with 3DES or AES, and it isn't compressed. If either of these things were true, then gzip would not have been able to take 1000 bytes down to 262 bytes.
A casual visual inspection of the hex dump shows many 00 bytes, and several repeated sub-strings.
If you're unsure of this, do some reading on information theory
Compressed streams are devoid of entropy, so you can't compress it any further.
Encrypted streams are indistinguishable from random noise, unless you know the algorithm and key. A truly random stream cannot be compressed either.
Regarding reverse engineering of a game file format, it is generally assumed that you want to 'cheat' in some way. Now if this were an off-line game, and I was motivated enough to be curious about the game in that way, and you seemed to have some skill then I might have been interested in helping. The only people who can be affected are those who specifically choose to use a hacked file.
As it is (an on-line game that I've got no interest in, and you lack some fundamentals) then I'm just going to check out of this conversation. I'm just not into helping people wander around a game in 'god' mode without other players being aware of it.
Decoding the file is unlikely to be your only obstacle.
Comments on this post
December 18th, 2012, 12:09 PM
The game will not be used to get online mods at all since I do not have a working console that allows me to transfer files across (Jailbroken Playstation Console). This is just to help gain and progress my knowledge and not put anything in to action for many reasons. The game consists of a ban if any type of file is modified online which would leave my account and my console banned forever.
Originally Posted by salem
The file is known to be encrypted using 3DES (Treyach's) encryption and AES (Sony's) encryption. The 3DES has been decrypted and that was the first layer of encryption which has been removed from the file I uploaded. The AES encryption is the one i'm struggling to remove at first I thought it was obfuscated but indeed I was incorrect and the .svg are the only obfuscated files.
I believe this is the only type of file which is obfuscated however removing the obfuscation is another type of thing that neither me or someone I know now how to do.
cl .ly/2224341c0k3T < Remove the spaces.
EDIT: Re-read and I had gotten mistaken, If the file is not encrypted via 3DES or AES then is it not encrypted at all? or..