wot-replays.org: The replay file format, decrypting and unpacking a replay
So a little birdy at http://wotreplays.blogspot.com apparently posted the way to do this, unfortunately it's in Russian, and Google translate makes a mess of it. So what you want to do is this:
- Refer to my first post on the WoT replay format for the layout of the file. Basically if you've read both data blocks (or the only data block for an incomplete replay), the next part of the file is the encrypted and packed data.
- The encryption used is Blowfish, with a 16 byte (128 bit) key that I have but won't share. You can find it if you try :)
- The compression is done with Zlib.
The first step you want to take is to decrypt the data. You do this as follows.
- Read the first 8 bytes of data.
- Decrypt these 8 bytes, and write them out to a temporary file. Also keep them saved in a temporary variable.
- Read the next 8 bytes of data.
- Decrypt these 8 bytes as well. Then, you want to take your previously decrypted 8 bytes, and do a binary XOR of the current 8 bytes with the previous 8 bytes.
- Write the result to a temporary file, and store it in your "previous" variable.
- Go to step 3 and repeat until you've reached the end of file.
- Do check to see if the last block of 8 bytes you read is actually 8 bytes long. if it isn't, pad it out with null bytes.
The decrypted file can now be unpacked using the appropriate Zlib implementation; a lot of them exist for a variety of programming languages, so you've got your pick.
Once you have unpacked the file, it should inflate to about 5 times it's original size. The format is still unknown, but you can easily see the WoT version in there. Other than that it seems to be a large mess of pickled Python data.