【汉化资料】通用解包器制作工具QuickBMS图文教程2

shane007

ok so set up our c:\temp directory bye extracting our file BoneObject.hsp
# A+ J* d) z$ k  F! \1. to c:\temp
# h7 l1 y1 z+ h$ e3 n. }$ G2. create a new text document called astro.bms
3. and place the newest version of quickbms in the folder also.

" z9 q. q9 \' V( z( m9 K1 \( cOk so open up BoneObject.hsp in your hex editor and lets take a look at it.
  
' i" l8 H. t% W+ ?0 J1 ygood we have some plain text.
9 Z. B9 Z% B, t5 [" ^8 C) f4 Q& iyou will notice I highlighted the first 4 bytes 20 50 53 48 or " PSH" that is a space followed bye P S H.
2 b' R( @% w6 ~# X! @. `hmm that seems familiar that is the file extension only backwards. this is know as the idstring
3 X3 p- K) w4 c$ r) J! Eso up until now you would think to write in bms
get IDSTRING long
0 |5 e' O& L8 u4 W- C# `6 t- qthere is nothing wrong with that but there is a better command
) T4 ~8 x$ ~+ {- z5 N! yidstring " PSH"
make sure you include the quotes.
so open your bms string and on the first line type
1 x- ]/ M, }; R+ Yidstring " PSH"
0 X0 |  V) s* c% v' Jthe reason this command is better is it will tell the program not to run if it does not find that string don't try to extract that file.
"aka noob proofing it"

" a& u7 ~( w5 F( X- kOk so now lets look at what we can read I see
+ X7 [! m  K1 Q" q% c1 x7 |Datas\Texture\BoneObject\npc_nagoya_octopus01_body.dds , Datas\Texture\BoneObject\Toon.bmp , Datas\Texture\BoneObject\Toon_a.bmp , Datas\Texture\BoneObject\Toon_zero.bmp
5 J. o+ d8 Y7 T  g: yso I will assume there are 4 files in this archive.
0 t6 K- u* z$ @  k! F" Awell lets look at the next 4 bytes and see what it is 01 00 00 00 hmm that is equal to 00 00 00 01 or 1 and we have more files in this archive than that so we do not know what this represents
4 ]- o. `  D8 W) ^: ?3 ~so lets write that in bms language
8 r/ k; E& r& Dget UNK1 long
this saves those 4 bytes as the variable UNK1.

( o# \' P+ x7 I7 f% mok the next 4 bytes are 04 00 00 00 hmm this translates into 00 00 00 04 or 4
0 a' e7 I0 Z4 Lhey that is the number of files we counted so lets write that in bms
: C! \; @9 x; K0 \7 i) Yget FILES long
. l) v/ w% k* W  Z1 _this saves those 4 bytes as the variable FILES.

  [5 q$ l9 R* {3 z& t0 Z/ Lthe next 4 bytes are 00 00 00 00 well that is equal to zero so for now I will write that in bms
& G9 t' ~  s( Lget NULL1 long
this saves those 4 bytes as the variable NULL1
/ W* b. f7 |9 w: U4 w! a% ]( \
ok now we have reached the first file name Datas\Texture\BoneObject\npc_nagoya_octopus01_body.dds
4 Z  e# c7 ?: V3 u0 c& ]5 ^  D1 T4 Xthis is 0x36 bytes long but wait there was no indicator like the last file that told us how long the name is how do we write this?
8 V  H% }0 U- i8 b/ D" O6 Fwell lets look for a pattern
Datas\Texture\BoneObject\npc_nagoya_octopus01_body.dds is 0x36
. r+ C" b: e# l8 L9 ^Datas\Texture\BoneObject\Toon.bmp is 0x21
Datas\Texture\BoneObject\Toon_a.bmp is 0x23
2 R! H, [; p0 n' }+ E; tDatas\Texture\BoneObject\Toon_zero.bmp is 0x26
) v0 T  U1 l, j) P& _3 h/ Khmm I don't see anything that makes that a pattern.
but I do see all the names are followed bye a lot of zero's. how long is the name + the zeros of each file?
# V6 j; Z# Z! X1 UDatas\Texture\BoneObject\npc_nagoya_octopus01_body.dds + 0's is 0x80
4 `% ~. X" ]3 c8 ~Datas\Texture\BoneObject\Toon.bmp + 0's is 0x80
Datas\Texture\BoneObject\Toon_a.bmp + 0's is 0x80
Datas\Texture\BoneObject\Toon_zero.bmp + 0's is 0x80
hey they are all the same size when I include the 0's
( |, r- |9 }+ F/ lso in bms I would write this as
( i0 X1 O- c6 `- h/ A; O2 Bgetdstring NAME 0x80
this tells it to grab 0x80 bytes and store the text value of it
and as an added feature it will automatically remove trailing 0's

ok so now we have 0xC bytes before I see the next file name
which is 3 long values
  P( g5 u; F+ Rso lets write those in and we will figure out what they represent later.
get UNK2 long
* W) M  `0 `+ E6 X; A9 G+ bget UNK3 long
( o3 n* g" M, F) h' cget UNK4 long
  g$ _8 f8 v9 E4 J- U& _0 {
ok so now we see the name again
we have our pattern so lets write our script based on what we learned
3 i3 x' r0 ~, w  f8 @so it would look like this up until now

$ O( \0 d# ~" b! ~Code:
4 z  U  N# Q: Uidstring " PSH"
get UNK1 long
% R4 H( ?4 Y( Y4 c6 Bget FILES long
get NULL1 long
' w2 |7 y2 H" H4 S- Xfor i = 0 < FILES
( K. C! s. W$ ^" q; ^/ O& Jgetdstring NAME 0x80
8 x9 ?* ?# Q" T! c  N0 t: A, hget UNK2 long
7 l7 m3 q! ]5 r4 x2 p: c2 yget UNK3 long
' }  X) F9 r+ w7 H! [7 ]; ^get UNK4 long
clog NAME OFFSET ZSIZE SIZE
: J* l6 U5 x: l0 N/ C' Wnext i
* G5 X0 z* B+ e. n
! A1 m8 N6 o9 T
& c& M% T$ f- X  dok this may look complex but it is almost identical to the first tutorial file except we added 1 more variable
ZSIZE this represents the compressed file size while SIZE represents the decompressed file size
and we also changed the log command to clog to represent it is a compressed file.
% i) q3 A/ |. b5 F
$ E. @7 k0 y+ x, _2 E8 ?ok so now we have our loop and the commands to extract our files but we still need to fill in the variables
  m' s/ @7 M9 l& DOFFSET ZSIZE SIZE
so that means our 3 unknown values must represent that but how do we know what order they are in?
8 w$ t8 U5 B% X! M3 a. W
' z+ x; t! r4 H0 R0 K1 |2 N' H, KWell ill let you in on a cool trick follow the file loop to the end start at Datas\Texture\BoneObject\npc_nagoya_octopus01_body.dds and highlight the whole 0x80 length
' Q; O. H  h7 Q" lthen add our 3 unknown variables so that means we are highlighting 0x8C for our length. the first file is from 0x10 - 0x9B
: b+ h6 ]$ x& |9 {1 l. [3 Xso now do this for the rest of the files and you end up at highlighting 0x1B4 - 0x23F
7 q9 Y$ a6 i! B  
ok so we reached the end of our loop now what?
# ^, ~- z$ S+ a4 x( _4 lwell the next 2 bytes are 78 9C and this is an archive extractors best friend when you see this at the start of a file.
: i0 N3 {$ h$ n0 w78 9C represents the standard zlib compression header
! Q9 N2 Z# A! Z; \' gok so this means our first file starts there which is at offset 0x240
$ Z. h0 \/ a" V' H2 \8 N; D
# f7 u  u/ Y$ f- {well lets go back to our first file in the list and look at those unknown variables.
- p5 ~" k; N4 q) I9 O$ n# C$ y/ G24 72 00 00 is = 00 00 72 24 = 0x7224
80 00 02 00 is = 00 02 00 80 = 0x20080
1 t  Y8 b4 P2 q3 e7 z" g% b: H40 02 00 00 is = 00 00 02 40 = 0x240
% S+ \9 I' a  e/ sI think we have a winner so the third variable is 0x240 aka the offset
so lets update our script

* W% f% e) g7 W& H) O$ H
Code:
7 L' K7 G9 y6 R6 y0 m$ C+ _idstring " PSH"
1 K3 y" K4 S8 _get UNK1 long
get FILES long
get NULL1 long
$ j' R- F8 h0 V; Cfor i = 0 < FILES
" q% _( W8 p! f/ {' sgetdstring NAME 0x80
' K3 H1 S* j6 fget UNK2 long
$ Z7 a  X' P# X+ G3 dget UNK3 long
1 |( M8 C* T; u" L$ A2 v8 D1 cget OFFSET long
/ s' _/ J( Q6 @) |2 s4 eclog NAME OFFSET ZSIZE SIZE
next i


now that just leaves ZSIZE and SIZE
well bye process of elimination the decompressed file must be bigger than the compressed file so we compare the 2 variables
7 S- X7 T$ ^$ v! ]9 c24 72 00 00 is = 00 00 72 24 = 0x7224
80 00 02 00 is = 00 02 00 80 = 0x20080
0 O/ g; l  n+ E) H* M; dwell 0x20080 is definitely bigger so we now know the last 2 variables
4 y! o: E* {, ~) O) G* V, }

- f+ C, X9 b% n! a3 G7 _% P/ ?  tCode:
idstring " PSH"
get UNK1 long
! b- Z2 ^) T3 Y/ V7 zget FILES long
get NULL1 long
for i = 0 < FILES
" O) |8 j7 Y3 |# l) ^getdstring NAME 0x80
: |- k3 D+ @, y, s3 s: N& pget ZSIZE long
3 \6 Z  m; S$ |3 jget SIZE long
get OFFSET long
7 R6 t3 `' J( w, H' Fclog NAME OFFSET ZSIZE SIZE
next i
; |* S0 P2 D9 w; J
, @  l- V8 b7 `' R$ C/ S
" z7 W2 w& A' j2 Pnow try our code out on the file
# V0 A: y7 q# ]7 g/ v- ropen the command prompt and change to the directory
9 J/ I3 i7 [" z- w& kc:\temp
now type
quickbms.exe -l astro.bms BoneObject.hsp .
yay it listed our files without any errors now lets try extracting them
! z( s, U+ G* B( _6 screate a folder called extract
6 W- _, `& {" E, X0 y7 Sand type
7 y$ P: g8 s. k  |# fquickbms.exe astro.bms BoneObject.hsp extract
( H; R9 C- @( p& e9 Gif we look in there we now have folders and in those folders are 4 pictures
- w# l9 [4 ~, [9 N6 S  lwe did it.
- H  Y6 U5 M. f" z8 o+ W! q
( n+ G0 |; N! _1 _" f0 k# HLet me know if you want more pictures or any way I can improve the tutorials.
0 d* O; |2 O# I/ G, m* V0 t& W3 V
5 _$ T" s5 D) b  a  S
- {: E1 K- k" `/ `  {& QLast edited by chrrox on Tue Jun 09, 2009 2:33 pm, edited 1 time in total.

aliangcn

要是大大能把QuickBMS的帮助翻译一下就好了[s:89]

herojimmy

cool turotials ,thx!

深绿

应群里朋友之请，翻译了一下这篇教程，不是完全照翻的，后面差不多是自己rewrite了，希望会有帮助
) }$ T, i  b8 S; q——————————————————————————————
建立一个目录C:\\temp来放我们解包出的文件

1，进入C:\\temp文件夹
2，建立一个新文件 astro.bms（QuickBMS解包脚本）
3，把最新版的quickbms也放到这个文件夹
3 [2 l; L6 V7 f0 |
现在，用你的十六进制编辑器打开BoneObject.hsp，来好好观察一下
（图）
* A5 ~# A+ a# ^5 h6 n
. h+ @1 V6 H* S3 M7 o很好，我们看到了一些清楚的文字

2 z/ L1 n- N7 ]- V6 S, t# P你会注意到最开始4个字节20 50 53 48，是空格跟上PSH
( T# D% y( N' y; c9 S$ R9 u看起来就是文件后缀名的反向排列
& s1 B) ?( {5 A0 F/ o
  X2 h2 j. t$ h" |. o这被称为idstring（标识字串）
' L) k8 a* P, y: W: B1 g所以，现在在脚本里写上一句

get IDSTRING long       (将四个字节（long）存为IDSTRING)
: ^) M. j, T# Y# B
% k* q" l5 N8 e4 I6 E& `: J' R0 {- T这没什么错误，不过我们有一条更好的指令
( _' X8 q/ h9 g! ]/ m$ o
5 }- H/ H+ `. t, iidstring " PSH"        

确保你没漏掉引号。

' \) @/ b( [( y3 y, o这条指令更好是因为你可以告诉程序，如果没有在开头找到这个标识符，那么就不要解包这个文件。
! l" \4 H' Y7 ~, ~' Q7 E3 C# w! J
- i/ ^$ }% f6 v3 w之后继续观察文件，我们可以看到
$ P0 i- w! C# m7 I9 y9 @# @1 ?Datas\\Texture\\BoneObject\\npc_nagoya_octopus01_body.dds , Datas\\Texture\\BoneObject\\Toon.bmp , Datas\\Texture\\BoneObject\\Toon_a.bmp , Datas\\Texture\\BoneObject\\Toon_zero.bmp
4 [) O/ f" i, v( S$ N/ C所以我假设有4个文件在这个包里。
( k! a9 n7 W: u% O. T3 P
ok，回到开头标识符，接下来看之后的四个字节，是01 00 00 00，那等于00 00 00 01或者1，文件数量比这要多，所以我们不明白这代表什么

& B# X  E" i# l" w那么我们在脚本里写这么一句

get UNK1 long
! e& T# j! J& J  m! H) D4 ?! `这句指令把4个字节存为变量UNK1
" ?6 a* N; D& g7 e0 S; _
ok，之后四个字节是04 00 00 00，就是00 00 00 04或者4
2 z* u2 _6 ]; i' q0 g; D1 J这就是包里的文件数量，所以我们在脚本里写这么一句：

get FILES long
) [! X) c: O5 \0 a  a4 J1 ]: u5 _这一句把4个字节存为变量FILES

( ~2 d1 A' u% k; L2 m% u之后四个字节是00 00 00 00，嗯，那就代表0
于是我们这么写
6 O7 ^: {$ `* ~* L3 m- @2 M9 W
get NULL1 long
  P% x% L* F' X7 }4 O/ b; k+ H把这四个字节存为变量 NULL1

1 Q3 U& O. q+ Q( d; e好了，现在我们到达了第一个文件的文件名部分
7 i# G$ o' m# @! c0 f; ], d( YDatas\\Texture\\BoneObject\\npc_nagoya_octopus01_body.dds
# f/ x: F# V# S# m5 U9 B. P( ?这个字串的长度是0x36，不过等等，这儿没有一个标示符告诉我们文件名的长度，那么我们该怎么写脚本呢？

5 ?# {* N2 C8 x1 C% _  ]+ x  T' ewell，我们来找找规律
Datas\\Texture\\BoneObject\\npc_nagoya_octopus01_body.dds is 0x36
. A0 [' _4 }% R; iDatas\\Texture\\BoneObject\\Toon.bmp is 0x21
Datas\\Texture\\BoneObject\\Toon_a.bmp is 0x23
+ [- u) q+ H& v8 h' EDatas\\Texture\\BoneObject\\Toon_zero.bmp is 0x26

  n1 p+ P" x$ k. U2 g看起来没什么规律，呵呵

不过我注意到，文件名之后都跟着一大堆的00，那么把文件名加上那些0，长度是多少呢？

Datas\\Texture\\BoneObject\\npc_nagoya_octopus01_body.dds + 0's is 0x80   
Datas\\Texture\\BoneObject\\Toon.bmp + 0's is 0x80
5 C, _- p6 H9 ^# d% Z9 p/ l# cDatas\\Texture\\BoneObject\\Toon_a.bmp + 0's is 0x80
6 H, m. B8 U& f9 ^& X: HDatas\\Texture\\BoneObject\\Toon_zero.bmp + 0's is 0x80
3 i+ X5 R6 D8 T8 D
. B5 q4 I0 i# I: E6 o( T) H7 c嘿，看到了吧，他们的长度都是0x80
) G5 S$ ?" |& ]+ X所以，我们在脚本里这么写
getdstring NAME 0x80

这告诉程序，读取0x80个字节，把他们存到NAME变量里，程序会自动移除后面的那些0

. p( X% p6 g* mok，那么在下一个文件名之前，我们还有0xC字节的数据，这些是三个long型数据
( w, ^, ?/ U) O我们暂时这么写，之后再来搞清楚他们到底是什么意思
" f% K" A9 e$ J2 bget UNK2 long
get UNK3 long
get UNK4 long
6 l" Y  [# M/ L3 z% V, C
那么我们现在又看到了文件名
现在，我们找到了规律，所以按我们之前学到了来写脚本：
0 E+ f/ V9 L5 r: |* @/ W) t* M9 k- J
) q- h: R4 J1 U; J7 _代码:
  n6 V( I# q" O* a3 ]0 M. Tidstring " PSH"
get UNK1 long
  X- c7 f( M3 F* |get FILES long
' F8 h: H4 B& f/ H% E* }% }get NULL1 long
for i = 0 < FILES
& h; c6 z  _+ p9 @" h% Xgetdstring NAME 0x80
get UNK2 long
get UNK3 long
! e0 b1 B4 w: x" y$ n! |* a+ a4 gget UNK4 long
; d+ s7 }0 ]( x% j# [. xclog NAME OFFSET ZSIZE SIZE
next i
% F  v7 b" v  |( P
9 _/ @. S* c8 `( _' ]( `! mok，这看起来可能有一点复杂，不过应该跟第一篇教程差不多，除了我们多加了一个变量ZSIZE，它表示压缩过的文件大小，而SIZE代表没压缩过的文件大小
我们同样将log命令改为clog，表示这是一个压缩过的文件。

现在，我们有了循环，指令来解包，不过先得给这三个变量赋值
7 ?( r2 r$ n9 eOFFSET ZSIZE SIZE

这意味着我们那三个未知变量很有可能代表的就是他们，那么我们怎么知道顺序呢？

好，现在让我们来到这个循环的末尾，定位到最后一个文件的文件名，选择0x8C个字节。
然后之后2个字节是78 9C，这是一个解包器的最好朋友，尤其当你在一个文件的开头看到它时。
( o( y5 T5 D" v78 9C 是标准zlib压缩格式的头部标识

: J# E, R9 S+ q3 k. p* E所以，这意味着我们的第一个文件从偏移0x240开始

3 u7 n2 f4 M5 G之后，我们回到列表里的第一个文件，看看这些未知变量。
: y& a6 U* c* o( \24 72 00 00 代表0x7224
4 |9 m0 [7 U' ?80 00 02 00 代表0x20080
40 02 00 00 代表0x240
$ }& M- q; H( K8 O& N' j! s: l1 b
我想我们至少知道第三个变量0x240代表着偏移量
1 d+ i$ A3 ^8 \/ t那么，更新一下脚本：

代码:
  N. r4 I* y/ nidstring " PSH"
  `. u  I6 L( B( s$ S6 C/ C) f6 W/ Uget UNK1 long
get FILES long
7 S  Y# c# u- k- qget NULL1 long
for i = 0 < FILES
getdstring NAME 0x80
- m" C+ M% v' C: U6 Wget UNK2 long
get UNK3 long
0 a" H( w0 B) j0 g$ U4 |! cget OFFSET long
clog NAME OFFSET ZSIZE SIZE
next i
' Z5 S4 z& l! v: c
! _, p3 q" U: I7 x$ p/ C$ F$ P, o好了，现在还剩下ZSIZE和SIZE
& X. ~6 _1 v0 M# a9 |( D4 f显然，压缩后的文件大小要比原来的要小，那么比较一下这两个变量
  X2 Z( T" }% a6 w4 K/ u0 ~2 C一个是0x7224,一个是0x20080
显然，后者要大，于是我们这么改写脚本：

5 r) M1 |; }- f4 A, \+ [( j$ j, v" x代码:
6 O9 u1 X+ @/ K' M) A6 Z3 I* Qidstring " PSH"
get UNK1 long
get FILES long
" a  k$ x- ^* q4 x5 p" f: P+ cget NULL1 long
- Q) k9 U, [2 u; B) `1 ^0 Pfor i = 0 < FILES
getdstring NAME 0x80
/ r! o6 i! L" w7 d5 Aget ZSIZE long
get SIZE long
, z% H% T6 `5 `. Z0 nget OFFSET long
+ [+ V- h' {, S6 \, K- nclog NAME OFFSET ZSIZE SIZE
7 @, a8 [# W* v( d  T2 _next i
  w' Z1 t4 T; D# H
好了，现在试试我们的代码吧。
打开命令提示符，进入到c:\\temp目录
% w+ M8 O/ H5 M; `$ }
输入 quickbms.exe -l astro.bms BoneObject.hsp
他会列出我们的文件，没有提示任何错误
8 I1 v9 F# f0 R% `好了，现在我们建立一个目录 extract
! j+ i5 g) v8 f* \- q6 g, i输入quickbms.exe astro.bms BoneObject.hsp extract

5 |4 l$ Y! v8 v6 H& x1 P好了，现在我们在目录里有了4张图片，我们完成了。

感谢各位前辈，留爪备查。