Halo 3 Retail Game Research

[Patrickssj6]

The terminology gave me seizures...seriously...why do things the easy way if there is a more complicated way of doing them in the first place?

Except, we need German terminology...then you guys can go to hell. Because then I'll take and extract die Unkomprimiertenmetadateieneinheiten and inject them up your ass.

[LuxuriousMeat]

The Wikimedia software looks better.

Like this?

[Tural]

Indubitably.

[shade45]

The Wikimedia software looks better.

Like this?

Awsome

[-DeToX-]

Prey your Ident stuff should look like this:

Reading tag info(Ident is a int, you read a int16, and do the following to it):

Code: Select all

                    metaList[i].Ident = map.endianIO.ReadInt16();
                    metaList[i].Ident <<= 16;
                    metaList[i].Ident |= i;

Idents in tag meta layout:
TagClass(Length 4), Quad of 0's(length , Int32 of the ID(Length 4).

That will rid of your unk2 at the end...

[ZekeTZ]

How can I get involved with the development. I have no idea what any of this stuff stands for =[

[Prey]

reflexive = tag block


ill get back to you with more later once i have time to sit and think

Yea I know that one.. thought of anymore?.. Korn disappeared..

Like this?

Um, well you can update that if you want.. I'm just going to keep this first post updated here.

Prey your Ident stuff should look like this:

Reading tag info(Ident is a int, you read a int16, and do the following to it):
[...]

Idents in tag meta layout:
TagClass(Length 4), Quad of 0's(length , Int32 of the ID(Length 4).

That will rid of your unk2 at the end...

Nice.. added...

How can I get involved with the development. I have no idea what any of this stuff means =[

Learn about hexadecimal.. learn about game dev.. learn C# and C++... and don't post any more such questions here, it just derails the topic further..

[shade45]

The unknown is actually the index that the tag is located at in the tag table so shifting the bytes isn't really necessary. Using the index to find the tag name is allot faster than scanning the whole table to find the matching tag ident

[Supermodder911]

*Updates his code*
Faster ftw

[-DeToX-]

Well it does take a bit longer(0.12 seconds?), I don't know. I showed korn my scanning code before and he told me to use the int method.

[Burnination]

I have started research on the halo3 xex file.

Interesting findings:
I have found the location and table of all of the achievement PNG files. I have extracted some and am working on how to read the XITB file format ( the table 'file') . I know, not so much useful as it is just cool.

A search for strings reveals a reference to rsa_manifest.bin file. Not sure how to find this file as of yet, but I'm pretty sure it is the rsa public key for the maps.

Currently, I am waiting for a XEX loader for IDA. Hopefully that will come through soon.

More to come later.

[{TP}Spartan]

how did u guys get the maps?

[Ragdoll]

how did u guys get the maps?

They used an XSATA.

[Supermodder911]

I have started research on the halo3 xex file.

Interesting findings:
I have found the location and table of all of the achievement PNG files. I have extracted some and am working on how to read the XITB file format ( the table 'file') . I know, not so much useful as it is just cool.

A search for strings reveals a reference to rsa_manifest.bin file. Not sure how to find this file as of yet, but I'm pretty sure it is the rsa public key for the maps.

Currently, I am waiting for a XEX loader for IDA. Hopefully that will come through soon.

More to come later.

Thats a cool finding... but the chances of us signing the RSA sig are less then getting hacked kernel.
With hacked kernal someone can just make a patch for the xex disabling the RSA check.

But still overall cool findings.

[shade45]

I have started research on the halo3 xex file.

Interesting findings:
I have found the location and table of all of the achievement PNG files. I have extracted some and am working on how to read the XITB file format ( the table 'file') . I know, not so much useful as it is just cool.

A search for strings reveals a reference to rsa_manifest.bin file. Not sure how to find this file as of yet, but I'm pretty sure it is the rsa public key for the maps.

Currently, I am waiting for a XEX loader for IDA. Hopefully that will come through soon.

More to come later.

I found if you cut the PE section out of the XEX and save it as a separate exe file you can load it in IDA with the processor set as ppc. I don't know if this is a working solution but the disassembled code does look correct

[Burnination]

That should be correct. Turns out i have an old version of IDA so no ppc support. Thats why i couldnt find any way to load it.

[haxalot88]

I have started research on the halo3 xex file.

Interesting findings:
I have found the location and table of all of the achievement PNG files. I have extracted some and am working on how to read the XITB file format ( the table 'file') . I know, not so much useful as it is just cool.

A search for strings reveals a reference to rsa_manifest.bin file. Not sure how to find this file as of yet, but I'm pretty sure it is the rsa public key for the maps.

Currently, I am waiting for a XEX loader for IDA. Hopefully that will come through soon.

More to come later.

I found if you cut the PE section out of the XEX and save it as a separate exe file you can load it in IDA with the processor set as ppc. I don't know if this is a working solution but the disassembled code does look correct

I am an advanced assembly and c++ coder, so if it's in assembly or c++ i might be able to help. would you mind releasing the decompiled code, or PMing me it? I would like to take a look, but sadly i don't know how to properly decompile it.

[Anthony]

I have started research on the halo3 xex file.

Interesting findings:
I have found the location and table of all of the achievement PNG files. I have extracted some and am working on how to read the XITB file format ( the table 'file') . I know, not so much useful as it is just cool.

A search for strings reveals a reference to rsa_manifest.bin file. Not sure how to find this file as of yet, but I'm pretty sure it is the rsa public key for the maps.

Currently, I am waiting for a XEX loader for IDA. Hopefully that will come through soon.

More to come later.

I found if you cut the PE section out of the XEX and save it as a separate exe file you can load it in IDA with the processor set as ppc. I don't know if this is a working solution but the disassembled code does look correct

I am an advanced assembly and c++ coder, so if it's in assembly or c++ i might be able to help. would you mind releasing the decompiled code, or PMing me it? I would like to take a look, but sadly i don't know how to properly decompile it.

dont talk about it here

send me a message on AIM or MSN and I will talk to you about it

[haxalot88]

Thanks for all your help Anthony, you surely cleared many things up for me

[StephenMalone]

Good job guys, keep up the good work.