Added update.roku extractor, moved some common AES functions.

This commit is contained in:
theubusu
2025-10-30 22:04:59 +01:00
parent 45a13f2695
commit 92affac092
12 changed files with 276 additions and 80 deletions
Generated
+89
View File
@@ -111,6 +111,12 @@ dependencies = [
"syn", "syn",
] ]
[[package]]
name = "bitflags"
version = "2.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "812e12b5285cc515a9c72a5c1d3b6d46a19dac5acfef5265968c166106e31dd3"
[[package]] [[package]]
name = "block-buffer" name = "block-buffer"
version = "0.10.4" version = "0.10.4"
@@ -308,6 +314,28 @@ version = "1.15.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719" checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719"
[[package]]
name = "errno"
version = "0.3.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "39cab71617ae0d63f51a36d69f866391735b51691dbda63cf6f96d042b63efeb"
dependencies = [
"libc",
"windows-sys",
]
[[package]]
name = "filetime"
version = "0.2.26"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bc0505cd1b6fa6580283f6bdf70a73fcf4aba1184038c90902b92b3dd0df63ed"
dependencies = [
"cfg-if",
"libc",
"libredox",
"windows-sys",
]
[[package]] [[package]]
name = "find-msvc-tools" name = "find-msvc-tools"
version = "0.1.1" version = "0.1.1"
@@ -394,6 +422,23 @@ version = "0.2.15"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f9fbbcab51052fe104eb5e5d351cf728d30a5be1fe14d9be8a3b097481fb97de" checksum = "f9fbbcab51052fe104eb5e5d351cf728d30a5be1fe14d9be8a3b097481fb97de"
[[package]]
name = "libredox"
version = "0.1.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "416f7e718bdb06000964960ffa43b4335ad4012ae8b99060261aa4a8088d5ccb"
dependencies = [
"bitflags",
"libc",
"redox_syscall",
]
[[package]]
name = "linux-raw-sys"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "df1d3c3b53da64cf5760482273a98e575c651a67eec7f77df96b5b642de8f039"
[[package]] [[package]]
name = "lz4" name = "lz4"
version = "1.28.1" version = "1.28.1"
@@ -583,6 +628,15 @@ dependencies = [
"getrandom", "getrandom",
] ]
[[package]]
name = "redox_syscall"
version = "0.5.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ed2bf2547551a7053d6fdfafda3f938979645c44812fbfcda098faae3f1a362d"
dependencies = [
"bitflags",
]
[[package]] [[package]]
name = "rsa" name = "rsa"
version = "0.9.8" version = "0.9.8"
@@ -603,6 +657,19 @@ dependencies = [
"zeroize", "zeroize",
] ]
[[package]]
name = "rustix"
version = "1.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cd15f8a2c5551a84d56efdc1cd049089e409ac19a3072d5037a17fd70719ff3e"
dependencies = [
"bitflags",
"errno",
"libc",
"linux-raw-sys",
"windows-sys",
]
[[package]] [[package]]
name = "sha1" name = "sha1"
version = "0.10.6" version = "0.10.6"
@@ -675,6 +742,17 @@ dependencies = [
"unicode-ident", "unicode-ident",
] ]
[[package]]
name = "tar"
version = "0.4.44"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1d863878d212c87a19c1a610eb53bb01fe12951c0501cf5a0d65f724914a667a"
dependencies = [
"filetime",
"libc",
"xattr",
]
[[package]] [[package]]
name = "typenum" name = "typenum"
version = "1.18.0" version = "1.18.0"
@@ -703,6 +781,7 @@ dependencies = [
"md5", "md5",
"rsa", "rsa",
"sha1", "sha1",
"tar",
] ]
[[package]] [[package]]
@@ -803,6 +882,16 @@ version = "0.53.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486" checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486"
[[package]]
name = "xattr"
version = "1.6.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "32e45ad4206f6d2479085147f02bc2ef834ac85886624a23575ae137c8aa8156"
dependencies = [
"libc",
"rustix",
]
[[package]] [[package]]
name = "zerocopy" name = "zerocopy"
version = "0.8.27" version = "0.8.27"
+1 -1
View File
@@ -15,5 +15,5 @@ flate2 = "1.0"
rsa = { version = "0.9", features = ["hazmat"] } rsa = { version = "0.9", features = ["hazmat"] }
hex = "0.4" hex = "0.4"
ecb = "0.1" ecb = "0.1"
tar = "0.4.44"
binrw = "0.15" binrw = "0.15"
+1
View File
@@ -7,6 +7,7 @@ pub mod novatek;
pub mod ruf; pub mod ruf;
pub mod invincible_image; pub mod invincible_image;
pub mod slp; pub mod slp;
pub mod roku;
pub mod pup; pub mod pup;
+2 -15
View File
@@ -2,10 +2,8 @@ use std::path::{Path};
use std::fs::{self, File, OpenOptions}; use std::fs::{self, File, OpenOptions};
use std::io::{Write, Read, Seek, SeekFrom, Cursor}; use std::io::{Write, Read, Seek, SeekFrom, Cursor};
use binrw::{BinRead, BinReaderExt}; use binrw::{BinRead, BinReaderExt};
use aes::Aes128;
use cbc::{Decryptor, cipher::{block_padding::NoPadding, BlockDecryptMut, KeyIvInit}};
type Aes128CbcDec = Decryptor<Aes128>;
use crate::utils::aes::{decrypt_aes128_cbc_nopad};
use crate::common; use crate::common;
#[derive(BinRead)] #[derive(BinRead)]
@@ -67,17 +65,6 @@ pub fn is_invincible_image_file(file: &File) -> bool {
} }
} }
fn decrypt_aes_nopad(encrypted_data: &[u8], key: &[u8; 16], iv: &[u8; 16]) -> Result<Vec<u8>, Box<dyn std::error::Error>> {
let mut data = encrypted_data.to_vec();
let decryptor = Aes128CbcDec::new(key.into(), iv.into());
let decrypted = decryptor
.decrypt_padded_mut::<NoPadding>(&mut data)
.map_err(|e| format!("UnpadError: {:?}", e))?;
Ok(decrypted.to_vec())
}
pub fn extract_invincible_image(mut file: &File, output_folder: &str) -> Result<(), Box<dyn std::error::Error>> { pub fn extract_invincible_image(mut file: &File, output_folder: &str) -> Result<(), Box<dyn std::error::Error>> {
let header: Header = file.read_le()?; let header: Header = file.read_le()?;
@@ -116,7 +103,7 @@ pub fn extract_invincible_image(mut file: &File, output_folder: &str) -> Result<
let iv = b"\xe3\x9f\x36\x39\x56\x9a\x6b\x8d\x3f\x2e\xc9\x44\xd9\xbc\xec\x43"; let iv = b"\xe3\x9f\x36\x39\x56\x9a\x6b\x8d\x3f\x2e\xc9\x44\xd9\xbc\xec\x43";
println!("\nDecrypting data..."); println!("\nDecrypting data...");
let decrypted_data = decrypt_aes_nopad(&encrypted_data, &key, &iv)?; let decrypted_data = decrypt_aes128_cbc_nopad(&encrypted_data, &key, &iv)?;
let mut data_reader = Cursor::new(decrypted_data); let mut data_reader = Cursor::new(decrypted_data);
+6 -20
View File
@@ -1,12 +1,10 @@
use std::path::Path; use std::path::Path;
use std::fs::{self, File, OpenOptions}; use std::fs::{self, File, OpenOptions};
use std::io::{Write, Cursor, Seek}; use std::io::{Write, Cursor, Seek};
use aes::Aes128;
use cbc::{Decryptor, cipher::{block_padding::NoPadding, BlockDecryptMut, KeyIvInit}};
use binrw::{BinRead, BinReaderExt}; use binrw::{BinRead, BinReaderExt};
use crate::common; use crate::common;
use crate::utils::aes::{decrypt_aes128_cbc_nopad};
#[derive(BinRead)] #[derive(BinRead)]
struct Header { struct Header {
@@ -51,13 +49,13 @@ static HEADER_IV: [u8; 16] = [0x00; 16];
pub fn is_mtk_pkg_file(file: &File) -> bool { pub fn is_mtk_pkg_file(file: &File) -> bool {
let mut encrypted_header = common::read_file(&file, 0, 144).expect("Failed to read from file."); let mut encrypted_header = common::read_file(&file, 0, 144).expect("Failed to read from file.");
let mut header = decrypt_aes_nopad(&encrypted_header, &HEADER_KEY, &HEADER_IV).expect("Decryption error!"); let mut header = decrypt_aes128_cbc_nopad(&encrypted_header, &HEADER_KEY, &HEADER_IV).expect("Decryption error!");
if &header[4..12] == b"#DH@FiRm" { if &header[4..12] == b"#DH@FiRm" {
true true
} else { } else {
// try for philips which has additional 128 bytes at beginning // try for philips which has additional 128 bytes at beginning
encrypted_header = common::read_file(&file, 128, 144).expect("Failed to read from file."); encrypted_header = common::read_file(&file, 128, 144).expect("Failed to read from file.");
header = decrypt_aes_nopad(&encrypted_header, &HEADER_KEY, &HEADER_IV).expect("Decryption error!"); header = decrypt_aes128_cbc_nopad(&encrypted_header, &HEADER_KEY, &HEADER_IV).expect("Decryption error!");
if &header[4..12] == b"#DH@FiRm" { if &header[4..12] == b"#DH@FiRm" {
true true
} else { } else {
@@ -67,21 +65,9 @@ pub fn is_mtk_pkg_file(file: &File) -> bool {
} }
} }
type Aes128CbcDec = Decryptor<Aes128>;
fn decrypt_aes_nopad(encrypted_data: &[u8], key: &[u8; 16], iv: &[u8; 16]) -> Result<Vec<u8>, Box<dyn std::error::Error>> {
let mut data = encrypted_data.to_vec();
let decryptor = Aes128CbcDec::new(key.into(), iv.into());
let decrypted = decryptor
.decrypt_padded_mut::<NoPadding>(&mut data)
.map_err(|e| format!("UnpadError: {:?}", e))?;
Ok(decrypted.to_vec())
}
pub fn extract_mtk_pkg(mut file: &File, output_folder: &str) -> Result<(), Box<dyn std::error::Error>> { pub fn extract_mtk_pkg(mut file: &File, output_folder: &str) -> Result<(), Box<dyn std::error::Error>> {
let encrypted_header = common::read_exact(&mut file, 144)?; let encrypted_header = common::read_exact(&mut file, 144)?;
let header = decrypt_aes_nopad(&encrypted_header, &HEADER_KEY, &HEADER_IV)?; let header = decrypt_aes128_cbc_nopad(&encrypted_header, &HEADER_KEY, &HEADER_IV)?;
let mut hdr_reader = Cursor::new(header); let mut hdr_reader = Cursor::new(header);
let hdr: Header = hdr_reader.read_le()?; let hdr: Header = hdr_reader.read_le()?;
@@ -107,11 +93,11 @@ pub fn extract_mtk_pkg(mut file: &File, output_folder: &str) -> Result<(), Box<d
} }
let crypted_header = &data[..48]; let crypted_header = &data[..48];
let try_decrypt = decrypt_aes_nopad(&crypted_header, &key, &HEADER_IV)?; let try_decrypt = decrypt_aes128_cbc_nopad(&crypted_header, &key, &HEADER_IV)?;
if try_decrypt.starts_with(b"reserved mtk inc") { if try_decrypt.starts_with(b"reserved mtk inc") {
println!("- Decrypting with 4xVendor magic..."); println!("- Decrypting with 4xVendor magic...");
out_data = decrypt_aes_nopad(&data[..data.len() & !15], &key, &HEADER_IV)?; out_data = decrypt_aes128_cbc_nopad(&data[..data.len() & !15], &key, &HEADER_IV)?;
} else { } else {
println!("- Failed to decrypt data!"); println!("- Failed to decrypt data!");
continue continue
+139
View File
@@ -0,0 +1,139 @@
use std::fs::{self, File, OpenOptions};
use std::path::Path;
use std::io::{Write, Seek, Read, Cursor};
use tar::Archive;
use binrw::{BinRead, BinReaderExt};
use crate::common;
use crate::utils::aes::{decrypt_aes128_cbc_nopad, decrypt_aes128_cbc_pcks7};
static FILE_KEY: [u8; 16] = [
0x2A, 0x54, 0xA5, 0x30, 0xE0, 0x09, 0xA3, 0xDC,
0x03, 0xFB, 0xC3, 0x5E, 0x23, 0xA2, 0xC1, 0x0D,
];
static FILE_IV: [u8; 16] = [0x00; 16];
#[derive(BinRead)]
struct ImageHeader {
#[br(count = 8)] _empty: Vec<u8>,
#[br(count = 8)] _magic_bytes: Vec<u8>, //imgARMcC
#[br(count = 4)] _target_bytes: Vec<u8>,
#[br(count = 4)] _platform_id: Vec<u8>,
image_type: u32,
size1: u32,
_size2: u32,
data_start_offset: u32,
_data_link_address: u32,
_data_entry_point_offset: u32,
flags: u32,
_timestamp: u32,
#[br(count = 4)] _build_host: Vec<u8>,
#[br(count = 4)] _unk: Vec<u8>,
#[br(count = 192)] _rest_of_header: Vec<u8>,
}
impl ImageHeader {
fn is_encrypted(&self) -> bool {
self.flags == 0x80
}
fn type_string(&self) -> &str {
if self.image_type == 0xa {
return "initfs"
} else if self.image_type == 0x18 {
return "uImage"
} else if self.image_type == 0x3 {
return "loader"
} else if self.image_type == 0xd {
return "app_cramfs"
} else if self.image_type == 0x6 {
return "Customization Package"
} else if self.image_type == 0xe {
return "firmware_blob"
} else {
return "unknown"
}
}
}
pub fn is_roku_file(file: &File) -> bool {
let header = common::read_file(&file, 0, 32).expect("Failed to read from file.");
let try_decrypt_header = decrypt_aes128_cbc_nopad(&header, &FILE_KEY, &FILE_IV).expect("Decryption error!");
if try_decrypt_header.starts_with(b"manifest\x00\x00\x00\x00\x00\x00\x00\x00") {
true
} else {
false
}
}
pub fn extract_roku(mut file: &File, output_folder: &str) -> Result<(), Box<dyn std::error::Error>> {
let mut encrypted_data = Vec::new();
file.read_to_end(&mut encrypted_data)?;
println!("\nDecrypting...\n");
let tar_data = decrypt_aes128_cbc_pcks7(&encrypted_data, &FILE_KEY, &FILE_IV)?;
let tar_reader = Cursor::new(tar_data);
let mut tar_archive = Archive::new(tar_reader);
for entry_result in tar_archive.entries_with_seek()? {
let mut entry = entry_result?;
let path = entry.path()?.to_path_buf();
if path == std::path::Path::new("manifest") {
let size = entry.header().size()? as usize;
let mut contents = Vec::new();
entry.read_to_end(&mut contents)?;
let text = String::from_utf8_lossy(&contents[..size - 256]); //dont display signature
println!("Manifest file:\n{}", text);
} else {
let mut contents = Vec::new();
entry.read_to_end(&mut contents)?; //entry cant seek
if contents.starts_with(b"\x00\x00\x00\x00\x00\x00\x00\x00imgARMcC") {
println!("\nImage file: {:?}:", path);
let size = entry.header().size()? as usize;
let mut image_reader = Cursor::new(contents);
let mut i = 1;
while image_reader.stream_position()? < size as u64 {
let image: ImageHeader = image_reader.read_le()?;
println!("\nImage {} - Type: {:x}({}), Size: {}, Flags: {:x}{}, Data offset: {}",
i ,image.image_type, image.type_string(), image.size1, image.flags, if image.is_encrypted(){"(Encrypted)"}else{" "}, image.data_start_offset);
let data =
if image.data_start_offset == 0 {
common::read_exact(&mut image_reader, image.size1 as usize - 256)?
} else {
let _extra_data = common::read_exact(&mut image_reader, image.data_start_offset as usize - 256)?;
common::read_exact(&mut image_reader, image.size1 as usize - image.data_start_offset as usize)?
};
let folder_path = Path::new(&output_folder).join(&path);
let output_path = Path::new(&folder_path).join(format!("{}_{}.bin", i, image.type_string()));
fs::create_dir_all(&folder_path)?;
let mut out_file = OpenOptions::new().write(true).create(true).open(output_path)?;
out_file.write_all(&data)?;
println!("- Saved file!");
i += 1;
}
} else {
println!("\nOther/Unknown file: {:?}", path);
let output_path = Path::new(&output_folder).join(&path);
fs::create_dir_all(&output_folder)?;
let mut out_file = OpenOptions::new().write(true).create(true).open(output_path)?;
out_file.write_all(&contents)?;
println!("- Saved file!");
}
}
}
println!("\nExtraction finished!");
Ok(())
}
+2 -13
View File
@@ -2,12 +2,10 @@ use std::path::{Path};
use std::fs::{self, File, OpenOptions}; use std::fs::{self, File, OpenOptions};
use binrw::{BinRead, BinReaderExt}; use binrw::{BinRead, BinReaderExt};
use std::io::{Write, Seek, SeekFrom, Cursor}; use std::io::{Write, Seek, SeekFrom, Cursor};
use aes::Aes128;
use cbc::{Decryptor, cipher::{block_padding::Pkcs7, BlockDecryptMut, KeyIvInit}};
type Aes128CbcDec = Decryptor<Aes128>;
use crate::common; use crate::common;
use crate::keys; use crate::keys;
use crate::utils::aes::{decrypt_aes128_cbc_pcks7};
#[derive(BinRead)] #[derive(BinRead)]
struct RufHeader { struct RufHeader {
@@ -80,15 +78,6 @@ pub fn is_ruf_file(file: &File) -> bool {
} }
} }
fn decrypt(encrypted_data: &[u8], key: &[u8; 16], iv: &[u8; 16]) -> Result<Vec<u8>, Box<dyn std::error::Error>> {
let mut data = encrypted_data.to_vec();
let decryptor = Aes128CbcDec::new(key.into(), iv.into());
let decrypted = decryptor.decrypt_padded_mut::<Pkcs7>(&mut data)
.map_err(|e| format!("!!Decryption error!!: {:?}", e))?;
Ok(decrypted.to_vec())
}
pub fn extract_ruf(mut file: &File, output_folder: &str) -> Result<(), Box<dyn std::error::Error>> { pub fn extract_ruf(mut file: &File, output_folder: &str) -> Result<(), Box<dyn std::error::Error>> {
let header: RufHeader = file.read_be()?; let header: RufHeader = file.read_be()?;
if header.is_dual_ruf() { if header.is_dual_ruf() {
@@ -157,7 +146,7 @@ fn actually_extract_ruf(mut file: &File, output_folder: &str, start_offset: u64)
file.seek(SeekFrom::Start(start_offset + 2048))?; file.seek(SeekFrom::Start(start_offset + 2048))?;
let encrypted_data = common::read_exact(&mut file, header.data_size as usize)?; let encrypted_data = common::read_exact(&mut file, header.data_size as usize)?;
println!("Decrypting data..."); println!("Decrypting data...");
let decrypted_data = decrypt(&encrypted_data, &key_bytes, &iv_bytes)?; let decrypted_data = decrypt_aes128_cbc_pcks7(&encrypted_data, &key_bytes, &iv_bytes)?;
let mut data_reader = Cursor::new(decrypted_data); let mut data_reader = Cursor::new(decrypted_data);
+2 -14
View File
@@ -2,15 +2,12 @@ use std::fs;
use std::path::{Path, PathBuf}; use std::path::{Path, PathBuf};
use std::fs::{File, OpenOptions}; use std::fs::{File, OpenOptions};
use std::io::{Write}; use std::io::{Write};
use aes::Aes128;
use hex::decode; use hex::decode;
use cbc::{Decryptor, cipher::{block_padding::Pkcs7, BlockDecryptMut, KeyIvInit}};
use sha1::{Digest, Sha1}; use sha1::{Digest, Sha1};
type Aes128CbcDec = Decryptor<Aes128>;
use crate::common; use crate::common;
use crate::keys; use crate::keys;
use crate::utils::aes::{decrypt_aes128_cbc_pcks7};
use md5; use md5;
@@ -22,15 +19,6 @@ pub fn is_samsung_old_dir(path: &PathBuf) -> bool {
} }
} }
fn decrypt_aes(encrypted_data: &[u8], key: &[u8; 16], iv: &[u8; 16]) -> Result<Vec<u8>, Box<dyn std::error::Error>> {
let mut data = encrypted_data.to_vec();
let decryptor = Aes128CbcDec::new(key.into(), iv.into());
let decrypted = decryptor.decrypt_padded_mut::<Pkcs7>(&mut data)
.map_err(|e| format!("!!Decryption error!!: {:?}", e))?;
Ok(decrypted.to_vec())
}
fn decrypt_xor(data: &[u8], key: &str) -> Vec<u8> { fn decrypt_xor(data: &[u8], key: &str) -> Vec<u8> {
let key_bytes = key.as_bytes(); let key_bytes = key.as_bytes();
data.iter() data.iter()
@@ -120,7 +108,7 @@ pub fn extract_samsung_old(path: &PathBuf, output_folder: &str) -> Result<(), Bo
//println!("IV: {:02x?}", iv_md5); //println!("IV: {:02x?}", iv_md5);
let end = file_size - 260; let end = file_size - 260;
println!("- Decrypting file..."); println!("- Decrypting file...");
let decrypted_data = decrypt_aes(&data[16..end.try_into().unwrap()], &key_md5, &iv_md5)?; let decrypted_data = decrypt_aes128_cbc_pcks7(&data[16..end.try_into().unwrap()], &key_md5, &iv_md5)?;
println!("-- DeXORing file..."); println!("-- DeXORing file...");
let xor_key = fw_info.split_whitespace().next().unwrap(); let xor_key = fw_info.split_whitespace().next().unwrap();
+3 -16
View File
@@ -1,14 +1,10 @@
use std::path::{Path, PathBuf}; use std::path::{Path, PathBuf};
use std::fs::{self, File, OpenOptions}; use std::fs::{self, File, OpenOptions};
use std::io::{self, Read, Seek, SeekFrom, Write}; use std::io::{self, Read, Seek, SeekFrom, Write};
use aes::Aes128;
use flate2::read::ZlibDecoder; use flate2::read::ZlibDecoder;
use cbc::{Decryptor, cipher::{block_padding::Pkcs7, BlockDecryptMut, KeyIvInit}};
type Aes128CbcDec = Decryptor<Aes128>;
use crate::common; use crate::common;
use crate::utils::aes::{decrypt_aes128_cbc_pcks7};
pub fn is_sddl_sec_file(file: &File) -> bool { pub fn is_sddl_sec_file(file: &File) -> bool {
let header = common::read_file(&file, 0, 8).expect("Failed to read from file."); let header = common::read_file(&file, 0, 8).expect("Failed to read from file.");
@@ -19,15 +15,6 @@ pub fn is_sddl_sec_file(file: &File) -> bool {
} }
} }
fn decrypt(encrypted_data: &[u8], key: &[u8; 16], iv: &[u8; 16]) -> Result<Vec<u8>, Box<dyn std::error::Error>> {
let mut data = encrypted_data.to_vec();
let decryptor = Aes128CbcDec::new(key.into(), iv.into());
let decrypted = decryptor.decrypt_padded_mut::<Pkcs7>(&mut data)
.map_err(|e| format!("!!Decryption error!!: {:?}", e))?;
Ok(decrypted.to_vec())
}
//ported from original from https://nese.team/posts/justctf/ //ported from original from https://nese.team/posts/justctf/
fn decipher(s: &[u8], len_: usize) -> Vec<u8> { fn decipher(s: &[u8], len_: usize) -> Vec<u8> {
let mut v3: u32 = 904; let mut v3: u32 = 904;
@@ -97,7 +84,7 @@ pub fn extract_sddl_sec(file: &File, output_folder: &str) -> Result<(), Box<dyn
let header = common::read_file(&file, offset, 32)?; let header = common::read_file(&file, offset, 32)?;
let decrypted_header: Vec<u8>; let decrypted_header: Vec<u8>;
match decrypt(&header, &key, &iv) { match decrypt_aes128_cbc_pcks7(&header, &key, &iv) {
Ok(v) => decrypted_header = v, Ok(v) => decrypted_header = v,
Err(_) => { Err(_) => {
// SDDL files can have a footer(signature?) of 0x80 OR 0x100 lenght in later ones, and there is no good way to detect it before entering the while loop and the footer has no common header. // SDDL files can have a footer(signature?) of 0x80 OR 0x100 lenght in later ones, and there is no good way to detect it before entering the while loop and the footer has no common header.
@@ -124,7 +111,7 @@ pub fn extract_sddl_sec(file: &File, output_folder: &str) -> Result<(), Box<dyn
offset += 32; offset += 32;
let data = common::read_file(&file, offset, size.try_into().unwrap())?; let data = common::read_file(&file, offset, size.try_into().unwrap())?;
let decrypted_data = decrypt(&data, &key, &iv)?; let decrypted_data = decrypt_aes128_cbc_pcks7(&data, &key, &iv)?;
if decrypted_data.starts_with(&[0x11, 0x22, 0x33, 0x44]) && filename != "SDIT.FDI"{ // header of obfuscated file, SDIT.FDI also has this header but seems to work differently so its skipped if decrypted_data.starts_with(&[0x11, 0x22, 0x33, 0x44]) && filename != "SDIT.FDI"{ // header of obfuscated file, SDIT.FDI also has this header but seems to work differently so its skipped
+6 -1
View File
@@ -1,6 +1,7 @@
mod common; mod common;
mod formats; mod formats;
mod keys; mod keys;
mod utils;
use clap::Parser; use clap::Parser;
use std::path::{PathBuf}; use std::path::{PathBuf};
@@ -105,7 +106,11 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
else if formats::pup::is_pup_file(&file) { else if formats::pup::is_pup_file(&file) {
println!("PUP file detected!"); println!("PUP file detected!");
formats::pup::extract_pup(&file, &output_path)?; formats::pup::extract_pup(&file, &output_path)?;
} }
else if formats::roku::is_roku_file(&file) {
println!("Roku file detected!");
formats::roku::extract_roku(&file, &output_path)?;
}
else if formats::mtk_pkg::is_mtk_pkg_file(&file) { else if formats::mtk_pkg::is_mtk_pkg_file(&file) {
println!("MTK Pkg file detected!"); println!("MTK Pkg file detected!");
formats::mtk_pkg::extract_mtk_pkg(&file, &output_path)?; formats::mtk_pkg::extract_mtk_pkg(&file, &output_path)?;
+1
View File
@@ -0,0 +1 @@
pub mod aes;
+24
View File
@@ -0,0 +1,24 @@
use aes::Aes128;
use cbc::{Decryptor, cipher::{block_padding::Pkcs7, block_padding::NoPadding, BlockDecryptMut, KeyIvInit}};
type Aes128CbcDec = Decryptor<Aes128>;
pub fn decrypt_aes128_cbc_pcks7(encrypted_data: &[u8], key: &[u8; 16], iv: &[u8; 16]) -> Result<Vec<u8>, Box<dyn std::error::Error>> {
let mut data = encrypted_data.to_vec();
let decryptor = Aes128CbcDec::new(key.into(), iv.into());
let decrypted = decryptor.decrypt_padded_mut::<Pkcs7>(&mut data)
.map_err(|e| format!("!!Decryption error!!: {:?}", e))?;
Ok(decrypted.to_vec())
}
pub fn decrypt_aes128_cbc_nopad(encrypted_data: &[u8], key: &[u8; 16], iv: &[u8; 16]) -> Result<Vec<u8>, Box<dyn std::error::Error>> {
let mut data = encrypted_data.to_vec();
let decryptor = Aes128CbcDec::new(key.into(), iv.into());
let decrypted = decryptor
.decrypt_padded_mut::<NoPadding>(&mut data)
.map_err(|e| format!("UnpadError: {:?}", e))?;
Ok(decrypted.to_vec())
}