老外发布了一篇通用解包器制作工具QuickBMS的图文教程,想学制作解包器的朋友可以仔细看看。 其实不是太难的。 w; }7 m" F' ^0 C2 z f, ~( Q
6 A0 v: p& v% o2 P, E
原文 8 J2 I. l! b, o* u
http://forum.xentax.com/viewtopi ... 0&sk=t&sd=a
# E1 R0 o. Y' B6 _% Q* {( `2 \5 w
I am going to make a tutorial for using quickbms for extracting archives that are no extractors for.
/ I1 p' z& T, q5 C" }# x7 [I am going to start off easy then add more and more difficult archives so you can learn and write your own scripts.
" b: T. [# ~4 D# O; ithe tools you need are just 4 things.
5 C6 Z- n. `) b- O1. A HEX editor I use HxD 6 S7 Y ~! h8 y: H( e
2.Quick BMS http://aluigi.org/papers/quickbms.zip
* U. ]% }) a( F, k: \3. a text editor like wordpad 5 I+ O$ F2 F4 M6 ^1 G) G
4. a calculator that supports hex like the one built into windows. - ?% q0 ^4 y d8 g
We will start with a game called FEZ (Fantasy Earth Zero) + O, X! S1 U8 J J- ]5 B ^
this is a great archive format for someone to learn bms scripting from.
% N2 W& J( E2 {0 z hI attached a sample. - [6 W1 |, T6 s! G$ I* k9 a' {
website http://tw.fez.gamania.com/ 2 W, E; x7 o% O# M. X3 Y
installer http://tw.dl.gamania.com/fez/FEZ_1103.exe
4 r/ g# q2 w$ E6 wthis game uses textures with wrong headers mainly dds and some tga and some kind of .mdl format.
( p& A# S/ _( z' C5 h" Q3 {& |! Q9 D# _5 r6 s2 y U& h
ok so you can download the full installer or this sample pac file here 4 d3 B9 G$ b) R2 h! _' r
http://www.MegaShare.com/1029061
, G5 F! k& K, K O- C' w; m: ~8 i5 ook so open the file up in your hex editor so you see what I have open here
) W' J: r8 h; M6 K+ H; ] ' K. Q0 h% X F7 W; g! q2 @
( U+ \" }+ c' L4 Y; W1 j# P
9 `2 O$ {# T y2 f5 A2 Xso if you look to the right you will notice some readable text
: r4 C" A6 b7 L% H& b4 yEtc\aura.tex , Etc\cursor.tex , Etc\mahoujin.tex , Etc\env2.tex , and Etc\kaze.tex . / [5 T6 s# C# i" Q6 W
so just looking with out eyes we now know that there are at least 5 files in this bin file and after we extract them they will be placed in a folder called Etc.
1 F8 |, M* l$ X$ W2 cso lets start looking at the other parts of the header in this file we will start with the first 4 bytes
" p7 ]% b! q8 V n7 S5 Q b) f; c3 `8 \0 E; J0 i6 f* ?1 F) q
well we have 05 00 00 00
8 M. G* k# e" g$ J1 J# q% K" b& f8 ^whenever you are working with archives for computer games 99% of the time you read the values in reverse so the above number
/ R. J, X( Y( t' E$ vwould not be 5,000,000 but instead would be read as 00 00 00 05 or 5 * B# q6 H4 |" D: S- z+ ]4 [
Well if we remember from earlier we saw 5 file names and our first 4 bytes of our file are equal to 5 so there is a good chance we just discovered where the file count is stored in this archive.
7 N% D5 I0 q0 V6 p9 C8 J( r# `data is stored in groups of 4 bytes " a long" 2 bytes " a short" or 1 byte "a byte" so we have our first part of our script
4 c7 U b* i+ i9 fget FILES long
; T$ u g- `) O; _& v' Cthis tells quickbms to read a long value "aka 4 bytes" and store it as the variable FILES. ) z; o |6 U1 z, L1 N
ok the next 4 bytes 74 00 00 00 are not needed in order for quickbms to extract our files but it represents the total size of our header. , H2 i& @+ i$ `% \" ^0 C' _
3 t! a0 X+ r0 l5 E
so I will write the next line of code for quickbms 8 I' m8 [' E7 H- \3 d! Y
get HEADERSZ long
6 g: L C, l" qthis stores the header size in the variable HEADERSZ
& f# K, e6 X) m9 n/ L; \ok now we have 2 more bytes before the file name 7 _5 S% Q$ q8 v6 [
so that is 0C 00 well 2 bytes is know as a short. but what does 00 0C stand for? 7 n/ p3 n9 `1 ^1 x, B) h( w3 q6 m- [
if we highlight the whole name of the file in out hex editor it shows us a length of C
5 J- `- M% O* ^& U" I8 kwe found the name length so we would write that as
& g+ z5 ?& v8 G5 V7 }/ [get NSIZE short
5 l( y4 s( ~) E0 n" a& b6 u Z3 X1 S$ }this stores the 2 bytes in the variable NSIZE representing the length of the name 6 y; `! H! Y! E6 M" F
/ j2 q- U0 X* m, ^+ h2 W6 y
well next comes the name so to store that as a word in bms language we will write the next line
2 y. f; r2 h4 @! x* F& k) K0 Pgetdstring NAME NSIZE
; Q: b6 [" g) @8 w2 ~% p( |this is saying store a string "aka a word" in the variable NAME and its length is equal to the variable NSIZE. 7 B' n, a/ n0 ^8 m6 e3 [
ok now we have another 4 bytes after the name 7C 00 00 00
1 `& L1 k9 y, b8 P8 }well we already know the name of the file so now to extract the file we need to know its size and location in the archive.
9 W d+ N( @0 S; |7C is not a very big number for the size of the file to lets see what happens if we go to offset 7C ' i I3 G9 X7 J, U0 O
in HxD press ctrl +E and type in 7c for the start and end then click ok. Y+ l0 a2 O7 f, c% R
$ K; S6 W) T: O n: ~
you should look like this after clicking ok 8 D* [$ f4 d4 g
8 x5 a! ?8 Q, {+ k" J' ehmm this looks good it looks like a file header IMG0 so we will write out line saying that is the start of the file
% K; O; q' Y. Y2 r! y3 M: kget OFFSET long ! C5 X; S! h/ S2 M. S! Q) ^# B
this stores the 4 bytes as the variable OFFSET : _5 c( u; z$ D; i/ Q- z/ \
ok the next 4 bytes are 70 10 00 00 well that looks bigger so lets see if that is the size of out file so it will translate into 00 00 10 70 or 1070
3 x& C7 h2 m, `+ |- T/ Mso lets go to our offset 7C and then we will add in the length column 1070
# [1 ^; }8 {( @/ ?6 v( F! y" S L . E4 B& C y" ?- g7 W: g) c
wow look at that I see TRUEVISION-XFILE that is a classic tga ending and we also end just before IMG0 which was the start of our first file R# ]. g, z, _9 S: z6 {
$ i" J! W7 M/ yso that means we found our size 5 r# @8 ^7 X: A8 d1 \5 t
we write that as 1 @1 L! y# x' H; D& L7 t8 L
get SIZE long
5 W; k: u, D) y! Xthis stores the 4 bytes in the variable SIZE
0 z. C9 u4 e( R+ W% Dok now we have 2 bytes then the next file name hmm that seems familiar 1 M% K9 r$ r' d& \
lets see 0E 00so that means it translates into 00 0E or E
, R9 d1 A4 U* v3 L% \$ Xwell the last 2 bytes we had before a name was the name size lets see if it still holds true
5 Z# ~9 l" R- [+ B7 B1 j ' n# u5 K* m- ^6 s' l- E8 ]! I+ L
it does the name length is E ) q: P# \6 T; X. g( l
so that means we found where the pattern in the header repeats and we identified all that we need to extract the files so now we can finish our script and our extractor. % k; ]- P' L5 U" P$ c$ T
whenever the pattern starts you want to begin a loop so it will keep cycling through it until there are no files left. the easiest way to write that is. 1 q1 u- h1 ]; c: H' i
for i = 0 < FILES
O* ]/ ^5 B. W( l* R3 |# G/ f. Q; ]this means run the following commands until i = 0 and set i = FILES 3 x% ]$ X2 ]9 I+ A3 n
so we will put that before our NSIZE variable because that is where the pattern starts.
3 {" y% X1 K3 G; g1 |, l1 O& g L( jnext you want it to write out the file and we do that with the log command in the following format
1 D. D1 S$ Z$ S( y Plog NAME OFFSET SIZE $ E' t; G) G# D
this says write the file name and fill it with the data starting at the variable OFFSET and a length of SIZE.
0 W9 H+ S' o S X+ B+ Qnow this is great but we want it to keep repeating the loop till there are no more files so we must add
6 y8 N! H9 b& ]next i # b; N( l5 q' i! D+ e
at the end so the loop continues.
" |/ g. ^- ^. Rok so now save the file we created as extract.bms
# ]: c( E, O( w- v) i' |$ U7 Oand put Etc.pac extract.bms and quickbms.exe all in the same folder for wthis demo we will say c:\temp ' `; N/ U. R: y; u; L
so now at the command prompt change to that directory and type
0 |# N+ P3 u# q& P! a- T0 Dquickbms.exe -l extract.bms Etc.pac . ! w1 z# u. u2 T
this will list the the file contents and size or give you an error if your script is not correct. / D5 l/ }+ H2 X2 r% A% B3 T" f
Yay it worked / o9 i) V {- c! ?1 {7 i; k8 ^
! h8 y4 D8 A" z/ ^: vnow lets try extracting them create a folder in c:\temp called extracted
; o* Y5 v$ g t- D0 Vnow type the command 7 V9 @8 A' Z% d _
quickbms.exe extract.bms Etc.pac extracted & N1 T+ f4 _, Q7 O, u# }8 I
yes it worked now they are in the filder and extracted. 1 p$ x7 X5 U" i7 h0 X1 u9 D% i
$ @2 { s; i- j+ e u/ O+ _4 `. k
# L8 j. l8 ?& I7 ~
Code: * ?2 Y* v u' M: [! p" o
get FILES long
4 f- n I7 d8 n% H( [. r6 w- Lget HEADERSZ long
. r# R. R$ X }$ ofor i = 0 < FILES
/ c1 f# l M/ i$ _5 P% C N! Xget NSIZE short , |6 f4 {% A. ^$ v
getdstring NAME NSIZE
6 ^+ U* c7 C6 D+ H% X0 ~3 h) Jget OFFSET long / \; m/ k7 ~1 _! A# S2 w
get SIZE long
! ~- D; v% w2 h/ U z
0 ~3 C' O( x+ O8 Glog NAME OFFSET SIZE ( ]: y0 m( f6 e% w0 C
next i ! ]7 j& g& s9 B& s8 u/ V4 q. T
) P& t8 l5 I% L
Let me know what you think of this tutorial and if you want me to continue on with more examples and more compex scripts. |
[复制链接]
发表于 2009-6-9 11:37
![【1125号】幽魂小说:伯顿旅店ChinaAVG汉化版[627MB]](data/attachment/forum/202411/01/014909jvnn6d65a37653vv.jpg)
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
发表于 2015-1-26 15:53
