Nudge me in the right direction..? by wolupgm6 at 1:06 AM EDT on June 29, 2010
Alright, here's the situation. Megadeth's album "Rust In Peace" has been released for Rockband DLC. I managed to track down the DLC update online, but I have no intention of using it with Rockband. I merely wish to decrypt the moggs (multi-track ogg files) within it. After many hours of sampling around with numerous programs such as Arktools and RawkSD, I still have nothing. And then I stumbled upon something online. Someone had one of the vocal tracks. It had no distortion or such (from which you'd expect from a center-panned audio isolation method), and sounded exactly like the original. As far as things are considered, this means that it was taken from the mogg. Google has failed me, so I ask the elite here to help nudge me in the right direction, or to try the decryption process themselves. Link to the DLC update torrent will be provided, but due to legal reasons, only upon request.
Hmm. Thats about it. Hope I didnt forget anything, and thanks in advance.
The following search term in google will bring up the DLC update. Dont know if that'll help anyone or not, and didnt want to directly link to it, just in case.
the encryption you speak of is very complex & such only one person has managed to unscramble it "publicly" that is. there are at the moment 6 different encryptions.
"0A" is the decrypted version from any of the below
Format 01 - 0B (Rock Band / DLC) Format 02 - 0C (Rock Band / DLC) Format 03 - 0D (Rock Band / DLC) Format 04 - 0E (Rock Band / DLC) Format 05 - 0F (Rock Band / Network / Lego / DLC) Format 06 - 10 (Rock Band Beatles)
The "0A/0B..." is the first two bytes of the ".mogg" file so if you ever want to know which encryption they contain, just open them in any hex editor & check the first two bytes.
At the time of Rock Band 2 when they introduced a new encryption, they also scrambled up the file once decrypted so not only do you need the correct key, but you also need to work out how it rearranges the file into it's original form even after being decrypted with the key.
Probably not very helpful information but i've followed the rhythm game's for awhile so i know what i'm talking about, i ain't techy or anything but trust me, i've tried my fair share at this one too & it ain't happening anytime soon i'm afraid.
If anyone has any pointers, i'd be very grateful too & if you have any questions regarding particular parts of this game, let me know, i've studied it for a long time :)
The "rust in peace" track is type 0E. I tried some modifications to SongCrypt (which I finally found here) to handle what I thought was the issue, but I've had no luck.
If someone wants to send me binaries I could take a look, though I doubt I'll have much luck as I'm sure better minds than mine have been at it.
one mogg for each of the encrypted revisions, & ArkTool v6.1 With Source.rar, & ArkTool v7.0
@hcs, when you say you didn't have much luck, could it possibly be down to the scrambling rather than the key? the songcrypt from arktool 6.1 doesn't handle any type of the scrambling, only the version for arktool 7.0 but there's no source provided for that :(
Very interesting, I'll see if I can: a) port the descrambling from v7 into the v6.1 source we have (for 0C only) b) figure out what needs to be changed for 0E
I noticed that the actual decryption function will accept 0D as well as 0C, but it does the same thing. The initial check for file type, however, only accepts 0C. Also, the 0D file you sent (closer.mogg) was actually an 0C so I don't have a way to check that one.
edited 2:17 PM EDT September 4, 2010
Hmm, this whole thing is kind of a mess. I do see where the key calculation comes from, and the other three types. This is something that 0C and up do in addition to the scrambling, which I haven't pinned down in the xex yet. There's a table loaded in SongCrypt that doesn't seem to come directly from the code, so it may be something that was captured from RAM or precalculated. And there's a whole lot of confusing hardcoded gyrations after that. Gonna rest on this a bit.
my bad, i must have checked the other's & assumed that was "0D" without checking it, although it's been driving me mad for the past hour trying to find one with "0D", i can't see one that exists...
I checked the DLC & going by the release schedule at http://en.wikipedia.org/wiki/Complete_list_of_downloadable_songs_for_the_Rock_Band_series
i checked loads of them but it would appear "0E" begins from the song "Space Truckin'" (Dec. 30, 2008) & the last file with "0C" is a week before "DOA" (Dec. 23, 2008) & i checked the RB2 Disc for the 360 too, & there all "0C" so for some reason "0D" doesn't actually exist which is strange, i wonder if they did have "0D" planned but because it may have been too similar to "0C" they scrapped it & went straight to "0D" instead & may have even more structures added to it, hmm, definitely keep us informed if you notice anything, i never ever noticed there was no "0D" ever!
balls by balls at 10:12 PM EDT on September 17, 2010