.profile "save game" research

Talk and share anything related to Star Wars Battlefront 2. No maps or mod announcements here. Use Work in Progress forum.

Moderator: Moderators

Post Reply
User avatar
AnthonyBF2
Sith
Sith
Posts: 1254
Joined: Wed Aug 21, 2013 3:55 pm
Projects :: PS2+PSP Overhaul

.profile "save game" research

Post by AnthonyBF2 »

I have noticed something that may eventually lead to the ability to write a new name on a saved game file.

First, I made a profile using only 0's with a max game limit of 15, so the name is 000000000000000.
I then made 2 more profiles named 000000000000001 and 000000000000002.

I opened all 3 files simultaneously in hex editor and took some notes. The very first 4 bytes at the top of the file and the very last 4 bytes at the bottom of each file changes.

For 000000000000000.profile first bytes are 8F 5B 71 0F and last bytes are BD 67 6F 51
For 000000000000001.profile first bytes are AB 61 3C B0 and last bytes are 28 36 AE 72
For 000000000000002.profile first bytes are 4A 48 E6 38 and last bytes are 97 C4 ED 16

Now, in the past I tried to rewrite the name written in the save file using hex editor but the game wouldn't except it. But now, after noticing this, I think that name changing is possible if we can calculate a way to know which bytes to change at the top and bottom of the file that correlate to what name we want.

I suck at math, so it's up to someone else to figure anything out, if it hits an interest with anyone that is... Thanks.
Twilight_Warrior
Droid Pilot Assassin
Droid Pilot Assassin
Posts: 2002
Joined: Sat Nov 15, 2008 1:57 pm
xbox live or psn: ScorchRaserik

Re: .profile "save game" research

Post by Twilight_Warrior »

I don't think it's mathematically calculated. Not based on the name, anyway. If it were a checksum of some sort, based on the username, then some of those hex values would be the same, no? As the first 14 characters would affect the checksum in a similar fashion.
User avatar
AnthonyBF2
Sith
Sith
Posts: 1254
Joined: Wed Aug 21, 2013 3:55 pm
Projects :: PS2+PSP Overhaul

Re: .profile "save game" research

Post by AnthonyBF2 »

I was able to change one profile to another, by changing the name and the ending and beginning 4 bytes. I changed 000000000000000.profile to have the in-game name of 000000000000001.profile.
User avatar
AceMastermind
Gametoast Staff
Gametoast Staff
Posts: 3284
Joined: Mon Aug 21, 2006 6:23 am
Contact:

Re: .profile "save game" research

Post by AceMastermind »

The profile name is written as a unicode string starting at 0x6 but maybe the first and last 4 bytes could be XOR encryption.
https://en.wikipedia.org/wiki/XOR_cipher
arcnor
Posts: 2
Joined: Sun Dec 27, 2015 9:44 pm
Projects :: No Mod project currently.
Games I'm Playing :: SWBF2
xbox live or psn: No gamertag set

Re: .profile "save game" research

Post by arcnor »

Hi,

I don't know what happened, but I added a post here earlier, and it just disappeared.

Anyway, first post here but I like this kind of topic.

What I think you should try is generating a few savegames with the same name. If those two sections change, it means they're using some sort of counter (like the current date) to "encrypt" them, although that's unlikely. If only one section changes, you know that it's probably a date (UNIX timestamp, milliseconds since 1970 or similar Win32 equivalent) and the other part is the name itself.
User avatar
AceMastermind
Gametoast Staff
Gametoast Staff
Posts: 3284
Joined: Mon Aug 21, 2006 6:23 am
Contact:

Re: .profile "save game" research

Post by AceMastermind »

Welcome to Gametoast! Glad to have you aboard. :D
I don't know what happened to your post though, the logs say it was approved, it must have been some bug.


I created 2 profiles of the same name (player) one minute apart and they were identical.

The first 4 bytes was:
D2 2F 63 7F

and the last 4 was:
4C 45 85 88

Maybe some kind of hash encryption?
https://en.wikipedia.org/wiki/Cryptogra ... h_function
arcnor
Posts: 2
Joined: Sun Dec 27, 2015 9:44 pm
Projects :: No Mod project currently.
Games I'm Playing :: SWBF2
xbox live or psn: No gamertag set

Re: .profile "save game" research

Post by arcnor »

Thanks :)

About the post disappearing, it was just me being blind to "Your post has been sent BUT it needs to be approved". I guess it's a habit, ignoring messages software gives you :D.

Yeah, a CRC it's probably one of them. Dunno about the other one, though. Random guess (without checking the hex bytes themselves) is that one of them can be the CRC for the whole file, and the other can be the CRC for a section.

I'm guessing savegames haven't been "decyphered" yet? I.e. there is no document about their structure?
User avatar
[RDH]Zerted
Gametoast Staff
Gametoast Staff
Posts: 2982
Joined: Sun Feb 26, 2006 7:36 am
Projects :: Bos Wars AI - a RTS game
Games I'm Playing :: SWBF2 and Bos Wars
xbox live or psn: No gamertag set
Location: USA
Contact:

Re: .profile "save game" research

Post by [RDH]Zerted »

The meat of the saved games files is just a Lua table. You tell the game to save this table and it saves that table. When you load it you get the same table back. I never bothered to figure out the serialization format of the files, but I expect it wouldn't be too far off from however Lua would naturally save a table. If you want to see what's in a file, just load it and manually print all the table fields [using v1.3 call: uf_print(<table>, <true to print nested tables too>, 0) then look at the debug output]

You can use the save and load utility scripts (SWBF2_SaveAndLoadUtils_v1.7z) or manually mess with the metagame functions to save tables with specific structures and try to figure out how they're saved, similar to how you're researching the name encoding.
Robokitty
Posts: 1
Joined: Fri Jan 03, 2020 12:01 am
Projects :: SWBFII Save Editor
Games I'm Playing :: SWBFII
xbox live or psn: No gamertag set

Re: .profile "save game" research

Post by Robokitty »

Thanks to the research above, along with some other helpers, I have cracked the case.

https://steamcommunity.com/app/6060/dis ... 623117650/

Have a wonderful year.
Post Reply