Andoryuuta

🛶

Canoeing across the atlantic

Hobbyist reverse engineer.

Andoryuuta / MHFZ EM CMD list.h

Created October 9, 2022 13:40

MHFZ EM CMD list

	0x1: EM_CMD_KEHAI_CK
	0x2: EM_CMD_NINSHIKI_CK
	0x3: EM_CMD_AREA_MOVE_CK
	0x4: <MISSING, sets some value to 0 then returns.>
	0x5: EM_TYPE_ACT_SET
	0x6: EM_CMD_TARGET_SET
	0x7: EM_CMD_MAIN_JUMP
	0x8: EM_CMD_STAND_CK
	0x9: EM_CMD_FLY_CK
	0xA: EM_CMD_BODY_STATUS_SET

Andoryuuta / csproto_metalib_dump.txt

Created April 17, 2022 01:16

Dump of the csproto metalib from MHO 2.0.11.860

This file has been truncated, but you can view the full file.


	Metalib("csproto"): Magic: 2d6 Build: 11 PlatArch=32 ID=-1 ver=1 Metas 1678/1678 Macros:1995/1995
	StringBuf<BeginPtr= 1677664 EndPtr= 1975304 FreeSize=3 defaultalign:1

	Macro Name ptr:1677664 Name="MAX_NORMAL_PKG_LENGTH" id=210000 Desciption: 没有经过加密处理的消息包最大长度
	Macro Name ptr:1677719 Name="MAX_CMD_COUNT" id=256 Desciption: 最大消息个数
	Macro Name ptr:1677746 Name="CS_MAX_ROLE_NUM" id=6 Desciption: 每个帐号最多拥有的角色数量
	Macro Name ptr:1677789 Name="CS_MAX_ROLE_NAME" id=32 Desciption: 最大角色名字长度
	Macro Name ptr:1677823 Name="CS_MAX_TEAM_NAME" id=40 Desciption: 最大队伍名长度
	Macro Name ptr:1677855 Name="CS_MAX_LEVEL_NAME" id=32 Desciption: 最大Level名字长度

Andoryuuta / test_rise_frida_save_dec.py

Created January 16, 2022 05:53

	import frida # py -3 -m pip install frida
	import sys
	import struct

	if __name__ == '__main__':
	device = frida.get_local_device()
	proc = [p for p in device.enumerate_processes() if p.name == 'MonsterHunterRise.exe']
	if len(proc) == 0:
	print('Rise not running!')
	sys.exit(1)

Andoryuuta / test_mhrise_pak_decrypt.py

Created January 14, 2022 01:05

MH:Rise PC pak (entry header) decryption

	import io
	import struct
	import binascii

	def transform_crypto_key(input):
	# Pretty sure this is a public hash
	# input = binascii.unhexlify('c8399c72d1a39b08a0eb1867b9bf051344a230786a74de6fb6f37b8b05621f1529bf4365a8a2d106accbc6f9fd89bcce87e0cb2891b837a10805f463c17f13416ddb6b74f94326185abb0fbba95816e34c8ce7f477d327368116087e11fdb4f9096a314a30a1b16f4c327ca98adf1ce88606eadc228bdb4e95127042952e3798')
	output = binascii.unhexlify('66BF3EAAE9B08286E2DE8F9D21993E78C7AEF6DF069347942E1D0FCAAC817A67')
	return output

Andoryuuta / MHS2_blowfish_keygen.cpp

Created July 9, 2021 04:24

Monster Hunter Stories 2 blowfish key generation

Andoryuuta / DMV-DOT phising sites.txt

Created March 5, 2021 23:27

List of currently known DMV/DOT RealID phishing sites

	List of currently known DMV/DOT real ID phishing sites:

	dmv-ny.org
	mydmv.live
	mydmv.io
	newyorkdmvid.com
	nydmv-online.com
	nydmvid.net
	realid-illinois.com
	realid-il.com

Andoryuuta / MHRise-file-ext-to-class-table.md

Last active January 19, 2021 16:14

MHRise file extension/class name table

Class Name	File Extension	Revision Digit
via.SceneResource	scn	20
via.PrefabResource	pfb	17
via.UserDataResource	user	2
via.userdata.UserVariablesResource	uvar	2
via.hid.VibrationResource	hapvib	1807190270
via.render.PSOPatch	psop	1
via.render.ShaderResource	sdf	2007288797
via.render.MasterMaterialResource	mmtr	2007288797

Andoryuuta / MHW_class_file_extensions.md

Last active February 26, 2021 00:02

Andoryuuta / fakeclient.py

Created July 16, 2020 23:47

AW fakeclient base

	import struct
	import socket
	import zlib
	import io
	from hexdump import hexdump


	class AWVar(object):
	def __init__(self, var_id, type_id, data):
	self.var_id = var_id

Andoryuuta / mhf_mus_table.csv

Created March 25, 2020 21:14