解密.png和.jpg文件 [英] Decryption of .png and .jpg files

问题描述

我正在尝试修改我正在使用的软件的图形资产（为了美学心理学，我想很难对图形资产进行有害的处理），但开发人员加密了它们。我不知道为什么他决定这样做，因为我使用和修改了一些类似的软件和开发人员没有打扰（因为我看不出为什么加密这些资产是必要的）。

I'm trying to modify graphic assets of the software I'm using (for aesthetic puroposess, I guess it's hard to do something harmful with graphic assets) but developer encrypted them. I'm not sure why he decided to do that since I used and modified a bunch of similar softwares and developers of those didn't bother (as I can see no reason why encrypting those assets would be necessary).

所以无论如何，这里是这些加密图形资产的示例：

So anyway here are examples of those encrypted graphic assets:

http://www.mediafire.com/view/sx2yc0w5wkr9m2h/avatars_50-alpha.jpg
http://www.mediafire.com/download/i4fc52438hkp55l/avatars_80.png

是否有解密方式？如果是这样，我该怎么办？

Is there a way of decrypting those? If so how should I go about this?

推荐答案

标题CF10似乎是一个秘密添加的签名，表示其余的文件是编码的。这是一个非常简单的XOR编码： xor 8Dh 是我尝试的第一个值，我也是第一次。在第一个值为 8D 的尝试背后的原因在前100个字节中非常频繁地出现，通常可能很多零。

The header "CF10" seems to be a privately added signature to signify the rest of the file is "encoded". This is a very simple XOR encoding: xor 8Dh was the first value I tried, and I got it right first time too. The reasoning behind trying that as the first value is that the value 8D occurs very frequently in the first 100 bytes-or-so, where they typically could be lots of zeroes.

解密因此非常简单：如果一个文件以四个字节开始，则$ CF codeF $ >，删除它们，并在文件的其余部分应用 xor 8Dh 。解码文件显示第一个JPG实际上是一个小PNG图像（而不是一个非常有趣的一个引导），第二个确实是一个PNG文件：

"Decrypting" is thus very straightforward: if a file starts with the four bytes CF10, remove them and apply xor 8Dh on the rest of the file. Decoding the files show the first "JPG" is in fact a tiny PNG image (and not a very interesting one to boot), the second is indeed a PNG file:

文件扩展名可能会也可能不会成为原始文件扩展名;实际上，一个名为.jpg的示例实际上也是一个PNG文件，可以通过它的标题签名来看到。

The file extension may or may not be the original file extension; the one sample called ".jpg" is in fact also a PNG file, as can be seen by its header signature.

以下快速和脏的C源将图像。因为 xor 操作完全相同，所以可以将相同的程序调整为编码。只需要添加一些逻辑流程：

The following quick-and-dirty C source will decode the images. The same program can be adjusted to encode them as well, because the xor operation is exactly the same. The only thing needed is add a bit of logic flow:

1. 读取输入文件的前4个字节（最大），并测试是否形成字符串 CF10


2. 如果没有，则该文件不进行编码：
   
   a。将 CF10 写入输出文件
   
   b。通过在每个字节


3. 上应用 xor 8Dh 对图像进行编码，如果是，
   
   b。通过在每个字节上应用 xor 8Dh 来解码图像。

1. read the first 4 bytes (maximum) of the input file and test if this forms the string CF10
2. if not, the file is not encoded:
   a. write CF10 to the output file
   b. encode the image by applying xor 8Dh on each byte
3. if so,
   b. decode the image by applying xor 8Dh on each byte.

看到没有3a，两个b步都是一样的。

As you can see, there is no "3a" and both "b" steps are the same.

#include <stdio.h>
#include <string.h>

#ifndef MAX_PATH
    #define MAX_PATH    256
#endif

#define INPUTPATH "c:\\documents"
#define OUTPUTPATH ""

int main (int argc, char **argv)
{
    FILE *inp, *outp;
    int i, encode_flag = 0;
    char filename_buffer[MAX_PATH];
    char sig[] = "CF10", *ptr;

    if (argc != 3)
    {
        printf ("usage: decode [input] [output]\n");
        return -1;
    }

    filename_buffer[0] = 0;
    if (!strchr(argv[1], '/') && !strchr(argv[1], 92) && !strchr(argv[1], ':'))
        strcpy (filename_buffer, INPUTPATH);
    strcat (filename_buffer, argv[1]);

    inp = fopen (filename_buffer, "rb");
    if (inp == NULL)
    {
        printf ("bad input file '%s'\n", filename_buffer);
        return -2;
    }
    ptr = sig;
    while (*ptr)
    {
        i = fgetc (inp);
        if (*ptr != i)
        {
            encode_flag = 1;
            break;
        }
        ptr++;
    }
    if (encode_flag)
    {
        /* rewind file because we already read some bytes */
        fseek (inp, 0, SEEK_SET);
        printf ("encoding input file: '%s'\n", filename_buffer);
    } else
        printf ("decoding input file: '%s'\n", filename_buffer);

    filename_buffer[0] = 0;
    if (!strchr(argv[2], '/') && !strchr(argv[2], 92) && !strchr(argv[2], ':'))
        strcpy (filename_buffer, OUTPUTPATH);
    strcat (filename_buffer, argv[2]);

    outp = fopen (filename_buffer, "wb");
    if (outp == NULL)
    {
        printf ("bad output file '%s'\n", filename_buffer);
        return -2;
    }
    printf ("output file: '%s'\n", filename_buffer);

    if (encode_flag)
        fwrite (sig, 1, 4, outp);
    do
    {
        i = fgetc(inp);
        if (i != EOF)
            fputc (i ^ 0x8d, outp);
    } while (i != EOF);
    fclose (inp);
    fclose (outp);
    printf ("all done. bye bye\n");
    return 0;
}

这篇关于解密.png和.jpg文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！