Encryption of Area Server Files
Posted: Wed Feb 22, 2017 11:13 am
Some files of the area server are encrypted, the savegames, pack.bin, text.bin, onlineevent.dat, etc...
they look like this:
afterwards like this:
the first 16 Bytes are the "Filekey" and dont contain any encrypted information, the rest is the actual file content
then the server has a hardcoded table of 256 more bytes build in, I call it simply "Areakey":
3B 16 6F D8 AC B2 09 FC B0 9D A9 3A DC A1 3F D2
45 17 11 03 FB 59 5E 21 D3 7A 41 E8 6A 34 D9 10
66 21 A7 21 FF 2E 37 89 BF 4E 03 EC 85 6B 94 BB
D0 A2 EA 08 3A AF 1E 99 43 A6 46 3B 50 E5 99 58
F4 46 D4 CC 6D 99 DC F5 72 51 A4 09 2C 7D 51 AD
82 FA 9C C3 99 E7 78 83 9B 5A F5 CD B8 51 65 BD
6B EC BD 81 FF D9 3E 67 51 0F 54 3A D7 BF BE CF
E1 87 EF DB 1F EA B4 07 64 FD 18 47 A9 62 85 67
55 7A 2B E7 BC D7 A5 08 E5 F0 DA 27 90 19 22 4A
77 B2 AB F9 D5 9E 1A 4F 25 F7 75 50 2C FF 40 7D
39 5A E6 A6 AC 7B 5B 00 B5 5D 00 77 5E 73 C7 45
CC E1 97 C4 C1 EC F2 80 66 AF D5 91 48 10 DF 28
A0 F3 B6 67 D7 AE A7 76 49 BC 8C D3 4A B5 F3 E9
66 7D 7C E5 ED BC 83 C5 B0 8F FF B1 05 7E AA 8F
11 AD 63 D2 46 56 D0 92 2A 76 47 E2 5A C7 EF 5E
CF EF 22 03 61 F7 16 44 89 FE BD 59 6B 2F E9 DB
now for a single byte to decrypt we do:
filekey[i%16] ^ (data[ i ] + areakey[i%256])
so f.e. for the first byte in the input data, which is 0x82, we take the filekey 0xFC and the areakey 0x3B
0xFC ^ (0x82 + 0x3B)
0xFC ^ 0xBD = 0x41 = ASCII('A');
which is the first character in the decrypted file...
for encryption, you generate a new random filekey or reuse the old one and then do this
(filekey[i % 16] ^ data[ i ]) - areakey[i % 256]
over the file, save the key and the result into one file. if your areaserver doesnt accept the file, look for the memory patches in area server to remove various checks
greetz
they look like this:
afterwards like this:
the first 16 Bytes are the "Filekey" and dont contain any encrypted information, the rest is the actual file content
then the server has a hardcoded table of 256 more bytes build in, I call it simply "Areakey":
3B 16 6F D8 AC B2 09 FC B0 9D A9 3A DC A1 3F D2
45 17 11 03 FB 59 5E 21 D3 7A 41 E8 6A 34 D9 10
66 21 A7 21 FF 2E 37 89 BF 4E 03 EC 85 6B 94 BB
D0 A2 EA 08 3A AF 1E 99 43 A6 46 3B 50 E5 99 58
F4 46 D4 CC 6D 99 DC F5 72 51 A4 09 2C 7D 51 AD
82 FA 9C C3 99 E7 78 83 9B 5A F5 CD B8 51 65 BD
6B EC BD 81 FF D9 3E 67 51 0F 54 3A D7 BF BE CF
E1 87 EF DB 1F EA B4 07 64 FD 18 47 A9 62 85 67
55 7A 2B E7 BC D7 A5 08 E5 F0 DA 27 90 19 22 4A
77 B2 AB F9 D5 9E 1A 4F 25 F7 75 50 2C FF 40 7D
39 5A E6 A6 AC 7B 5B 00 B5 5D 00 77 5E 73 C7 45
CC E1 97 C4 C1 EC F2 80 66 AF D5 91 48 10 DF 28
A0 F3 B6 67 D7 AE A7 76 49 BC 8C D3 4A B5 F3 E9
66 7D 7C E5 ED BC 83 C5 B0 8F FF B1 05 7E AA 8F
11 AD 63 D2 46 56 D0 92 2A 76 47 E2 5A C7 EF 5E
CF EF 22 03 61 F7 16 44 89 FE BD 59 6B 2F E9 DB
now for a single byte to decrypt we do:
filekey[i%16] ^ (data[ i ] + areakey[i%256])
so f.e. for the first byte in the input data, which is 0x82, we take the filekey 0xFC and the areakey 0x3B
0xFC ^ (0x82 + 0x3B)
0xFC ^ 0xBD = 0x41 = ASCII('A');
which is the first character in the decrypted file...
for encryption, you generate a new random filekey or reuse the old one and then do this
(filekey[i % 16] ^ data[ i ]) - areakey[i % 256]
over the file, save the key and the result into one file. if your areaserver doesnt accept the file, look for the memory patches in area server to remove various checks
greetz