Reverse Engineering Asked on April 5, 2021
I’ve been trying to google any information about how can i create a viewer for some custom file formats.
In my case I’ve extracted multiple .tbl
files from game sources. This file contains a database table. From what I was able to google, I was able to extract file header. I have tried some tbl-viewers but they say file is corrupted, so i assume that custom encryption presents here.
First Bytes of file 1:
00000000 46 54 41 42 4c 45 00 00 00 00 10 00 21 00 00 00
00000010 03 00 00 00 2c 00 00 00 b0 00 00 00 b4 00 00 00
00000020 10 00 00 00 c4 02 00 00 00 00 00 00 01 00 00 00
00000030 02 00 00 00 03 00 00 00 04 00 00 00 05 00 00 00
First Bytes of file 2:
00000000 46 54 41 42 4c 45 00 00 00 00 10 00 22 00 00 00
00000010 15 00 00 00 2c 00 00 00 b4 00 00 00 ca 00 00 00
00000020 58 00 00 00 7a 0c 00 00 00 00 00 00 01 00 00 00
00000030 02 00 00 00 03 00 00 00 04 00 00 00 06 00 00 00
So in this case first 12 bytes seem to be the file header
46 54 41 42 4c 45 00 00 00 00 10 00
which stand for FTABLE......
And this is where i am stuck at. I didnt find information on what to do next to achieve my goal
This format looks like little endian 32bit ints starting at Byte 12.
The data shows low entropy so it's unlikely to be encrypted, as well as having consistent 0 valued MSB's in consistent positions across both messages.
Answered by pythonpython on April 5, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP