ScoreHero
Home | Forum | Wiki
Inbox [ Login ]Inbox [ Login ]
SearchSearch MemberlistMemberlist
ProfileProfile Log inLog in
360 HDR/ARK File Structure (NOT DLC!!!!!)
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8, 9  Next
 
Post new topic   This topic is locked: you cannot edit posts or make replies.    ScoreHero Forum Index -> Software
View previous topic :: View next topic  
Author Message
Uchihazor  
 




Joined: 03 Aug 2007
Posts: 38

PostPosted: Sat Aug 11, 2007 6:04 pm    Post subject: Reply with quote

Ah well. Hope you make some progress if and when you resume work on it. You'll be a legend in the gaming community if you figure it out lol....
Back to top
View user's profile Send private message
angerwound  
 




Joined: 30 Apr 2007
Posts: 10

PostPosted: Sat Aug 11, 2007 7:12 pm    Post subject: Reply with quote

I've looked through the executable in the past. It's a custom rolling XOR with the buffer being initialized with 'BAADBAADBAADBAAD'. Look for this in the disassembly and your in the decryption/encryption routines.

As for requiring keys to create custom DLC. True and False at the same time. The 360 doesn't store the LIVE key used to sign DLC. This is a MS private key. You would need to modify your HV and Kernel to disregard DLC signatures and always accept them as valid since this key is unobtainable (which is how I created the custom 360 DLC). I've got lots of notes on the executable disassembly from a while back I could locate if need be.
Back to top
View user's profile Send private message
Gorby  
 




Joined: 11 Aug 2007
Posts: 171

PostPosted: Sat Aug 11, 2007 9:07 pm    Post subject: Reply with quote

While I would love to get the same functionality as on the ps2, I don't think we will ever crack the hash on the .hdr file, so either we must get it to work with DLC or try inject changes directly into the non-signed .ark as and others I was thinking about.

I don't own a ps2 and I really would love to play some customs on my 360 so I will continue investigate, there must be a way!
Back to top
View user's profile Send private message
tma  
 




Joined: 03 May 2007
Posts: 1414
Location: Australia

PostPosted: Sun Aug 12, 2007 3:08 am    Post subject: Reply with quote

angerwound wrote:
As for requiring keys to create custom DLC. True and False at the same time. The 360 doesn't store the LIVE key used to sign DLC. This is a MS private key. You would need to modify your HV and Kernel to disregard DLC signatures and always accept them as valid since this key is unobtainable (which is how I created the custom 360 DLC). I've got lots of notes on the executable disassembly from a while back I could locate if need be.


From what I've read, packages can be signed with the individual Xbox 360 CPU key and be accepted as valid by the Xbox 360 too. I believe this is how XNA created programs work on the 360.

I wonder if the XNA dev kit can be tricked into making the 360 sign arbitrary data?

Any notes you have would be immensely helpful.
Back to top
View user's profile Wiki User Page Send private message XBL Gamertag: zzUrbanSpaceman
tma  
 




Joined: 03 May 2007
Posts: 1414
Location: Australia

PostPosted: Sun Aug 12, 2007 3:12 am    Post subject: Reply with quote

Burnination wrote:
I have made no progress since my last post due to summer band and work. (ugh).

To Gorby: It may work. You could try, but I'm thinking if it hasnt been done already, it may not be possible. but you never know. o and a .mogg file is the same as a .ogg file I believe. The mogg's in GH have 4 channels(?)


Some have 4, some have 5, some even have 6. Check my analysis above.
Back to top
View user's profile Wiki User Page Send private message XBL Gamertag: zzUrbanSpaceman
Gorby  
 




Joined: 11 Aug 2007
Posts: 171

PostPosted: Sun Aug 12, 2007 6:17 am    Post subject: Reply with quote

Regarding the sound issue, I've noticed my test .ogg files has only one channel and that the original .mogg songs got more than one, that's why I assumed it would crash simply because of that. I'm not sure if the custom songs that need to have the exact same channels as the original they replace or not, guess I could just try and see what happends.

I'm thinking of trying to open a single channel ogg and insert the same channel X more times (to mirror the original song) and try save it as mogg somehow, wonder if that would be possible and work.
Back to top
View user's profile Send private message
foogrrr  
 




Joined: 04 May 2007
Posts: 3

PostPosted: Mon Aug 13, 2007 4:50 pm    Post subject: Reply with quote

angerwound wrote:
I've looked through the executable in the past. It's a custom rolling XOR with the buffer being initialized with 'BAADBAADBAADBAAD'. Look for this in the disassembly and your in the decryption/encryption routines.

As for requiring keys to create custom DLC. True and False at the same time. The 360 doesn't store the LIVE key used to sign DLC. This is a MS private key. You would need to modify your HV and Kernel to disregard DLC signatures and always accept them as valid since this key is unobtainable (which is how I created the custom 360 DLC). I've got lots of notes on the executable disassembly from a while back I could locate if need be.



Hi angerwound, thanks for the contribution.

I would really like an oppurtunity to go through and analyse your dissasembled .XEX for GH2.

Ive noticed over at XBH that they have had success in decrypting more of the .xex's contents using cpu key, xex1 and xex2 keys etc.
Did you use this method to decrypt/disassemble your .xex?

Unfortunetly i dont have access to these keys, as i have an updated kernel


Cheers,
foo
Back to top
View user's profile Send private message
Gorby  
 




Joined: 11 Aug 2007
Posts: 171

PostPosted: Mon Aug 13, 2007 8:30 pm    Post subject: Reply with quote

Ok, I have made a little bit of progress on this...

I did some dirty patching and inserted two custom songs (.ogg + .mid), replacing the original data for "mother" and "billion dollar babies" in the .ark file. After burning and booting it up today It did actually play my custom .ogg when previewing the first song, so it seems it "might" be possible doing it like this! Too bad it hangs while loading the song itself after choosing the difficulty though.

I replaced "mother" with a slightly shorter song and as previously mentioned, it played perfectly in the preview mode/song list. It also loops as it should after a short while. What's interesting here is that I replaced the other song with a really short one, just above 1 minute in lenght. I assumed GH2 would crash as the preview probably would be positioned somewhere after this time (I padded the missing bytes up to the original ogg size with spaces) so when I preview the song it does get silent (because of the spaces), but the game itself does NOT crash. So I can preview the second song (no sound) then continue play non-altered songs as usual. This is great because then we don't need to be so careful about picking songs of a good lenght for the preview to work when replacing if we get the rest of the things sorted out. As long as the custom song isn't bigger (in bytes) than the original one it will either preview it as usual or just be silent but probably not crash and that's nice.

I do have some ideas about the reason for this not working properly and I will continue to try find a solution. It might hang because of the missing channels in the .ogg or because of a mismatch between the mid and ogg that I'm aware of right now. Anyhow, this partial success has made me even more convinced that this is a possible approach.
Back to top
View user's profile Send private message
Drummerguitarist  
 




Joined: 19 Feb 2007
Posts: 317
Location: Drumming. Or Playing GH/RB.

PostPosted: Mon Aug 13, 2007 9:47 pm    Post subject: Reply with quote

I should probably say something about making the OGG files. It is possible to make 4, 5, or 6-channel OGG files. I just did it a couple of minutes ago as an experiment. I'll tell you the instructions so that you can test this out with proper MOGGs, instead of 2-channel ones. This can be all done in Audacity, and isn't as hard as it seems.

What you need to do is:

1. Download Audacity 1.33 Beta and install it, which can be found here: http://audacity.sourceforge.net/download/beta_windows. Don't worry. You can install this alongside the stable version. I am personally not sure if this'll work in the stable version.

2. Open it up, and go to Edit: Preferences (ctrl-p)

3. Under File Formats, change the When exporting tracks option from Always mix all tracks down to Stereo or Mono channel(s) to Use Advanced Mixing Options. Now hit OK. If you don't do this, you won't be able to get past 2 channels for any of your songs. With advanced mixing, you can make whatever you want as far as channels.

4. Import the song of your preference for this (I don't know what's going on behind your computers), and then highlight it.

5. Hit File: Export Selection, and save it wherever you want, as an OGG file. Hit Save.

6. On the screen of Advanced Mixing Options, move the output channel selector to 4, 5, or 6 channels (depending on the song), then map the left and right channel to channels 1-4, 5, or 6. Hit OK.

7. Once saved, re-name the file as needed to .mogg, with the proper filenames. From that point on, you'll have multi-channel ogg files, in proper formatting, and they'll be ready for import. Do whatever you have to do from that point on, on account of I don't have the tools to do this on my 360 without fear of voiding my warranty.

Hope this helps you guys out a bit. And good luck on trying to find a solution to this. I wish I could help out at this, but the PS2 and N64 are the only systems in the house that I don't take warranties/precautions into consideration for. Plus, I don't even own GHII for the 360, anyway, unfortunately. Just Ps2.

-Dg


Last edited by Drummerguitarist on Mon Aug 13, 2007 9:57 pm; edited 1 time in total
Back to top
View user's profile Send private message
tma  
 




Joined: 03 May 2007
Posts: 1414
Location: Australia

PostPosted: Mon Aug 13, 2007 9:56 pm    Post subject: Reply with quote

Gorby wrote:
Ok, I have made a little bit of progress on this...


Heh, you must be "lhyrgoif" on xboxhacker.net.

Did you try replacing the ogg file only, and leaving the original midi? That might isolate the cause of the lock up.

I'd also try swapping in another .mogg file from the game over a different song, leaving the original midi intact, and see if that works (can't see why it wouldn't though) (ie: replace the hanger 18 .mogg with the freya .mogg, see if it still plays).
Back to top
View user's profile Wiki User Page Send private message XBL Gamertag: zzUrbanSpaceman
Gorby  
 




Joined: 11 Aug 2007
Posts: 171

PostPosted: Tue Aug 14, 2007 8:45 am    Post subject: Reply with quote

tma: yes thats me The reason for me posting on both forums is simply to get more people to see whats going on and hopefully make them curious enough to try help us in the research.

I did some more byte replacing yesturday night but I didnt have time to burn it, will do that today after work.

The new tests that will be performed tonight:

1. replace only a mid with a different original mid file
2. replace only an ogg with a different original ogg file
3. replace only a mid with a custom mid file
4. replace only an ogg with a custom ogg file.
5. replace only a mid with a mid from a ps2 song (mostly because I'm curious what happends).
6. Try out a specific change in the mid that I think may be one part of the problem, well see if I'm totally wrong here or not.
7. create my own 5 channel ogg according to instructions above and replace one song with this ogg and another song with this ogg+mid.

I am pretty sure option 1 and 2 will make me able to play the song and I do hope the rest of the tests will end up nice too. Even if the ogg and mid wouldn't match (case 1 & 2) that would be still awesome and a good indication that this is indeed possible.
Back to top
View user's profile Send private message
Gorby  
 




Joined: 11 Aug 2007
Posts: 171

PostPosted: Tue Aug 14, 2007 5:49 pm    Post subject: Reply with quote

Good news, we're halfway done !

I just ran some tests with the new disc I made today...

Test 1: replace only a mid with a different original mid file
Result: Works, mid is changed and it is playable!

Test 2: replace only an ogg with a different original ogg file
Result: Failed, hangs when loading. This shouldn't be any problem so I guess I did some mistake while injecting the mogg. This isn't a problem anyway because of test 7.

Test 3: Made a minor change in a custom mid already injected.
Result: Failed, still hangs when loading.

Test 4: replace only a mid with a mid from a original ps2 song
Result: Works, mid is changed and it is playable!

Test 5: replace only a mid with a custom mid file
Result: Failed, hangs when loading.

Test 6: replace only an ogg with a custom ogg file.
Result: Failed, hangs when loading (this was suspected as the injected ogg only had 2 channels and not 5).

Test 7: create my own 5 channel ogg and inject.
Result: Works! Preview is ok and loops. Played through whole song, it ended as it should, got to score screen and then back to playlist. 100% success replacing with a custom ogg!

To summarize: I have been able to inject a totally custom song (in my case In Flames - Only For The Weak) that previews ok, plays 100% and ends back to playlist when the mid ends without any errors. Also succeeded in replacing a mid with an original mid from the ps2 version (shoutatthedevil.mid).

If I only can get a custom mid to play then custom songs on the 360 is a reality!

I guess next step is to try compare 360/ps2 original mid's with some custom ones and try to see why they aren't working.
Back to top
View user's profile Send private message
Drummerguitarist  
 




Joined: 19 Feb 2007
Posts: 317
Location: Drumming. Or Playing GH/RB.

PostPosted: Tue Aug 14, 2007 9:03 pm    Post subject: Reply with quote

Gorby wrote:
Test 7: create my own 5 channel ogg and inject.
Result: Works! Preview is ok and loops. Played through whole song, it ended as it should, got to score screen and then back to playlist. 100% success replacing with a custom ogg!

To summarize: I have been able to inject a totally custom song (in my case In Flames - Only For The Weak) that previews ok, plays 100% and ends back to playlist when the mid ends without any errors. Also succeeded in replacing a mid with an original mid from the ps2 version (shoutatthedevil.mid).

If I only can get a custom mid to play then custom songs on the 360 is a reality!

I guess next step is to try compare 360/ps2 original mid's with some custom ones and try to see why they aren't working.


Glad to see that my multi-channel OGG trick worked. I am going to make a guess and say that the reason as to why the 2-channel OGG didn't work is because the channel mappings (take a hard look at songs.dtb in Nachyoz' dtb editor, and you'll know what I mean) are searched for in the file. When only 2 channels are found, the game crashes because it cannot find the rest of the channels and doesn't know what to do.

So...I am probably going to assume that there are DTB files or an equivalent to them being used somewhere. That's where the channel mappings are found (at least on the ps2).

But, glad to see that my method is working for you. Even though I don't own the 360 GHII, if we find the answer to customs, then that means we're one step closer to Rock Band/GHIII customs when they come out. So, good luck in your work, Gorby and everyone else.

-Dg
Back to top
View user's profile Send private message
tma  
 




Joined: 03 May 2007
Posts: 1414
Location: Australia

PostPosted: Tue Aug 14, 2007 10:46 pm    Post subject: Reply with quote

Drummerguitarist wrote:
So...I am probably going to assume that there are DTB files or an equivalent to them being used somewhere. That's where the channel mappings are found (at least on the ps2).


If the DLC packs are anything to go by, the 360 songs definitely have DTB files (all the DLC packs so far have DTB files). The problem is extracting them from the ARK without the HDR, given that they don't stand out (no magic string, as such).

Kata reckons he did scan for dtb files through the ARK, but I think it would be worth another visit. The problem is it will need to be essentially brute-forced, however once it's done (once for PAL and once for NTSC, I assume) we shouldn't need to do it again as we'll know the locations.
Back to top
View user's profile Wiki User Page Send private message XBL Gamertag: zzUrbanSpaceman
Gorby  
 




Joined: 11 Aug 2007
Posts: 171

PostPosted: Tue Aug 14, 2007 10:56 pm    Post subject: Reply with quote

I agree that it would be really nice if we somehow could find the DTB files as that would allow us to do fun stuff like edit offsets and set songnames shown in the list.

It's late and I need to go sleep but I've done several new injections into the ark file that I will try out tomorrow. I'm really hopeful that the custom mid's will work this time as I found several bytes that needed to be patched in the mid's for it to possibly work. I hope I have found all the neccesary changes but I can't be sure until tomorrow ofc. Wish me luck!
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.    ScoreHero Forum Index -> Software All times are GMT
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8, 9  Next
Page 3 of 9

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum




Copyright © 2006-2013 ScoreHero, LLC
Terms of Use | Privacy Policy


Powered by phpBB