kong BIGFILE

[is0-mick]

KingKongTheGame_clean.bf (216mb)

This file seems editable too. I just tried altering some text strings to see if it had a CRC check or anything.
see photo for results.

There are a lot of text values / var names / strings in their also. including something about a cheat menu, and debug it mentioned a couple of times.

 DEBUG_TCINE
DumpDebugDat
[MUS][DEBUG]  ,4
gaoP9 {›
aHM L    kit-r#<é  detected Erreur [SND_MusManager] bad sc%=å

SND_gi_ShowSubtitle           MENU_f_LockedDuring           MENU_f_LifeBar_State          i_In_Menu                     world_key                     i_cheat_page                  Humains_PafTimer              Enemy_af_ReaDist           

vrai
1
 Variable qui definit s'il y a un chargement ou pas
 index des marins
 paramètres de l'objet en main
 range de chacune des armes
 numéro de frame courante
 1 = 4/3BB, 2 = 4/3, 3 = 19/9
 faux

 Key of the activated world
 page de cheat
 si le timer est à 0 l'humain peut etre attaqué sinon non
 inventaire munitions chargées dans l'arme
 faux


references to filenames including wav files:

uni_exec_get_world_key.ofc                                         ü  ÿÿÿÿÿÿÿÿ   b�CTest_Jack_Stalker_01.wol                                           ü  ÿÿÿÿÿÿÿÿ   b�C_shoot_dummies.wol                 

Tommygun reload.wav                                                ü  ‘
  �
  ñ  b�CTommygun shoot end.wav                                             ü  �
  ÿÿÿÿó  b�CStone_big_close_end.wav   


I just had a quick scan through this. I think it requires more investigation.
maybe there may be a way to exploit this file?

Mick

[Hoss]

good idea, if i can get the kiosk dvd, i can help test this out.

[Unikum]

Please, do not post links to copyrighted materials.

[SiliconIce]

Interesting, is0-mick.

Future code-injections sites? Not if the security works, but interesting to note for sure

[th0mas]

Sounds like it's an unauthenticated archive format.

A packer/unpacker is in order.  I'm investigating now..

Tom

[Hoss]

are there any good programs that can take out all of the blocks?  Right now i'm using textpad.  I just want to see what it contains.  I will agree that it's decompressed on load.  It may use a standard format, but probably won't.  Well at least its not crypted

[th0mas]

get a hex editor.

[is0-mick]

I  use Ultraedit the most, also Hexworkshop comes in handy.
I think the files are just stored (not compressed) in the large file (it has BIG as the 1st three letters, and is referenced by the .ini file in the same directory. (BigFile=d:\KingKongTheGame_clean.bf) it looks similar to the xzp files.

Mick

[th0mas]

What is so interesting about this file is that you were able to modify bytes and still load it.  AFAIK (wiki not up for me to verify) all the container file formats we've looked at so far are authenticated, and such would not load if modified.  This one is an exception.

[Hoss]

can someone make an unpacker so we can see what all is inside?

[th0mas]

it is my intent to do so once I obtain the file.

[XIU]

What is so interesting about this file is that you were able to modify bytes and still load it.  AFAIK (wiki not up for me to verify) all the container file formats we've looked at so far are authenticated, and such would not load if modified.  This one is an exception.

The .XZP container format also doesn't has any checks in it.

[th0mas]

it's not an XZP.

Interestingly, data is stored in little-endian format in this file.

[Hoss]

its probably because its developed on a pc, and it only contains data, no binary data.

[th0mas]

That.. doesn't really make any sense.  If I were developing on a PC for a device that I'd want to be able to load the data as fast as possible I'd be sure to reorder my bytes prior to releasing the data.

In either case, here's an unpacker:

http://th0mas.sixbit.org/bfunpack.c

I suppose I could make a windows binary if anyone wants one just ask.  As far as I can tell it works (ie, the Sound_Common.bf file extracts a bunch of proper wave files.  The other bf file seems a little weirder.. it might be wrong, if anyone can verify then I'll check, otherwise I'm just assuming that the files inside are odd

-Tom

[Hoss]

so does it unpack the "KingKongTheGame_clean.bf" file?

[Hoss]

im having problems compiling under cygwin, it gives the a build error:
bfunpack.c:9: error: conflicting types for 'uint32_t'
/usr/include/stdint.h:28: error: previous declaration of 'uint32_t' was here

I also tried cl.exe, but it popped up a bunch of errors

[BlueCop]

I suppose I could make a windows binary if anyone wants one just ask.

I'm asking. Thanks in advance =)

[is0-mick]

Hi th0mas,
A windows executable would be great! Also is it possible to re-pack?

Cheers

Mick

[Hoss]

it should be possible to repack it, just reverse the code to pack instead of unpack, and since there isn't any crc check or anything, it makes it alot easier.