reading encrypted/obsufcated game data

[foogrrr]

i have searched the forum, and i was unable to obtain any specific information regarding some encrypted/obsufcated data in a game after extracting the iso.

i use wxripper to extract a game iso so i can view the game contents.

the iso in question is Guitar Hero 2.

I am famliar with the .arc and .hdr filetype the game utilized to  hold/play songs.

the file in question is main.hdr ( header file for the .arc archive).

I would first like to point out that, the ps2 version of main.hdr is NOT encrypted/obsufcated
but the 360 version is.

The .hdr has the pointer/offsets for the individual contents compressed in the .arc archive.

finally, my questions for the iso in question are:
1. is it normal for game data to be encrypted/obsufcated?
2. is it encrypted or obsufcated?
3. is there a way to make it readable? (comparision with ps2 .hdr? or perhaps reading .arc can generate a .hdr?)

any suggestions/details would be greatly appreciated,

 i apologize if i have missed anything regarding this subject searching the forum.

cheers,

    foogrrr

[do0my]

Yes, the Xbox 360 version of GH2's game data archive is encrypted/obfuscated.

The famous program Guitar Hero Explorer had initial support for reading the Xbox 360 version's file.  It DIDN'T support repackaging songs or extracting songs fully, since development has ceased and support was never added.

[foogrrr]

my understanding is that GHex (Guitar hero explorer) parses through the .arc (archive) instead of reading the .hdr (header for archive) to find the file information, and this is why GHex cannot repackage songs into an archive.

needless to say reading/writing or being able to create a usable header file would be the only solution.

[tma]

Actually, it's been confirmed (not by me) that the .ark file has no consistency checks, and so you can replace the files in the archive (ie: the midi files or the sound files), as long as the overall structure isn't changed (e.g. the location of the file start positions aren't changed).

Also, AFIAK GHEx has resumed development.

[foogrrr]

hi tma,
   
     I was aware of this method, although it does not seem like a very feasable method, only for the fact that songs could not be longer than the original (the data would take more space than designated by the .hdr), the .mid and .ogg would have to be no larger than the original ones being replaced as well, for the same reason.  I have noticed that GHex is available for distobution again, although no indication has been made that it is in development anymore.

(e.g. the location of the file start positions aren't changed).

This is true, but you cannot also go past the end file offsets, which are set in the .hdr file.

[tma]

hi tma,
   
     I was aware of this method, although it does not seem like a very feasable method, only for the fact that songs could not be longer than the original (the data would take more space than designated by the .hdr), the .mid and .ogg would have to be no larger than the original ones being replaced as well, for the same reason.  I have noticed that GHex is available for distobution again, although no indication has been made that it is in development anymore.

(e.g. the location of the file start positions aren't changed).

This is true, but you cannot also go past the end file offsets, which are set in the .hdr file.

That was sort of implied - if you go over the end file offset then the next file start position changes.

Given the length of tracks like Free Bird, Fall of Pangea, or Red Lottery, you would be able to get decent length songs into the archive, but you're right, it is a limiting factor, but the only option at this point until/unless the .hdr gets cracked or some way is found to sign DLC packages.

[foogrrr]

looks like there is a new version of HDDxplorer that might/should be able to pull out the DLC for GH2 and replace it with modified data.  Haven't tried it yet, but looks like it is possible.

[lhyrgoif]

I'm also trying to get the 360 version to play custom songs, sofar not had any success, but I'm researching all that I can about this issue to try figuring something out.

Whats the version number of the 'new' hddxplorer your'e talking about ? I have tried to search for it but cannot find it at all on the "usual places" .

I saw this on the scorehero recently:
"Drummerguitarist wrote:
  4512jth wrote:
      katamakel wrote:
      No. For now, my decision to stop working on ghex is final.

   Why do I see the 80's note charts have the thing at the bottom that says "Generated with guitar hero
   xplorer 0.5.0??

 QFT. However, I have a few hunches as to why this was. One guess is that Kata did the chart with one of his 
 development builds (a non-final Ghex, which would be 0.5.0), and then gave it to JC. Another is that all the
 mods/admins were all given this dev build, hence JC's pic from 0.5.0. Dunno, though.
"

So It seems that Kata does indeed continues to develop ghex, atleast internally. We can only hope he releases it to the public later on and that it has some new goodies for us 360 owners.

[tma]

nm.

[lhyrgoif]

hi tma,
   
     I was aware of this method, although it does not seem like a very feasable method, only for the fact that songs could not be longer than the original (the data would take more space than designated by the .hdr), the .mid and .ogg would have to be no larger than the original ones being replaced as well, for the same reason.  I have noticed that GHex is available for distobution again, although no indication has been made that it is in development anymore.

(e.g. the location of the file start positions aren't changed).

This is true, but you cannot also go past the end file offsets, which are set in the .hdr file.

That was sort of implied - if you go over the end file offset then the next file start position changes.

Given the length of tracks like Free Bird, Fall of Pangea, or Red Lottery, you would be able to get decent length songs into the archive, but you're right, it is a limiting factor, but the only option at this point until/unless the .hdr gets cracked or some way is found to sign DLC packages.

As the .hdr seems to be hard to decrypt I'm starting to think that the above is the only way we will be able to get custom songs för gh2 on the 360. I know it's far from optimal to have the original song/chart lenght limit the custom songs (cannot change songlist titles for example) but It's better than nothing imo. If the .ark isn't signed in any way as people say why don't we just create a small app (similar to ghex) that searches for the ogg/mid and let us replace them, as long as we keep the new files smaller than the original the application could just padd the missing bytes to retain the exact original file positions in the archive.

Even though the songlist would have the old titles the song "preview" should still work as long as the new songs are at similar playtime as the original song and the game only plays the ogg between two fixed time positions.

Although this isn't a really good solution it would atleast allow people that are bored of playing the same old songs to atleast play some new ones. I'm thinking of writing this app myself but I was wondering if there is something I haven't thought of that would make this not work before I start coding.

[tma]

As the .hdr seems to be hard to decrypt I'm starting to think that the above is the only way we will be able to get custom songs för gh2 on the 360. I know it's far from optimal to have the original song/chart lenght limit the custom songs (cannot change songlist titles for example) but It's better than nothing imo. If the .ark isn't signed in any way as people say why don't we just create a small app (similar to ghex) that searches for the ogg/mid and let us replace them, as long as we keep the new files smaller than the original the application could just padd the missing bytes to retain the exact original file positions in the archive.

Even though the songlist would have the old titles the song "preview" should still work as long as the new songs are at similar playtime as the original song and the game only plays the ogg between two fixed time positions.

Although this isn't a really good solution it would atleast allow people that are bored of playing the same old songs to atleast play some new ones. I'm thinking of writing this app myself but I was wondering if there is something I haven't thought of that would make this not work before I start coding.

Sounds like a plan, although we've been able to get a decrypted copy of the xbe file, and there are references in there to the hdr and ark files, so there is some hope. Unfortunately I don't know any PPC assembly, so I am not much use as far as decoding goes. I also don't know the X360 kernel or system libraries well enough (ie: at all) to be able to work out what it's doing.

If anyone can help out with this, please send me a PM.

As for replacing songs in the ark, there are two complicating factors:

1) the .ogg files are five track files. I'm unsure how the game deals with two track (stereo) .ogg files.

2) when you replace songs, be wary of songs that have a preview late in the track, because on the PS2 version this would cause the game to lock up if the replacement song wasn't long enough. I think the main culprit is Freya.

[lhyrgoif]

Yes I'm aware of the preview issue. Do you or anyone else here know if the preview time (start mm:ss -> end mm:ss) is the same in the 360 version as the ps2 for all the songs they have incommon ? If so we could try get that data out of the ps2 DTB files (If I recall correctly) and make a table in the progam with those times and checking it when inserting new custom songs that they are not shorter than this end time.

If only a few of the songs have really late previews we could simply not make those replacable in the GUI to get around the freezing problems, there are enough songs to replace anyway (if the replacing works at all).

As noone sofar has said this can't be done I'm going to code a simple program to test this "ark replace" theory for one song and if it works I will refine it with a nice GUI and stuff.

[lhyrgoif]

I injected two custom songs (ogg+mid) into the .ark, overwriting two original songs data. The first ogg was only slightly shorter than the original song and I can actually preview this custom song when playing GH2 (it even loops after a short while as it should). Too bad the game hangs when loading after selecting difficulty.

The second ogg I injected was only one minute long (I padded the rest of the bytes with spaces) and I suspected GH2 would crash when previewing it, but it didn't! When previewing it's completely silent but it does not hang, so I can continue and select some other song after. This is good as it means we don't have to be so picky with the songlength (for the preview), the game won't crash as long as it's not longer (in bytes) than the original it replaces.

I do have some ideas why it didnt went to play it all the way, I will investigate it further to see if I can get it to work.

Anyone have any idea of how to create an ogg file with 5 channels ? Audacity wont save/export a song with 5 channels, it merges it into a stereo song (2 channels). I've also looked at other sound mixing progams but havent found one that can produce what I need.

[Illithid]

Hello.
Here is a guide on how to make a 5 channel ogg file.
http://forum.doom9.org/showthread.php?s=&threadid=57736
Imo, there should be a easier way... but I don´t know.

[lhyrgoif]

More progress!

I have succeeded in making a custom 5 channel ogg and inject it into gh2 (mid not changed). Preview ok, song plays 100% and ends when mid says it should, no problem getting back to the song list.

Also succeeded in injecting a mid from the ps2 version, If I only could get a totally custom mid to play then were done!

I need to research why my custom mid's wont work.

[Illithid]

Impressive.