sabato 2 ottobre 2010

Birth By Sleep EUR/USA and decrypted .DATs

I'm really happy today to announce that I've do my first patch on a PSP game. I've experience from 65C816 (SNES) and x86 processors' reverse engineering, and yesterday I've studied a bit of mips to do a thing... Maybe a lot of people remember when the chinese coder Hrimfaxi (aka liquidzigong) released some tools to run Birth By Sleep ISO on PSP. One of this tools is dnas_decryptor, that decrypt BBS1-2-3.DAT files to make more faster the loading screens, but this only work for JAP version. Yesterday I tried to put BBS1-2-3.DAT decrypted on my ISO (oh, I don't download games from internet, I've the original game) but the game freezed before the warning screen about savedata. What I've do? I took the EBOOT.BIN and I decompiled it. I've search the routine that load crypted BBS1-2-3 and I found a way to skip decryption process simply editing 2 bytes. This trick work on EUR and USA version of the game:
Open EBOOT.BIN (or .OLD if you use prometheus patch) and go to 0xBD00 offset. You can see 0900 8018 right? Now change 8018 in 8104 and save. If you won't to extract the EBOOT, reput it on ISO and save, you can directly edit the ISO. I've found 0900 8018 on 0x11BD30.
Surely works on Birth By Sleep doesn't stop here, I'll continue to find more stuff and I'll release all here! Stay tuned :D

4 commenti:

  1. Just what I was looking for all this time. I'm happy to know that I'm not the only one interested with this.. So, do you mean that dnas_decryptor works on BBS1/2/3.DAT of the USA and EUR version of KHBBS? and when using the prometheus module, did you use the EBOOT.BIN and prometheus.prx in KHBBS folder of Prometheus v0.5, and not the one from the KHBBS_ENCRYPTED folder?

    and lastly, you said that the game frozed before the warning screen about savedata when you put back the decrypted BBS1/2/3.DAT from the KHBBS USA/EUR, which means this cannot be donw without hex editing?

    Thank you so much for this! I just got really excited that's why I've got alot of questions :)

  2. And I'm happy that there is someone that I'm not the only one interested with this :P.
    dnas_decryptor use a key inside the JAP EBOOT.BIN of BBS to decrypt BBSX.DAT but the key in EUR/USA change and it doesn't work with the current BBSXs. Around internet you can find an dnas_decryptor modded that work with EU/US BBSX.DAT but if you put them back on iso, the game freeze because the EU/US EBOOT.BIN isn't patched and can't read the already decrypted BBSXs. This mean: No HexEditing No Party XD. For the prometheus module I use the last version inside the ISO of the game renaming the original EBOOT.BIN in EBOOT.OLD (there are a lot of tutorials to do that).

    Sorry for english and for the fast reply

  3. Your english is just fine man.

    Actually, I'm interested with this 'cause I want to know if decrypting the BBS1-2-3.DAT contribute for faster performance (better frame rate of the game) than leaving those files encrypted... or does it just makes the loading of the game faster (faster loading screens), and has nothing to do with the frame rate of the game?

    Example, the JAP KHBBS has decrypted DATs, and the EUR/USA KHBBS doesn't have the decrypted DATs (still encrypted), does this mean that the JAP version runs faster than the EUR/USA?
    I mean in terms of framerate performance...
    or is the only difference is that the JAP version (which has the decrypted DATs) has faster loading (faster loading screens) but has the same framerate performace and has the same lag issue as the EUR/USA version which left the DAT files encrypted?

    I hope you understand what I mean...


  4. Questo commento è stato eliminato dall'autore.