SD高达G世纪DS的破解研究笔记

于 2020-11-22 17:31:21 发布
阅读量876 收藏
点赞数
分类专栏: 游戏逆向笔记
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/sinat_28494049/article/details/109958630
版权

机体图片:
目前发现一种带调色板的图片类型格式:
开头前八个字节: 00 00 00 00 06 00 00 00
可能作为文件分类的识别码
然后接着两个四字节的入口地址,第一个是图片数据入口地址,第二个入口地址是调色板
0x10开始是一个偏移表
开头四字节是表单元的大小,后面相应数量的四字节表偏移参数单位.
计算方式如下, 0x10 + 4 * (i +1) + offset.
索引到40 00 40 00 01 00 00开头的数据

 RGB555转RGB888   n * 8 * (255 / 248)

表单元:
magic[32+8]

000000e8h: 40 00 40 00 01 00 01 00 00 00 00 00 00 00 00 00 ; @.@.............
000000f8h: 00 00 00 00 00 00 00 00 04 00 00 00 01 00 00 0A ; ................
00000108h: 2A 00 0C 00 0C 00 5C 00 00 40 08 80 00 00 00 00 ; *.....\..@.€....
00000118h: 00 40 28 80 08 00 00 00 00 40 48 80 10 00 00 00 ; .@(€.....@H€....
00000128h: 00 80 00 00 18 00 00 00 10 00 00 00 1A 00 00 00 ; .€..............
00000138h: 10 40 08 40 1B 00 00 00 10 40 28 40 1F 00 00 00 ; .@.@.....@(@....
00000148h: 10 40 48 40 23 00 00 00 00 80 68 00 27 00 00 00 ; .@H@#....€h.'...
00000158h: 10 00 68 00 29 00 00 00 00 80 2A 00             ; ..h.)....€*.

00000164h: 40 00 40 00 01 00 01 00 01 00 00 00 00 00 00 00 ; @.@.............
00000174h: 00 00 00 00 00 00 00 00 04 00 00 00 01 00 00 0A ; ................
00000184h: 2A 00 0C 00 0C 00 5C 00 00 80 00 00 00 00 00 00 ; *.....\..€......
00000194h: 10 00 00 00 02 00 00 00 10 40 08 40 03 00 00 00 ; .........@.@....
000001a4h: 10 40 28 40 07 00 00 00 10 40 48 40 0B 00 00 00 ; .@(@.....@H@....
000001b4h: 00 80 68 00 0F 00 00 00 10 00 68 00 11 00 00 00 ; .€h.......h.....
000001c4h: 00 40 08 80 12 00 00 00 00 40 28 80 1A 00 00 00 ; .@.€.....@(€....
000001d4h: 00 40 48 80 22 00 00 00 18 80 12 00 00 80 18 00 ; .@H€"....€...€..

000001e4h: 40 00 40 00 01 00 01 00 02 00 00 00 00 00 00 00 ; @.@.............
000001f4h: 00 00 00 00 00 00 00 00 04 00 00 00 01 00 00 0A ; ................
00000204h: 2A 00 0C 00 0C 00 5C 00 00 80 00 00 00 00 00 00 ; *.....\..€......
00000214h: 10 00 00 00 02 00 00 00 10 40 08 40 03 00 00 00 ; .........@.@....
00000224h: 10 40 28 40 07 00 00 00 10 40 48 40 0B 00 00 00 ; .@(@.....@H@....
00000234h: 00 80 68 00 0F 00 00 00 10 00 68 00 11 00 00 00 ; .€h.......h.....
00000244h: 00 40 08 80 12 00 00 00 00 40 28 80 1A 00 00 00 ; .@.€.....@(€....
00000254h: 00 40 48 80 22 00 00 00 18 80 12 00 00 80 18 00 ; .@H€"....€...€..


00002bech: 40 00 40 00 01 00 01 00 02 00 00 00 00 00 00 00 ; @.@.............
00002bfch: 00 00 00 00 00 00 00 00 04 00 00 00 01 00 00 0A ; ................
00002c0ch: 2A 00 0C 00 0C 00 5C 00 00 80 00 00 00 00 00 00 ; *.....\..€......
00002c1ch: 10 00 00 00 02 00 00 00 10 40 08 40 03 00 00 00 ; .........@.@....
00002c2ch: 10 40 28 40 07 00 00 00 10 40 48 40 0B 00 00 00 ; .@(@.....@H@....
00002c3ch: 00 80 68 00 0F 00 00 00 10 00 68 00 11 00 00 00 ; .€h.......h.....
00002c4ch: 00 40 08 80 12 00 00 00 00 40 28 80 1A 00 00 00 ; .@.€.....@(€....
00002c5ch: 00 40 48 80 22 00 00 00 18 80 12 00 00 80 02 00 ; .@H€"....€...€..
00002c6ch: 34 00 F8 00 04 80 02 00 36 00 F9 80 09 00 C0 00 ; 4.?.€..6.鶂..?
00002c7ch: 41 00 12 80 02 00 02 01 43 00 16 80 02 00 01 00 ; A..€....C..€....

00002c8ch: 40 00 40 00 01 00 01 00 03 00 00 00 00 00 00 00 ; @.@.............
00002c9ch: 00 00 00 00 00 00 00 00 04 00 00 00 01 00 00 0A ; ................
00002cach: 2A 00 0C 00 0C 00 5C 00 00 80 00 00 00 00 00 00 ; *.....\..€......
00002cbch: 10 00 00 00 02 00 00 00 10 40 08 40 03 00 00 00 ; .........@.@....
00002ccch: 10 40 28 40 07 00 00 00 10 40 48 40 0B 00 00 00 ; .@(@.....@H@....
00002cdch: 00 80 68 00 0F 00 00 00 10 00 68 00 11 00 00 00 ; .€h.......h.....
00002cech: 00 40 08 80 12 00 00 00 00 40 28 80 1A 00 00 00 ; .@.€.....@(€....
00002cfch: 00 40 48 80 22 00 00 00 18 80 12 00 00 80 02 00 ; .@H€"....€...€..
00002d0ch: 34 00 F8 00 04 80 02 00 36 00 F9 80 09 00 C0 00 ; 4.?.€..6.鶂..?
00002d1ch: 41 00 12 80 02 00 02 01 43 00 16 80 02 00 01 00 ; A..€....C..€....

42d.bin是系统图标,含调色板

一种图标文件格式,系统图标
[0:1] 开头 0a 00
[2] 复制数字数 如0x1e, 表单元数据大小为0x1e * sizeof(int16)
[3] 表单元个数
[4:5] 固定是10 00, 固定0x10入口,表
[6:7] 表大小 u16
[8:9] 图片入口 u16
[a:b] 图片大小,图片入口开始计算
[c:f]  固定是00 00 00 00

[x,y] =>图片入口+ x*64, y

00 20 01 20 02 20 03 20 04 20 05 20 06 20 07 20 08 20 09 20 0A 20 0B 20 0C 20 0D 20 0E 20

00 28 01 28 0F 20 10 20 11 20 12 20 13 20 14 20 08 28 15 20 16 20 17 20 18 20 19 20 0E 28

arm9.bin含有机体图标和部分图标,可能有字库
找到窄体字库 8x16 0x137ef6 - 0x148496 vb 2bpp ‭0x105A0‬大小数据 2093个内容,除开前三个空格,共2090个字符 
模拟器 0x08137ef6下断点尝试  0x907cb 0xe1a0a00a

序幕:设置[06406180..06406200]!断点
对话:设置[06406400..06406480]!断点
 020A36B4 - 020A36C0处理文字,从r0地址dword读取到R2, 将R2内容dword存储到R1地址,处理完跳转02000849

Archer阿茶
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值