解密.png和.jpg文件 [英] Decryption of .png and .jpg files
问题描述
我正在尝试修改我正在使用的软件的图形资产(为了美学心理学,我想很难对图形资产进行有害的处理),但开发人员加密了它们。我不知道为什么他决定这样做,因为我使用和修改了一些类似的软件和开发人员没有打扰(因为我看不出为什么加密这些资产是必要的)。
I'm trying to modify graphic assets of the software I'm using (for aesthetic puroposess, I guess it's hard to do something harmful with graphic assets) but developer encrypted them. I'm not sure why he decided to do that since I used and modified a bunch of similar softwares and developers of those didn't bother (as I can see no reason why encrypting those assets would be necessary).
所以无论如何,这里是这些加密图形资产的示例:
So anyway here are examples of those encrypted graphic assets:
http://www.mediafire.com/view/sx2yc0w5wkr9m2h/avatars_50-alpha.jpg
http://www.mediafire.com/download/i4fc52438hkp55l/avatars_80.png
是否有解密方式?如果是这样,我该怎么办?
Is there a way of decrypting those? If so how should I go about this?
推荐答案
标题CF10似乎是一个秘密添加的签名,表示其余的文件是编码的。这是一个非常简单的XOR编码: xor 8Dh
是我尝试的第一个值,我也是第一次。在第一个值为 8D
的尝试背后的原因在前100个字节中非常频繁地出现,通常可能很多零。
The header "CF10" seems to be a privately added signature to signify the rest of the file is "encoded". This is a very simple XOR encoding: xor 8Dh
was the first value I tried, and I got it right first time too. The reasoning behind trying that as the first value is that the value 8D
occurs very frequently in the first 100 bytes-or-so, where they typically could be lots of zeroes.
解密因此非常简单:如果一个文件以四个字节开始,则$ CF codeF $ >,删除它们,并在文件的其余部分应用 xor 8Dh
。解码文件显示第一个JPG实际上是一个小PNG图像(而不是一个非常有趣的一个引导),第二个确实是一个PNG文件:
"Decrypting" is thus very straightforward: if a file starts with the four bytes CF10
, remove them and apply xor 8Dh
on the rest of the file. Decoding the files show the first "JPG" is in fact a tiny PNG image (and not a very interesting one to boot), the second is indeed a PNG file:
文件扩展名可能会也可能不会成为原始文件扩展名;实际上,一个名为.jpg的示例实际上也是一个PNG文件,可以通过它的标题签名来看到。
The file extension may or may not be the original file extension; the one sample called ".jpg" is in fact also a PNG file, as can be seen by its header signature.
以下快速和脏的C源将图像。因为 xor
操作完全相同,所以可以将相同的程序调整为编码。只需要添加一些逻辑流程:
The following quick-and-dirty C source will decode the images. The same program can be adjusted to encode them as well, because the xor
operation is exactly the same. The only thing needed is add a bit of logic flow:
- 读取输入文件的前4个字节(最大),并测试是否形成字符串
CF10
- 如果没有,则该文件不进行编码:
a。将CF10
写入输出文件
b。通过在每个字节 - 上应用
xor 8Dh
对图像进行编码,如果是,
b。通过在每个字节上应用xor 8Dh
来解码图像。
- read the first 4 bytes (maximum) of the input file and test if this forms the string
CF10
- if not, the file is not encoded:
a. writeCF10
to the output file
b. encode the image by applyingxor 8Dh
on each byte - if so,
b. decode the image by applyingxor 8Dh
on each byte.
看到没有3a,两个b步都是一样的。
As you can see, there is no "3a" and both "b" steps are the same.
#include <stdio.h>
#include <string.h>
#ifndef MAX_PATH
#define MAX_PATH 256
#endif
#define INPUTPATH "c:\\documents"
#define OUTPUTPATH ""
int main (int argc, char **argv)
{
FILE *inp, *outp;
int i, encode_flag = 0;
char filename_buffer[MAX_PATH];
char sig[] = "CF10", *ptr;
if (argc != 3)
{
printf ("usage: decode [input] [output]\n");
return -1;
}
filename_buffer[0] = 0;
if (!strchr(argv[1], '/') && !strchr(argv[1], 92) && !strchr(argv[1], ':'))
strcpy (filename_buffer, INPUTPATH);
strcat (filename_buffer, argv[1]);
inp = fopen (filename_buffer, "rb");
if (inp == NULL)
{
printf ("bad input file '%s'\n", filename_buffer);
return -2;
}
ptr = sig;
while (*ptr)
{
i = fgetc (inp);
if (*ptr != i)
{
encode_flag = 1;
break;
}
ptr++;
}
if (encode_flag)
{
/* rewind file because we already read some bytes */
fseek (inp, 0, SEEK_SET);
printf ("encoding input file: '%s'\n", filename_buffer);
} else
printf ("decoding input file: '%s'\n", filename_buffer);
filename_buffer[0] = 0;
if (!strchr(argv[2], '/') && !strchr(argv[2], 92) && !strchr(argv[2], ':'))
strcpy (filename_buffer, OUTPUTPATH);
strcat (filename_buffer, argv[2]);
outp = fopen (filename_buffer, "wb");
if (outp == NULL)
{
printf ("bad output file '%s'\n", filename_buffer);
return -2;
}
printf ("output file: '%s'\n", filename_buffer);
if (encode_flag)
fwrite (sig, 1, 4, outp);
do
{
i = fgetc(inp);
if (i != EOF)
fputc (i ^ 0x8d, outp);
} while (i != EOF);
fclose (inp);
fclose (outp);
printf ("all done. bye bye\n");
return 0;
}
这篇关于解密.png和.jpg文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!