Information pending...

[Tejahn]

Wrong information. Give me a second...

[Tejahn]

Wrong information. Give me a second...

[thefiremind]

The title on the second post really made me curious... the fact is that they don't seem compatible...

• DATA_CORE.WAD (2014): http://i.imgur.com/r8i1Kc4.png
  12 bytes of unintelligible header + intelligible WAD_HEADER + 4 unintelligible bytes + intelligible list of contents
• DATA_000.ZED: http://i.imgur.com/X9YHMBz.png
  Totally unintelligible
• MOVIES_000.ZED: http://i.imgur.com/U8zPSuk.png
  Intelligible FILES header + intelligible WAD_HEADER

[Xander9009]

Is anyone working on this? Does anyone know if Rick is still planning to look into it?

[thefiremind]

Is anyone working on this? Does anyone know if Rick is still planning to look into it?

Rick wrote this on 16th July:

I will probably take a look at 2015 once I have a copy, which will probably be sometime next month, as I have no plans to get it immediately.

It seems that the "probabilities" have been against us. Of course I don't blame him, if he's not interested into it then it's natural that he doesn't look into it.

I would be glad to give it a try myself, but, as I wrote in the DotP2015 announce topic, I don't even know where to start... for example, are there well-known standard encryption methods among which it would be very likely to find the one used in the ZED file? If so, what are they and how do we test them? Do we need to crack some sort of key, too? The fact that 3DM managed to extract the cards makes me think it's not a task where very difficult guesses are required (such as brute-forcing a lengthy key), only knowledge about how to approach the problem is needed.

[Xander9009]

Yeah, if he doesn't want to, then I wouldn't hold it against him. I'm just not sure if he does (and since he's the only one of us really capable as far as I know, I can least hope he still plans to lol).

I don't think it would be necessary to try and guess anything, really. Cheat Engine or any other debugging utility can show us the code of the game itself. The trick, I think, is finding where it calls the file from the hard drive and what calls it uses to make that file usable. Unfortunately, I'm unfamiliar with assembly code. However, a good debugger should be able to tell exactly when the game crashes when there are no zed files (because it does). It should be able to point us at the section of code that was running, giving us a jumping off point. From there, just trace the calls made when there ARE zed files until you find where it splits into two for encrypted vs unencrypted files.

Easier said than done, though, as I have very little clue as to what I'm looking at when I see the assembly code.

[Tejahn]

I haven't really looked into 2015 for some time because I've been updating Kieran's mod with pics and info but I do remember seeing something about 'IBM' related to the .ZED file password. I'll actually talk to a few fellow programmers when I return to work and see what we can dig up. Kieran's been back state-side since August 18th but he's only been giving me advice concerning cards. I know we're both waiting for CivBE and I suspect that'll occupy my time for a bit so I really need to look into 2015. Is there no one available to communicate with the team that cracked 2015 on the Cantonese site?

[Xander9009]

I didn't know there was a Cantonese group. I sent a message to a member of the 3DM forums, but since I don't speak or read Chinese, and the user, who was the only one who seemed likely be able to point me int he right direction, had already been inactive for quite awhile, I wasn't very surprised that I never got a response (the user still hasn't been active, and I lack the permissions to create posts).

As for the rest of your post, that's awesome. If you manage any headway, be sure to let us know. I'm sure most of us are eagerly awaiting the chance to really get started.

[thefiremind]

Just to let everyone know, I tried to ask for help on the Magic 2015 topic in the cs.rin.ru forums as a last resort. Maybe someone will share some information, maybe I'll be ignored, or maybe they'll virtually throw stones at me... but I had to try.

[Xander9009]

Just to let everyone know, I tried to ask for help on the Magic 2015 topic in the cs.rin.ru forums as a last resort. Maybe someone will share some information, maybe I'll be ignored, or maybe they'll virtually throw stones at me... but I had to try.

Hopefully you have more luck than I did. I tried something similar on the 3dm forums but never got a response.

[spirolone]

Just to let everyone know, I tried to ask for help on the Magic 2015 topic in the cs.rin.ru forums as a last resort. Maybe someone will share some information, maybe I'll be ignored, or maybe they'll virtually throw stones at me... but I had to try.

I saw your post in that forum and I wish someone could give you some infos. I think that CODEX group know how to decrypt Zed Data file cause they release a version of update1 of the game of about 18 MB instead of about 800 MB; normally it's possible if you correct only changed parts in files but Zed Data file in encrypted form is totally different!
Maybe we can try to ask in Revolt forum too, maybe Voksi_Bulgarian knows something but I'm still waiting that he replies to me about releasing of a SteamWorks Fix for Expansion of Magic 2015...

[NeoAnderson]

I was wondering if is possible to use a brute force attack to decrypt the DATA_000.ZED file.
I see that both MOVIES_000.ZED and AUDIO_000.ZED start with the same Hex values :

Code: Select all

3C 46 69 6C 65 73 3E 0D 0A 09 3C 46 69 6C 65 20 4E 61 6D 65 3D 22

Corresponding to :

Code: Select all

<Files>   <File Name="

Now if we could agree that also DATA_000.ZED should start with the same values we could :
use some kind of decryption algorythms based on "Known-plaintext" attack, this means that they try to decrypt an encrypted text starting from a know plain text.
There is also some good tools that could be use for this purpose as like CryptTool (Cryptool download site)
Someone think that we could have some results with this approach?

[Xander9009]

I was wondering if is possible to use a brute force attack to decrypt the DATA_000.ZED file.
I see that both MOVIES_000.ZED and AUDIO_000.ZED start with the same Hex values :

Code: Select all

3C 46 69 6C 65 73 3E 0D 0A 09 3C 46 69 6C 65 20 4E 61 6D 65 3D 22

Corresponding to :

Code: Select all

<Files>   <File Name="

Now if we could agree that also DATA_000.ZED should start with the same values we could :
use some kind of decryption algorythms based on "Known-plaintext" attack, this means that they try to decrypt an encrypted text starting from a know plain text.
There is also some good tools that could be use for this purpose as like CryptTool (Cryptool download site)
Someone think that we could have some results with this approach?

This is the first brute-force approach that I've seen which might have any chance of success. It's still unlikely, because the file is so large that it might very well require simply too much computational power to brute-force crack it. However, the new expansion is also encrypted, right? It should be much smaller but it should use the same encryption... Worth a shot.

[NeoAnderson]

This is the first brute-force approach that I've seen which might have any chance of success. It's still unlikely, because the file is so large that it might very well require simply too much computational power to brute-force crack it. However, the new expansion is also encrypted, right? It should be much smaller but it should use the same encryption... Worth a shot.

Cryptool should allow to us to use a short parts of the file to apply the brute force. We could copy just the first 6000 characters to apply the decryption..but i honestly don't know if it could work, i never use decrytpion algorythms i think the starting point could be AES 128 bit...

[Xander9009]

This is the first brute-force approach that I've seen which might have any chance of success. It's still unlikely, because the file is so large that it might very well require simply too much computational power to brute-force crack it. However, the new expansion is also encrypted, right? It should be much smaller but it should use the same encryption... Worth a shot.

Cryptool should allow to us to use a short parts of the file to apply the brute force. We could copy just the first 6000 characters to apply the decryption..but i honestly don't know if it could work, i never use decryption algorithms i think the starting point could be AES 128 bit...

I don't know enough about encryption to know we could just cut it down. I over-complicate everything I do, so if I were to make an encryption algorithm, it wouldn't be able to be decrypted unless the entire file was present and uncorrupted.