我有一个名为“ Diablo.exe”的exe文件,该文件包含原始文件。我想从文件中提取它们。
我尝试了protoc和一些开源项目进行提取,但是现在没有用,我试图使用python来提取文件。我正在为此过程使用其他用户代码。
我不知道它是如何工作的NSO_PROTO_OFFSET这个程序是为Nintendo Switch文件格式“ .nso”创建的。有什么办法可以将该程序转换为二进制格式。
from os.path import join, isfile
from binascii import hexlify as _hexlify
NSO_PATH = "C://Users/John/Desktop/Diablo.exe"
NSO_PROTO_OFFSET = 0xDC1EB4
def hexlify(b: (bytes, bytearray)) -> (bytes, bytearray):
return _hexlify(b).decode("utf8")
if __name__ == "__main__":
with open(NSO_PATH, "rb") as nso_file:
# seek to protobuf file listing
nso_file.seek(NSO_PROTO_OFFSET)
total_dumped = 0
while True:
# print file offset
print(hex(nso_file.tell()))
# read protobuf name
b = None
protobuf_name = b""
while True:
b = nso_file.read(1)
if b[0] == 0:
break
protobuf_name += b
protobuf_name = protobuf_name.decode("utf8", errors="ignore")
print(protobuf_name)
# no null-terminator
#assert nso_file.read(1)[0] == 0, "non-null-terminator found"
# read compiled name
b = None
compiled_name = b""
while True:
b = nso_file.read(1)
if b[0] == 0:
break
compiled_name += b
compiled_name = compiled_name.decode("utf8", errors="ignore")
print(compiled_name)
# skip null-terminator
#assert nso_file.read(1)[0] == 0, "non-null-terminator found"
if protobuf_name in ["GameMessage.proto", "Leaderboard.proto"]: # empty
continue
if protobuf_name == "Settings.proto": # last one in the list
break
# read out the protobin
protobin = b""
while True:
b = nso_file.read(1)
if b[0] == 0:
break
protobin += b
#print(hexlify(protobin))
out_path = join("extracted", protobuf_name + "bin")
if not isfile(out_path):
with open(out_path, "wb") as f:
f.write(protobin)
else:
print("%s already exists, skipping" % (out_path))
total_dumped += 1
print("Dumped %s protobin(s)" % (total_dumped))```