Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Decrypt IS file failed #74

Open
Musyanon opened this issue May 10, 2023 · 11 comments
Open

Decrypt IS file failed #74

Musyanon opened this issue May 10, 2023 · 11 comments

Comments

@Musyanon
Copy link

Musyanon commented May 10, 2023
edited
Loading

Hello,

I tried to decrypt the IS file by following th the wiki, but I can't do it.
My key is definitely bad, but I don't understand why :(

Here is what I got with wmic
BaseBoardManufacturer.txt
BaseBoardSerialNumber.txt
BIOSManufacturer.txt
BIOSSerialNumber.txt
ProcessorManufacturer.txt
ProcessorName.txt
ProcessorProcessorId.txt
PVideoControllerNPDeviceId.txt

And my volume serial is 748AF423.

The rendering should be :
Micro-Star International Co., Ltd. ;To be filled by O.E.M. ;American Megatrends International, LLC. ;To be filled by O.E.M. ;748AF423;PCI\VEN_1002&DEV_73A5&SUBSYS_441D1DA2&REV_C0\6&20C1D3AD&0&00000019 ROOT\DISPLAY\0000 ;AuthenticAMD;178BFBFF00A20F10;AMD Ryzen 5 5600X 6-Core Processor ;

I have a doubt with videoControllerDeviceId because there are line breaks, should I include them?
I also have a doubt with the volumeSerialNumber, is it possible that it is the same as doing a "dir" in cmd.exe?

To finish
My SHA1 with what's above is b2895e59b9d0713820e5d63b4de042d0ae1a8cb6
An my SHA3_256 is f3abd302f1963cddb38a116be0462a866436bf9cfe598d197c5972d12255e55a

But can't read my file :(
IS.zip

Thanks for any help !
@erri120
Copy link
Owner

erri120 commented May 10, 2023

Have you tried running the example? I've set up the CI workflow to publish builds of the example on every commit: https://github.com/erri120/GameFinder/suites/12799382184/artifacts/688986744. The example will log your decryption key.

@Musyanon
Copy link
Author

Just tried.

But they are no key in log.

2023-05-10 21:17:47.3022|INFO|Program|Operating System: Microsoft Windows 10.0.22621
2023-05-10 21:17:47.3212|INFO|SteamHandler|Found SteamGame { AppId = 1465360, Name = SnowRunner, Path = C:\Program Files (x86)\Steam\steamapps\common\SnowRunner }
2023-05-10 21:17:47.3220|INFO|SteamHandler|Found SteamGame { AppId = 228980, Name = Steamworks Common Redistributables, Path = C:\Program Files (x86)\Steam\steamapps\common\Steamworks Shared }
2023-05-10 21:17:47.3220|INFO|SteamHandler|Found SteamGame { AppId = 1172380, Name = STAR WARS Jedi: Fallen Order™ , Path = D:\SteamLibrary\steamapps\common\Jedi Fallen Order }
2023-05-10 21:17:47.3220|INFO|SteamHandler|Found SteamGame { AppId = 1774580, Name = STAR WARS Jedi: Survivor™, Path = D:\SteamLibrary\steamapps\common\Jedi Survivor }
2023-05-10 21:17:47.3220|ERROR|GOGHandler|Unable to open HKEY_LOCAL_MACHINE\Software\GOG.com\Games
2023-05-10 21:17:47.3220|ERROR|EGSHandler|The manifest directory C:\ProgramData\Epic\EpicGamesLauncher\Data\Manifests does not exist!
2023-05-10 21:17:47.3220|ERROR|OriginHandler|Manifest folder C:\ProgramData\Origin\LocalContent does not contain any .mfst files
2023-05-10 21:17:47.3220|ERROR|XboxHandler|Neither D:\Program Files\ModifiableWindowsApps nor D:.GamingRoot exist on the current drive.
2023-05-10 21:17:47.3220|ERROR|XboxHandler|Neither E:\Program Files\ModifiableWindowsApps nor E:.GamingRoot exist on the current drive.
2023-05-10 21:17:47.3220|ERROR|XboxHandler|Neither F:\Program Files\ModifiableWindowsApps nor F:.GamingRoot exist on the current drive.
2023-05-10 21:17:47.3220|ERROR|XboxHandler|App folder C:\Program Files\ModifiableWindowsApps does not contain any sub directories!

@erri120
Copy link
Owner

erri120 commented May 10, 2023

Could you try this build: https://gofile.io/d/8uVMB4

@Musyanon
Copy link
Author

Musyanon commented May 10, 2023
edited
Loading

I have tried on other computer, but same, no key in the log. No mention of EA.
It work with Windows 11 ? I have the latest release.

Thanks for your help !

2023-05-10 23:56:51.9923|INFO|Program|Operating System: Microsoft Windows 10.0.22621
2023-05-10 23:56:53.3667|INFO|SteamHandler|Found SteamGame { AppId = 1172380, Name = STAR WARS Jedi: Fallen Order™ , Path = C:\Program Files (x86)\Steam\steamapps\common\Jedi Fallen Order }
2023-05-10 23:56:53.3667|INFO|SteamHandler|Found SteamGame { AppId = 228980, Name = Steamworks Common Redistributables, Path = C:\Program Files (x86)\Steam\steamapps\common\Steamworks Shared }
2023-05-10 23:56:53.7415|ERROR|GOGHandler|Unable to open HKEY_LOCAL_MACHINE\Software\GOG.com\Games
2023-05-10 23:56:54.1021|ERROR|EGSHandler|The manifest directory C:\ProgramData\Epic\EpicGamesLauncher\Data\Manifests does not exist!
2023-05-10 23:56:54.6614|ERROR|OriginHandler|Manifest folder C:\ProgramData\Origin\LocalContent does not contain any .mfst files
2023-05-10 23:56:55.0500|ERROR|XboxHandler|Neither D:\Program Files\ModifiableWindowsApps nor D:.GamingRoot exist on the current drive.
2023-05-10 23:56:55.0500|ERROR|XboxHandler|App folder C:\Program Files\ModifiableWindowsApps does not contain any sub directories!

Edit: Ok I think there is a problem with the app, I started with cmd to see what happened and I got this :

Path = C:\Program Files (x86)\Steam\steamapps\common\Steamworks Shared }
2023-05-11 00:04:46.7254|ERROR|GOGHandler|Unable to open HKEY_LOCAL_MACHINE\Software\GOG.com\Games
2023-05-11 00:04:46.7254|ERROR|EGSHandler|The manifest directory C:\ProgramData\Epic\EpicGamesLauncher\Data\Manifests does not exist!
2023-05-11 00:04:46.7254|ERROR|OriginHandler|Manifest folder C:\ProgramData\Origin\LocalContent does not contain any .mfst files
2023-05-11 00:04:46.7254|ERROR|XboxHandler|Neither D:\Program Files\ModifiableWindowsApps nor D:.GamingRoot exist on the current drive.
2023-05-11 00:04:46.7254|ERROR|XboxHandler|App folder C:\Program Files\ModifiableWindowsApps does not contain any sub directories!
Unhandled exception. Exception while getting property Manufacturer from class Win32_BaseBoard
System.TypeInitializationException: The type initializer for 'System.Management.ManagementPath' threw an exception.
---> System.TypeInitializationException: The type initializer for 'System.Management.WmiNetUtilsHelper' threw an exception.
---> System.TypeLoadException
at System.Runtime.InteropServices.Marshal.GetDelegateForFunctionPointerInternal(IntPtr, Type)
at System.Runtime.InteropServices.Marshal.GetDelegateForFunctionPointerTDelegate
at System.Management.WmiNetUtilsHelper.LoadDelegate[TDelegate](TDelegate&, IntPtr, String)
at System.Management.WmiNetUtilsHelper..cctor()
--- End of inner exception stack trace ---
at System.Management.MTAHelper.IsNoContextMTA()
at System.Management.MTAHelper.CreateInMTA(Type)
at System.Management.ManagementPath.CreateWbemPath(String)
at System.Management.ManagementPath..cctor()
--- End of inner exception stack trace ---
at System.Management.ManagementScope.Clone(ManagementScope, IdentifierChangedEventHandler)
at System.Management.ManagementObjectSearcher..ctor(ManagementScope, ObjectQuery, EnumerationOptions)
at GameFinder.StoreHandlers.EADesktop.Crypto.Windows.WMIHelper.GetWMIProperty(String, String) in //src/GameFinder.StoreHandlers.EADesktop/Crypto/Windows/WMIHelper.cs:line 34

And this for the last build :

PS C:\Users\Sami\Desktop\win-x64> .\GameFinder.Example.exe
2023-05-11 00:04:04.6710|INFO|Program|Operating System: Microsoft Windows 10.0.22621
2023-05-11 00:04:04.7193|INFO|SteamHandler|Found SteamGame { AppId = 1172380, Name = STAR WARS Jedi: Fallen OrderT , Path = C:\Program Files (x86)\Steam\steamapps\common\Jedi Fallen Order }
2023-05-11 00:04:04.7193|INFO|SteamHandler|Found SteamGame { AppId = 228980, Name = Steamworks Common Redistributables, Path = C:\Program Files (x86)\Steam\steamapps\common\Steamworks Shared }
2023-05-11 00:04:04.7193|ERROR|GOGHandler|Unable to open HKEY_LOCAL_MACHINE\Software\GOG.com\Games
2023-05-11 00:04:04.7274|ERROR|EGSHandler|The manifest directory C:\ProgramData\Epic\EpicGamesLauncher\Data\Manifests does not exist!
2023-05-11 00:04:04.7546|ERROR|OriginHandler|Manifest folder C:\ProgramData\Origin\LocalContent does not contain any .mfst files
2023-05-11 00:04:04.7590|ERROR|XboxHandler|Neither D:\Program Files\ModifiableWindowsApps nor D:.GamingRoot exist on the current drive.
2023-05-11 00:04:04.7590|ERROR|XboxHandler|App folder C:\Program Files\ModifiableWindowsApps does not contain any sub directories!
Unhandled exception. Exception while getting property PNPDeviceId from class Win32_VideoController
System.Exception: Query returned 4 elements instead of one
at GameFinder.StoreHandlers.EADesktop.Crypto.Windows.WMIHelper.GetWMIProperty(String className, String propertyName) in /mnt/ssd1/projects/GameFinder/src/GameFinder.StoreHandlers.EADesktop/Crypto/Windows/WMIHelper.cs:line 39

@erri120
Copy link
Owner

erri120 commented May 10, 2023

Thanks for testing! The CI artifact fails due to trimming, and the custom build fails because of some bug I need to fix.

@erri120
Copy link
Owner

erri120 commented May 11, 2023

Could you try these two builds:

@EzioTheDeadPoet
Copy link

trimmed: log.log
not trimmed: could not download

@Musyanon
Copy link
Author

Could you try these two builds:

Hello,

With trimmed :

PS C:\Users\Sami\Desktop\win-x64 (1)\win-x64> .\GameFinder.Example.exe
2023-05-11 18:21:36.8001|INFO|Program|Operating System: Microsoft Windows 10.0.22621
2023-05-11 18:21:36.8223|INFO|SteamHandler|Found SteamGame { AppId = 1172380, Name = STAR WARS Jedi: Fallen OrderT , Path = C:\Program Files (x86)\Steam\steamapps\common\Jedi Fallen Order }
2023-05-11 18:21:36.8223|INFO|SteamHandler|Found SteamGame { AppId = 228980, Name = Steamworks Common Redistributables, Path = C:\Program Files (x86)\Steam\steamapps\common\Steamworks Shared }
2023-05-11 18:21:36.8223|ERROR|GOGHandler|Unable to open HKEY_LOCAL_MACHINE\Software\GOG.com\Games
2023-05-11 18:21:36.8223|ERROR|EGSHandler|The manifest directory C:\ProgramData\Epic\EpicGamesLauncher\Data\Manifests does not exist!
2023-05-11 18:21:36.8223|ERROR|OriginHandler|Manifest folder C:\ProgramData\Origin\LocalContent does not contain any .mfst files
2023-05-11 18:21:36.8223|ERROR|XboxHandler|Neither D:\Program Files\ModifiableWindowsApps nor D:.GamingRoot exist on the current drive.
2023-05-11 18:21:36.8223|ERROR|XboxHandler|App folder C:\Program Files\ModifiableWindowsApps does not contain any sub directories!
Unhandled exception. Exception while getting property Manufacturer from class Win32_BaseBoard
System.NotSupportedException: Built-in COM has been disabled via a feature switch. See https://aka.ms/dotnet-illink/com for more information.
at WmiLight.WmiConnection.Open()
at WmiLight.WmiConnection.InternalExecuteQuery(WmiQuery query)
at WmiLight.WmiConnection.ExecuteQuery(WmiQuery query)
at System.Linq.Enumerable.TryGetFirst[TSource](IEnumerable`1, Boolean& )
at GameFinder.StoreHandlers.EADesktop.Crypto.Windows.WMIHelper.GetWMIProperty(String, String) in /mnt/ssd1/projects/GameFinder/src/GameFinder.StoreHandlers.EADesktop/Crypto/Windows/WMIHelper.cs:line 41

Log :

2023-05-11 18:21:36.8001|INFO|Program|Operating System: Microsoft Windows 10.0.22621
2023-05-11 18:21:36.8223|INFO|SteamHandler|Found SteamGame { AppId = 1172380, Name = STAR WARS Jedi: Fallen Order™ , Path = C:\Program Files (x86)\Steam\steamapps\common\Jedi Fallen Order }
2023-05-11 18:21:36.8223|INFO|SteamHandler|Found SteamGame { AppId = 228980, Name = Steamworks Common Redistributables, Path = C:\Program Files (x86)\Steam\steamapps\common\Steamworks Shared }
2023-05-11 18:21:36.8223|ERROR|GOGHandler|Unable to open HKEY_LOCAL_MACHINE\Software\GOG.com\Games
2023-05-11 18:21:36.8223|ERROR|EGSHandler|The manifest directory C:\ProgramData\Epic\EpicGamesLauncher\Data\Manifests does not exist!
2023-05-11 18:21:36.8223|ERROR|OriginHandler|Manifest folder C:\ProgramData\Origin\LocalContent does not contain any .mfst files
2023-05-11 18:21:36.8223|ERROR|XboxHandler|Neither D:\Program Files\ModifiableWindowsApps nor D:.GamingRoot exist on the current drive.
2023-05-11 18:21:36.8223|ERROR|XboxHandler|App folder C:\Program Files\ModifiableWindowsApps does not contain any sub directories!

Without trimmed :

PS C:\Users\Sami\Desktop\win-x64 (2)\win-x64> .\GameFinder.Example.exe
2023-05-11 18:24:11.0827|INFO|Program|Operating System: Microsoft Windows 10.0.22621
2023-05-11 18:24:11.1338|INFO|SteamHandler|Found SteamGame { AppId = 1172380, Name = STAR WARS Jedi: Fallen OrderT , Path = C:\Program Files (x86)\Steam\steamapps\common\Jedi Fallen Order }
2023-05-11 18:24:11.1338|INFO|SteamHandler|Found SteamGame { AppId = 228980, Name = Steamworks Common Redistributables, Path = C:\Program Files (x86)\Steam\steamapps\common\Steamworks Shared }
2023-05-11 18:24:11.1338|ERROR|GOGHandler|Unable to open HKEY_LOCAL_MACHINE\Software\GOG.com\Games
2023-05-11 18:24:11.1338|ERROR|EGSHandler|The manifest directory C:\ProgramData\Epic\EpicGamesLauncher\Data\Manifests does not exist!
2023-05-11 18:24:11.1338|ERROR|OriginHandler|Manifest folder C:\ProgramData\Origin\LocalContent does not contain any .mfst files
2023-05-11 18:24:11.1512|ERROR|XboxHandler|Neither D:\Program Files\ModifiableWindowsApps nor D:.GamingRoot exist on the current drive.
2023-05-11 18:24:11.1512|ERROR|XboxHandler|App folder C:\Program Files\ModifiableWindowsApps does not contain any sub directories!
2023-05-11 18:24:11.2763|DEBUG|Program|EA Decryption Key: 71b7f789c38bee7c8f32bbbb3d94a01a0a19f17acfb93fcde03487694b6c9faf
2023-05-11 18:24:11.3329|ERROR|EADesktopHandler|Exception while decrypting file C:\ProgramData\EA Desktop\530c11479fe252fc5aabc24935b9776d4900eb3ba58fdc271e0d6229413ad40e\IS:
System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed.
at System.Security.Cryptography.SymmetricPadding.GetPaddingLength(ReadOnlySpan1 block, PaddingMode paddingMode, Int32 blockSize) at System.Security.Cryptography.UniversalCryptoDecryptor.UncheckedTransformFinalBlock(ReadOnlySpan1 inputBuffer, Span1 outputBuffer) at System.Security.Cryptography.UniversalCryptoDecryptor.UncheckedTransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) at System.Security.Cryptography.UniversalCryptoTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) at System.Security.Cryptography.CryptoStream.ReadAsyncCore(Memory1 buffer, CancellationToken cancellationToken, Boolean useAsync)
at System.Security.Cryptography.CryptoStream.Read(Byte[] buffer, Int32 offset, Int32 count)
at System.IO.StreamReader.ReadBuffer()
at System.IO.StreamReader.ReadToEnd()
at GameFinder.StoreHandlers.EADesktop.Crypto.Decryption.DecryptFile(Byte[] fileContents, Byte[] key, Byte[] iv) in /mnt/ssd1/projects/GameFinder/src/GameFinder.StoreHandlers.EADesktop/Crypto/Decryption.cs:line 59
at GameFinder.StoreHandlers.EADesktop.EADesktopHandler.DecryptInstallInfoFile(IFileSystem fileSystem, AbsolutePath installInfoFile, IHardwareInfoProvider hardwareInfoProvider) in /mnt/ssd1/projects/GameFinder/src/GameFinder.StoreHandlers.EADesktop/EADesktopHandler.cs:line 129

@erri120
Copy link
Owner

erri120 commented May 11, 2023
edited
Loading

Enabling trimming disabled COM entirely, which basically makes the feature completely useless. I'll take a look at the cryptography exception, that is likely a bug in my code or EA updated their encryption.

@Musyanon
Copy link
Author

Enabling trimming disabled COM entirely, which basically makes the feature completely useless. I'll take a look at the cryptography exception, that is likely a bug in my code or EA updated their encryption.

Ok, I hope you will succeed!
Anyway thank you for your work ;)

@erri120 erri120 mentioned this issue Jun 17, 2023
Open
@ZenMaxe
Copy link

ZenMaxe commented Sep 4, 2023

GameFinder Can't Decrypt IS file in my laptop.

error : System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Musyanon @erri120 @EzioTheDeadPoet @ZenMaxe