Thread: Reverse engineering game saves
Reverse engineering game saves
I have a game save file that consist of Param.pfd, Param.sfo and Gamerep. Are these files encrypted? If so, are there tools to unencrypt them?
For PS3 gamesaves: There are two types, those which are encrypted and signed, and those which aren't. This allows modifications/cheats for some games, yes. When copied, they are put inside these folder called "PS3\SAVEDATA\", followed by their Title ID.
This ID is unique for each title running on the PS3. It has the following syntax (where A is any upper-case alphabetic character, and 0 is any decimal number): AA0000-AAAA00000_00-AAAA000000000000
Often a new character is added to the back in file-names containing ID's, which is probably used to determine the title region (PAL/NTSC).
[Register or Login to view code]
PARAM.SFO: Various information about the title. This one is never encrypted, although it's always signed. (see: http://www.pdc.me.uk/pbpdocs/#3.2)
PARAM.PFD: Signatures of all the files if the save is protected. The signature method is still unknown (hash-size 0x60).
This file is responsible for making sure the save games aren't tampered with. To prevent file modification of this file and other games files, the cryptographic signatures are inside this file. Some games don't sign their files here though. File size is 0x8000 bytes.
ICON0.PNG: PNG image containing the image to be displayed in XMB.
SND0.AT3: (optional) Sound file to be played.
ICON1.PAM: (optional) Video file to be shown.
PIC0.PNG: (optional) Overlay picture.
PIC1.PNG: (optional) Large background picture.
Some games which are unprotected:
- MotorStorm (protected with CRC32 checksum)
- Call Of Duty 4 (hacked saves can be found on the Internet)
- Battlefield: Bad Company
- Assassin's Creed
- Blazing Angels: Squadrons of WWII
Finally, for PS2 gamesaves they can be converted using the guide here: http://www.ps4news.com/forums/ps3-gu...at-103447.html
I am not looking to modify the save just understand the data in the save so I can write a game save decoder. The game I am interested in using is Eye of Judgment and it is produced by Sony so I am going to assume it is signed and encrypted.
Does the signing process for the SFO change the data in anyway?
If the PFD file contains just the signatures then can I ignore it since I am not interested in modifying the game save?
Will the GAMEREP file be my primary source of game state ?
My GAMREP file is listed in the PARAM.PFD file so that means it is at least signed, right? Is there a way to determine if it is encrypted, some kind of standard signature?
The simplest way is to tell if it is encrypted is to just look at it. If its completely full (ie, not many 00's, and cant compress well, if at all) and full of 'garbage', then its probably encrypted (remember, even 00's will be changed to something else).