Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[sercrets]

Hello, I am working on RRR and we have had a few hundred netcache missions from back in the day come in. I would like to set about decrypting these. What do we know about it so far? Things like encryption method etc. has anyone made headway on it in the past?

Cheers,

sercrets

[sercrets]

Anything?

[DarkenedFantasies]

A quick glance at the java code handling them shows me that it's SFS encryption. It is the text content itself that is encrypted, rather than an archive containing a mission file, so I don't think using an SFS extractor will be useful.

I currently don't have the time to write something that could decrypt them, but maybe such a tool already exists.

[SAS~Storebror]

The problem is that you don't know the original mission name, which is the salt for the encryption.
At the time of loading the mission (i.e. while playing it online) the game knows the name internally, so that's the perfect time to decrypt it.
Later on, only brute force decryption attempts would work, but as the name can have any arbitrary length, the results will be rather disappointing... imagine the name was 25 characters long, how long would it take to brute force decrypt it? Years? Certainly.


Mike

[DarkenedFantasies]

Decided to mess around with this a bit, and it turned out to be very easy to decrypt them. The file's fingerprint is based on the file contents (section titles, variable names, and values), and is encoded and decoded using the same tables found in rts\Finger. The decryption key is generated from the following string: "missions/Net/Cache/" + FingerPrint + ".mis", where FingerPrint is the number part grabbed from the filename (e.g. -1234567890.mis). The rest of the string is constant, regardless of the actual file path or file extension. Since the filename is the only place where the fingerprint value is stored, the file may be unrecoverable if the filename has been modified and the original value is unknown. The filename of the source file (which includes the remaining filepath after "missions\") is only used to check if the client already has that mission file, and plays no part in the fingerprinting or encryption process.

Below is my quick and dirty code I've written to promptly decrypt those files, by manually "loading" them through the in-game multiplayer menu. Since secrets has hundreds of files to process, my half-assed method isn't a very reasonable solution for them, and would benefit from something with more automation. But until that comes around, I think it should at least serve as a decent demo and help understand how the decryption works if someone else wants to work on a tool for this. I don't think I'll get around to it very soon.

Highlighted in red is the surrounding original code to help show where the new code (inside code blocks) is located.

Sorry but you are not allowed to view spoiler contents.

[sercrets]

Very nice work both of you! I had begun to make similar progress however you are far quicker at it. I will see if I can fine tune the script over Xmas break using some controlled netcache files in which I know the titles to etc.

Cheers

sercrets

[SAS~Storebror]

The filename of the source file (which includes the remaining filepath after "missions\") is only used to check if the client already has that mission file, and plays no part in the fingerprinting or encryption process.

Quite surprising but hey, nice find!


Mike