Iris Action

Hey nerds, why doesn't this code work?
http://pastie.org/private/29v95lljikryiiehtdpoq

I'm trying to extract images from a game pack file. It worked fine on the trial/demo version of the game, but fails on the full version of the game [ https://thepiratebay.se/torrent/7512447/ ]

I really don't understand.

>>42
That code is buggy and inefficient. If fread() returns anything less than a full buffer (which it can, according to the spec) you'll desync the keystream and garbage appears in the output. And the least you could do is make it write out a block at a time, like the original. Also you haven't noticed that the key is a power of 2 and so you can just use a 16-bit index that will automatically wrap around.

>>46
You're very lucky. All good ciphers will have keystream periods longer than the maximum filesizes of any filesystem in existence (which is also larger than the capacity of any suitable storage device in existence.) I'm still highly doubtful there is 64KB of key in there; a flawed PRNG is more likely.

>>45
You're also lucky fread() didn't return a nonfull buffer halfway, but there will be up to 4KB of garbage at the end of all the extracted files. Disassemble the executable, find the filesystem routines (searching for "KCAP" and where it's used is a good start), and figure out where the decryption happens. You'll probably be much better than >>42 as you can find the PRNG itself and incorporate that into the code (usually a few dozen bytes to ~128 bytes at most) instead of bloating it with over 65 thousand bytes.