Bully Audio Ripping Toolshttp://www.bully-board.com/index.php?action=downloads;sa=view;down=189There are instructions...
Link to original(No instructions)
http://www.mediafire.com/download/by365024r8j5n1n/Bully+Audio+Ripping+Tools.zip#######################################################################
QuickBMS
by Luigi Auriemma
e-mail:
[email protected]web: aluigi.org
home:
http://aluigi.org/papers.htm#quickbms#######################################################################
1) Introduction
2) Usage
3) Reimport the extracted files
4) How to create scripts (for developers only!)
5) Experimental input, output and other features
6) Notes
7) Support
Additional credits
#######################################################################
===============
1) Introduction
===============
QuickBMS is a multiplatform extractor engine that can be programmed
through some simple textual scripts for extracting files and
information from the archives of any program and moreover games.
The script language from which QuickBMS is derived is MexScript
documented here:
http://wiki.xentax.com/index.php/BMSSo QuickBMS is FULLY compatible with that original syntax and all the
scripts that were created here:
http://forum.xentax.com/viewtopic.php?t=1086QuickBMS supports also the WCX plugins of Total Commander:
http://www.totalcmd.net/directory/packer.html http://www.ghisler.com/plugins.htmI improved the original BMS language for removing some implied fields
(like the file number in some commands) and adding new commands (like
Encryption) and behaviours (like negative GoTo) that allow QuickBMS to
work with tons of simple and complex formats and even doing things like
modifying files, creating new files with headers and reimporting files
back in their archives.
The tool is open source under the GPL license and works on both Windows
and Linux and on both little and big endian architectures like Intel
and PPC.
The official homepage of QuickBMS is:
http://quickbms.aluigi.orgFor Linux users there is a Makefile in the src folder, the only
requirements are openssl, zlib and bzip2 while the optional components
are ucl, mcrypt and tomcrypt (uncomment the commented line near the
end of the Makefile to enable them).
If your distro supports apt-get and you have problems during the usage
of make try the following:
apt-get install gcc g++ zlib1g-dev libbz2-dev libssl-dev liblzo2-dev
#######################################################################
========
2) Usage
========
Simple and quick:
- double-click on quickbms.exe
- select the script or the plugin for the type of archive you want to
extract (for example zip.bms if it's a zip file)
- select the archive or multiple files
you can also select a whole folder by entering in it and then typing
* or "" in the "File name:" field and select Open
- select the output folder where extracting the files (you can specify
any filename, it will be ignored because only the directory is taken)
- watch the progress of the extraction
That one was the simple "GUI" usage but QuickBMS can do various other
things when launched from the console because it supports various
command-line options for advanced users or for who writes scripts.
You can view all the available options simply launching QuickBMS
without arguments, example:
Usage: quickbms [options] <script.BMS> <input_archive/folder> [output_folder]
Options:
-l list the files without extracting them
-f W filter the files to extract using the W wildcard, example -f "*.mp3"
example: quickbms -f "*.mp3" script.bms archive.dat output_folder
-F W as above but works only with the files in the input folder (if used)
example: quickbms -F "*.dat" script.bms input_folder output_folder
-o if the output files already exist this option will overwrite them
automatically without asking the user confirmation
-r experimental reimport option that should work with many archives:
quickbms script.bms archive.pak output_folder
modify the needed files in output_folder and maybe remove the others
quickbms -w -r script.bms archive.pak output_folder
you must read section 3 of quickbms.txt before using this feature
-s SF add a script file or command before the execution of the input script,
useful if an archive uses a different endianess or encryption and so on
Advanced options:
-d automatically create an additional output folder with the name of the
input file processed without extension
-E experimental option for automatically reversing the endianess of any
file simply reading it field by field (so each get will produce a put)
-c quick list of the basic BMS commands and some notes about this tool
-S CMD execute the command CMD on each file extracted, you must specify the
#INPUT# placeholder which will be replaced by the name of the file
example: -S "lame -b 192 -t --quiet #INPUT#"
Debug and experimental options:
-v verbose debug information, useful for verifying possible errors
-V alternative verbose output, useful for programmers
-L F dump the offset/size/name of the files inside the file F
-x use the hexadecimal notation in myitoa (debug)
-0 no extraction of files, useful for testing a script without using space
-R needed for the programs that act as interface for QuickBMS
-a S pass arguments to the input script like quickbms_arg1, 2, 3 and so on
-H cool HTML hex viewer output, use it only with very small files!
-9 toggle XDBG_ALLOC_ACTIVE (enabled)
-8 toggle XDBG_ALLOC_INDEX (enabled)
-7 toggle XDBG_ALLOC_VERBOSE (disabled)
-6 toggle XDBG_HEAPVALIDATE (disabled)
Features and security activation options:
-w enable the write mode required to write physical input files with Put*
-C enable the usage of CallDll without asking permission
-n enable the usage of network sockets
-p enable the usage of processes
-A enable the usage of audio device
-g enable the usage of video graphic device
-m enable the usage of Windows messages
-C enable CallDll without asking permission
Remember that the script and the input archive/folder are ever REQUIRED
and must be specified at the end of the command-line so if you want to
list all the mp3 files in a particular archive you must use:
quickbms -l -f "*.mp3" zip.bms myfile.zip
QuickBMS supports also a folder as input which means that with a single
command it's possible to unpack all the archives of a game directly
using QuickBMS.
Imagine to use the zip.bms script with all the zip files located in the
c:windows emp folder:
quickbms -F "*.zip" zip.bms "c:Program Files" c:output_folder
Note: in case "*.zip" doesn't work you can use {} instead of *: "{}.zip"
Except for -l, -f, -F and maybe -o and -s options the other are
intended for debugging, special features or enabling/disabling some
options and so should be ignored by the normal users.
If the extraction with a particular script is too slow or scanning a
folder takes too much memory and time try using the -9 option that
disables the memory protection.
You can apply these options directly in a link to quickbms so that you
can use the double-click method and all the command-line options you
desire.
In the same package you should find also quickbms_4gb_files.exe
(previously known as quickms64_test.exe) that is an "experimental"
version that uses 64bit numbers instead of the original 32 bits:
- it supports archives and files bigger than 4 gigabytes
- it may have problems to work with some "particular" scripts
- it's a native 32bit application so works on both 32 and 64bit systems
- it's experimental and so not much supported, problems like crashes
and incorrect math operations can happen often
---
Advanced users could find useful also the other options:
-d automatically creates a folder with the name of the input file where
placing all the files, sometimes it could be useful in some rare
cases where users needed it.
-E if you have a bms script that simply reads a file format you can
change the endianess of all its numeric fields on the fly simply
using this option.
for example if you have a "get SIZE long" a 32bit number will be
read as usual and additionally it will be reversed (0x11223344 to
0x44332211) and placed at the same location.
remember that you need to specify also the -w option with physical
files, alternatively you can save the whole file in a memory file
and then dumping it so that -w is not needed.
with this option is really a joke to convert the endianess of files
between different platforms, like xbox 360 and PC.
#######################################################################
===============================
3) Reimport the extracted files
===============================
As already said QuickBMS is primarly an extraction tool, anyway from
version 0.4.9 it supports also the -r option that transforms the tool
in a simple reimporter/reinjector and so could be useful in some cases
for who wants to mod or translate a game.
The idea consists in being able to reimport ("injecting back") the
modified files in the majority archives without touching a single line
of the script, yeah just reusing the same bms scripts that already
exist!
-----------------------------------------------------------------------
Using this feature is really trivial and the following is an example
step-by-step:
- make a backup copy of the original archive!
- extract the files or only those you want to modify (-f option) as you
do normally via the GUI (double-click on quickbms.exe) OR via
command-line:
quickbms script.bms archive.pak output_folder
- do your modifications to the extracted files and I suggest to delete
the files that have not been modified so that the reimporting process
will be faster, so if you can it's better if in the folder you leave
only the files you have changed
note that their size must be minor or equal than the original!
- reimport the files in the archive via the GUI by clicking on the
file called "reimport" (it's a normal link) OR via command-line:
quickbms -w -r script.bms archive.pak output_folder
- test the game with the modified archive
I repeat that you can use the GUI for the reimporting procedure, just
click on the "reimport" link found in the quickbms package (it contains
the command quickbms.exe -w -r).
-----------------------------------------------------------------------
Another example:
- first use QuickBMS normally:
archive.pak -> file1.txt
-> file2.dat
-> file3.jpg
- second step:
- delete file1.txt and file2.dat
- modify file3.jpg, for example adding a "smile" in it
- save file3.jpg and be sure that it's size is SMALLER or EQUAL than
the original
- third step, use the "reimport" link provided in quickbms:
archive.pak <- file1.txt (doesn't exist so it's not reimported)
<- file2.dat (doesn't exist so it's not reimported)
<- file3.jpg (successfully reimported)
-----------------------------------------------------------------------
Now some important notes about this particular reimporting process:
- you CANNOT increase the size of the files you want to reimport, so
the new files must be minor or equal than the originals
- if the script uses zlib (like comtype zlib or no comtype at all) or
deflate then QuickBMS will automatically use the kzip method which
uses an external executable (kzip.exe) and requires more time and
resources... I enabled this method only because often many users
complain about the size of recompressed files which is too big
- for the maximum compatibility within the thousands of available file
formats I decided to not use tricks for modifying the original
size and compressed_size values (think to those formats that use
encrypted information tables or the scripts that use MEMORY_FILEs
for such tables or that use things like "math SIZE *= 0x800")
- the script is just the same for both the extraction and the
reimporthing steps which means that many of the scripts written by me
and the other users already work, cool!
- the reimporting of compressed files is perfectly possible because
the tool automatically switches to the relative compression algorithm
if available (for example zlib->zlib_compress)
- if the original archive uses complex encryptions that require the
usage of MEMORY_FILEs to perform temporary decryptions then it's NOT
supported and the same is valid for chunked content (like the usage
of the command Append)
- FileXor, FileRot, Encryption and Filecrypt should work correctly
- things like CRCs and hashes can't be supported
- it's possible to reimport also the nameless files (log "" OFFSET SIZE)
the tool will automatically check for files with the same number
so if the file was saved as 00000014.xml it will be reimported
perfectly
#######################################################################
===============================================
4) How to create scripts (for developers only!)
===============================================
Originally the tool was created for myself for making me able to write
quick extractors for simple archives immediately without writing a line
of C but it revealed to be a so powerful tool that now I use it really
for everything included the parsing of some protocols and much more.
So, how to write these scripts?
Well I guess that giving a look at
http://wiki.xentax.com/index.php/BMSis a good first step to understand at least the basis of this language
originally written by Mike Zuurman (alias Mr.Mouse of XeNTaX) in the
far 1997.
Then it's good to take a look at the various examples provided on
http://quickbms.aluigi.org and
http://forum.xentax.com/viewforum.php?f=10and obviously to the following list of available commands and their
description.
A programming knowledge and background is not required but it's very
useful for entering in the "logic" of the scripts, while it's required
the full knowledge of the format to implement: reversing is ever useful
for figuring the needed fields.
Luckily in the extraction process is not needed to know all the fields
of an archive so a field like a CRC just doesn't matter while the
important fields are ever the filename, the offset and the size of the
files to extract.
You can notice all these useless fields in my scripts because I assign
them the name DUMMY.
Note that I will try to keep the following documentation updated as
much as I can, in any case refer also to the source code of quickbms.c
for any other technical doubt or possible additions or particular
behaviour of the tool in particular circumstances.
The fields between [] are optionals.
---
A quick list of available commands is available also when QuickBMS is
launched with the -c option, and REMEMBER to read the notes specified
there like the fact that:
- everything is considered a variable except if it starts with a number
in which case it's considered a numeric constant so when in this
text I talk about VAR, STRING and other types of data I refer EVER to
both variables and constants because they are EXACTLY the SAME thing
- all the commands and the names of the variables are case INsensitive
so "get OFFSET long" is the same as "GeT oFfSeT lOnG"
- everything works with signed 32 bit numbers (-2147483648 to
2147483647) so QuickBMS at the moment could not work well with files
over 2 gigabytes but it can seek on files of 4 gigabytes
so consider the following limits:
- max 4gb for archives
- max 2gb for the contained files
you can try quickbms_4gb_files.exe for working with bigger archives
- the so called constant strings (depends by the context of the command)
are handled as strings in C notation like "x12x34hello"bye�"
and so on, in this case you must know a bit how this representation
works.
the keyword is "C language escape characters" or escape sequences,
they are very simple, take a look here:
http://msdn.microsoft.com/en-us/library/h21280bw%28VS.80%29.aspx http://www.acm.uiuc.edu/webmonkeys/book/c_guide/1.1.html ONLY some commands support this C string notation for the escape
characters, a quick way to find them is searching the keyword
"(cstring)" without quotes in this document
- also hexadecimal numbers are supported if they start with 0x so
1234 and 0x4d2 are the same thing
- any operation made on fields bigger than 8 bits is controlled by the
global endianess, which means that any number and unicode field is
read in little endian by default otherwise it's valid the endianess
specified with the Endian command
- comments can be used in C (// and /* */) and BMS syntax (#)
File numbers:
every file opened in QuickBMS has a number assigned to it and in all
the commands that access to files this number is 0 (main file) if not
specified.
the first opened file is the input archive to which is assigned the
number 0 (zero), the others must be opened with the Open command
MEMORY_FILEs:
this is a particular type of temporary file which resides in memory
and works exactly like a normal file.
it's extremely useful for doing tons of things and are supported
various memory files: MEMORY_FILE, MEMORY_FILE2, MEMORY_FILE3 and so
on.
MEMORY_FILE and MEMORY_FILE1 are the same.
TEMPORARY_FILE:
exists also another type of file called TEMPORARY_FILE which instead
resides phisically on the hard-disk with that exact name.
although its "temporary" name it's not deleted by the output folder
(anyway at the end of the process QuickBMS will ask if the user wants
to remove it or not) and is created even when it's used the -l option
for listing the files which makes it ideal in certains situations
like when it's used a chunks based file system.
.
indeed in this case using a MEMORY_FILE is a bad idea because the
continuous reallocation of the memory makes it terribly slow except
if you have pre-allocated the space of the MEMORY_FILE with the
PutVarChr command but in that case remains the problem of using too
much memory.
.
for using the temporary file remember to use it like in the following
example:
log TEMPORARY_FILE 0 0 # reset it in case it already exists (optional)
append # enables the append mode
...
log TEMPORARY_FILE OFFSET SIZE
...
append # disable the append mode
open "." TEMPORARY_FILE 1 # open the temporary file on the file number 1
Types of variables supported, also know as datatypes or types:
STRING null delimited string (one byte for each char)
BYTE 8 bit, 0 to 0xff
SHORT 16 bit (aka INT), 0 to 0xffff
THREEBYTE 24 bit, 0 to 0xffffff
LONG 32 bit, 0 to 0xffffffff
LONGLONG fake 64 bit, so only 0 to 0xffffffff but takes 8 bytes in Get
FLOAT 32 bit, 123.345 is got as 123
DOUBLE 64 bit, 123.345 is got as 123
LONGDOUBLE 96 bit, 123.345 is got as 123
VARIABLE read byte per byte till the byte is negative
VARIABLE2 Unreal engine index numbers
VARIABLE3 used in various software
VARIABLE4 used in Battlefield 3 (Frostbite engine)
VARIANT VB/C++ variant type (
http://en.wikipedia.org/wiki/Variant_type)
TIME time_t Unix 32bit time
TIME64 64bit time used as FILETIME on Windows
CLSID ClassID like 00000000-0000-0001-0000-000000000000
IPV4 7f 00 00 01 = "127.0.0.1"
IPV6 like 2001:0db8:85a3:0000:0000:8a2e:0370:7334
ASM x86 assembly
ASIZE special type used to return the size of the opened file,
used only with the GET command
FILENAME special type used to return the name of the opened file
like "myfile.zip", used only with the GET command
BASENAME special type used to return the base name of the opened
file like "myfile", used only with the GET command
EXTENSION special type used to return the extension of the opened
file like "zip", used only with the GET command
UNICODE special type used for unicode utf16 strings, the
endianess of the utf16 is the same used globally in the
script (watch the Endian command), it's used also for
converting an unicode string to an ascii one:
Set ASCII_STRING UNICODE UNICODE_STRING
obviously this is a fake utf16 so it's good only for
english strings
BINARY special type used for binary strings in C notation like
"xffx00x12x34", used mainly as a constant (cstring)
COMPRESSED a special type used for setting big strings and memory
files using a small amount of text, for using this type
you must take the original text/file, compress it with
zlib (you can use my packzip tool) and then encoding the
outputfile with base64 (you can use my bde64 tool) and
placing the result like the following:
set MEMORY_FILE compressed eNrtwbEJACAMBMBecIfvnMUxPuEJAe0UHN81LLzrbYKwDOjI96IN1cLveRfAGqYu
this type is very useful if you want to embed a dll inside
a script without wasting much space
LINE special type used for carriage return/line feed delimited
string (so any string ending with a 0x00, 0x0a or 0x0d)
FULLNAME full path of the file, in reality at the moment it returns
the same path used in the input filename
CURRENT_FOLDER
the path from which has been launched QuickBMS
FILE_FOLDER the path of the loaded input file
BMS_FOLDER the folder where is located the bms script
OUTPUT_FOLDER
the extraction folder (the last argument of QuickBMS)
INPUT_FOLDER
same as above
ALLOC a type used only in the Set command for a particular thing
SIGNED_BYTE
SIGNED_SHORT
SIGNED_THREEBYTE
SIGNED_LONG
QuickBMS supports also the experimental multidimensional arrays inside
the variables, example:
for i = 0 < 10
get VAR
long
for j = 0 < 5
get VAR2[j] long
next j
next i
But it's possible to access that variable ONLY by specifying the
original name and index, so:
print "%VAR[0]%" # fail!
math i = 0
print "%VAR%" # ok
And now the list of commands in the same order in which they are listed
in the QuickBMS source code in the function parse_bms():
.......................................................................
QuickBMSver VERSION
checks if the current version of QuickBMS is enough recent to
support the script... used rarely, mainly for scripts created after
I added or fixed a functionality of the tool.
arguments:
VERSION oldest version of QuickBMS for which was created the script.
it's also possible to add some options that are suggested
by the script to the user who must enable them at runtime
if he desires, -9 is the only one supported at the moment
examples:
QuickBMSver 0.2.4
QuickBMSver "0.5.14 -9"
.......................................................................
Clog NAME OFFSET ZSIZE SIZE [FILENUM]
Extracts the file decompressing it in real-time, this operation
doesn't affect the current position of the input file.
The decompression algorithm used in the operation is decided by the
ComType command.
The content of the extracted file can be decrypted automatically
using the Encryption command.
arguments:
NAME name of the output file
OFFSET position of the archive where is located the file
ZSIZE size of the compressed data in the archive
SIZE size of the uncompressed file
FILENUM number of the file associated to the archive (0)
examples:
Clog NAME OFFSET ZSIZE SIZE
Clog "dump.dat" 0 ZSIZE 10000000 # the file will have the real size and not 10000000
.......................................................................
FindLoc VAR TYPE STRING [FILENUM] [ERR_VALUE]
It finds the first occurrency of a given string or number from the
current offset of the archive.
It's used in those cases when the format of the archive is not known
or it's a particular text file.
arguments:
VAR the variable which will receive the offset of the occurrency
TYPE can be STRING, UNICODE or a number
STRING string in C notation or number, depending by the TYPE
(cstring)
FILENUM number of the file associated to the archive (0)
ERR_VALUE by default FindLoc terminates the script if no string
is found but if ERR_VALUE is specified this value will
be assigned to VAR without terminating when there are no
other occurrencies
examples:
For
FindLoc OFFSET string "filename="
...
FindLoc OFFSET string "filename=" 0 ""
if OFFSET == ""
cleanexit
endif
Next
.......................................................................
For [VAR] [OP] [VALUE] [COND] [VAR]
...
Next [VAR]
A classical "for" loop with initializers, conditions and
incrementers.
There is also the Break instruction available to break the loop at
any moment (note that the Break instruction is not suggested in
presence of multiple For because in some rare cases it could give
problems).
Next is the command which delimits the loop and at the same time
increments the given variable if specified.
Practically it means:
- give VALUE to VAR (or performs a mathematical operation on it)
- perform a loop till the two VARs match the "condition"
- perform all the operations between For and Next
- increment VAR
all the parameters are optionals.
arguments:
VAR variable to which assign a value
OP any of the available Math operators
VALUE value to assign to the variable or part of the math operation
COND condition, the same of the IF command
VAR second part of the condition
examples:
For i = 0 < FILES
...
next i
For
# do what you want here, this is an endless loop
Next
For VAR1 = VAR1 != VAR2
# this is exactly the same of using while(VAR1 != VAR2) {...} in C
Next
.......................................................................
Get VAR TYPE [FILENUM]
It reads strings and numbers from the open files, it's also the most
used command.
arguments:
VAR variable which will receive the read data
TYPE watch the description of the types explained before
FILENUM number of the file associated to the archive (0)
examples:
Get OFFSET long
Get NAME string
.......................................................................
GetDString VAR LENGTH [FILENUM]
It reads a defined amount of data from the file and stores it in the
given variable.
It's useful with filenames and other strings that have a length
specified in a previous 8, 16 or 32 bit field.
arguments:
VAR variable which will receive the read data
LENGTH amount of bytes to read, there is also an experimental
method LENGTH*NUM, for example:
getdstring ARRAY NUMBERS*4
FILENUM number of the file associated to the archive (0)
examples:
GetDString NAME NAME_LENGTH
GetDString NAME 0x100
.......................................................................
GoTo OFFSET [FILENUM] [TYPE]
It changes the current position in the file, just like fseek()
arguments:
OFFSET position to reach, if it's negative it will be considered
an "OFFSET bytes from the end of the file" position.
only the constants can be negative with GoTo while all
the variables will be handled as unsigned (0 to
0xffffffff)
FILENUM number of the file associated to the archive (0)
TYPE SEEK_SET (default), SEEK_CUR, SEEK_END
examples:
GoTo OFFSET
GoTo 0x100
GoTo -4 # 4 bytes before the end of the file
.......................................................................
IDString [FILENUM] STRING
It terminates the program if the signature at the current position
of the file differs than the provided string.
If the string doesn't match and it's 4 bytes long QuickBMS will
automatically swap it and perform the compare again, if this time
it matches then the endianess will be changed making the majority
of the scripts written for an architecture (for example PC)
virtually compatible with others (for example Xbox360).
Pay attention to the FILENUM/VAR order different than other commands
(it's the original BMS syntax), anyway QuickBMS will try to fix the
order in case you invert them.
arguments
FILENUM number of the file associated to the archive (0)
STRING string in C notation (cstring)
examples:
IDString "PKx03x04"
IDString " KAP"
.......................................................................
Log NAME OFFSET SIZE [FILENUM]
It extracts the file, this operation doesn't affect the current
position of the input file.
The content of the extracted file can be decrypted automatically
using the Encryption command.
arguments:
NAME name of the output file
OFFSET position in the archive where is located the file
SIZE amount of the data to extract
FILENUM number of the file associated to the archive (0)
examples:
Log NAME OFFSET SIZE
Log "dump.dat" 0 SIZE
.......................................................................
Math VAR OP VAR
Mathematical operation between the two variables with the result
placed in the first one.
Note that for compatibility all the operations are performed using
signed 32 bit numbers by default.
This makes the difference with some operation like the shift ones,
so pay attention!
For unsigned operations add an 'u' before OP.
arguments
VAR variable which acts as input and output
OP + sum
* multiplication
/ division
- substraction
^ xor
& and
| or
% modulus
! negation of var2 (0 becomes 1 and any other value becomes 0)
~ complement of var2 (like "xor 0xffffffff")
< shift left
> shift right
l rotate left
r rotate right
s byte swapping
w bit swapping
= assign var2 to var1
n negative value of var2 (so -var2)
a absolute value of var2
v radix
p power
x alignment, examples:
var1=1, var2=16, result=16
var1=16, var2=16, result=16
var1=17, var2=16, result=32
z common bitswapping:
var1=0xab, var2=4, result=0xba
var1=0xabcd, var2=4, result=0xdc
var1=0xabcd, var2=8, result=0xcdab
add a 'u' before or after OP for forcing the usage of unsigned
operations useful with shift, divisions and possibly other
operations
any operation starting with a '?' will be considered a
verbose operation, for example ?add is the same of +
QuickBMS supports also all the functions available in
math.h like ?sin, ?cos, ?atan and so on
VAR other input variable
examples:
Math SIZE *= 0x100
Math OFFSET <<= 2
Math OFFSET u<<= 2
Math TMP = SIZE
Math TMP ~ TMP
Math TMP n TMP
Math TMP2 a TMP
Math SIZE u/ 5
Math RADIX v= 2
.......................................................................
Open FOLDER NAME [FILENUM] [EXISTS]
It opens a file for reading, practically it assigns a file number/id
to an existent file that you want to use
arguments:
FOLDER FDDE, means that you want to open the file in the same
location of the input one which has the extension
provided with NAME
FDSE, it will consider NAME as a file located in the
same folder of the input file (very useful)
any other value is considered the folder where is located
the file to load so use "." for the current output
folder
NAME read above, NAME can be also a ? in which case QuickBMS
will ask the user to insert the name of the file to open
manually
if NAME is "" then will be performed a flush operation
that could be useful (or not?) only in write mode
FILENUM number of the file associated to the archive (0)
EXISTS if the file doesn't exist this variable will be set to
0 otherwise 1 (exists). by default QuickBMS terminates
with an error if the file doesn't exist.
examples:
Open FDDE DAT 0
Open FDDE IDX 1
Open FDSE "myfile.zip"
Open "." TEMPORARY_FILE 1
.......................................................................
SavePos VAR [FILENUM]
Current position of the file, like ftell().
arguments:
VAR variable which will contain the offset
FILENUM number of the file associated to the archive (0)
examples:
SavePos OFFSET
.......................................................................
Set VAR [TYPE] VAR
Command for assigning a constant or a variable to another variable
with the possibility of changing its type (like with unicode)
arguments:
VAR output variable or memory file
TYPE useless type, indeed it can be also not specified in
which case will be used the String value.
it's useless because in QuickBMS doesn't exist a real
difference between numbers and strings except some
cases (like unicode, filename, basename, extension
and possibly others).
the STRLEN type can be used as alternative at the
Strlen command
other special types are:
- unicode
- binary (cstring)
- alloc: allocates memory
- filename: takes the filename part from a string (myfile.txt)
- basename: takes the basename part from a string (myfile)
- extension: takes the extension part from a string (txt)
VAR variable or constant to assign
examples:
Set i long 0
Set TMP long SIZE
Set TMPNAME NAME
Set MEMORY_FILE binary "x12x34x56x78"
Set ASCII_VAR unicode UNICODE_VAR # from unicode to string
.......................................................................
Do
...
While VAR COND VAR
A not so useful type of cycle where it's performed the check of the
condition at the end of the cycle... really rarely used.
If you need a C-like "while(...) {...}" use the For command.
arguments:
VAR first part of the condition
COND condition, check the If command below for additional info
VAR second part of the condition
examples:
Do
...
While OFFSET < MAX_OFFSET
.......................................................................
String VAR OP VAR
The equivalent of the Math command for the strings
arguments:
VAR input and output variable
OP = just a copy or if var2 is a number it will consider it
a raw string:
var2="0x44434241", result="ABCD"
+ append the second string to the first one
- if the second variable is a positive number the
string will be truncated at that amount of bytes
from the end
if the second variable is a negative number the
string will be truncated at that amount of bytes
from the beginning
otherwise will be removed all the occurrencies of
the second string in the variable
^ xoring of the string with the second one (looped if shorter)
< like strrchr/strrstr but returns the part before it
var1="thisisastring", var2="4", result="isastring"
% truncate the variable at the position obtained by
the modulus of its length and the number in the second
variable
& strchr/strstr
var1="thisisastring", var2="isa", result="isastring"
| strchr/strstr + var2 length
var1="thisisastring", var2="isa", result="string"
$ strrchr/strrstr
! strrchr/strrstr + var2 length
> if the second variable is a number:
var1="thisisastring", var2="4", result="thisisast"
otherwise:
var1="thisisastring", var2="isa", result="this"
r reversed string
b byte2hex of var2: var2="abc", result="616263"
B as above but uses the var2 as a null delimited string (strlen)
h hex2byte of var2: var2="616263", result="abc"
e experimental encryption based on the Encryption command
E as above but uses the var2 as a null delimited string (strlen)
c experimental compression based on the ComType command
C as above but uses the var2 as a null delimited string (strlen)
u toupper: var2="hello", result="HELLO"
l tolower: var2="HELLO", result="hello"
R replace chars
p a printf-like experimental work-around
the format for float (f) and double (g) works only
for one element, so:
get VAR_LONG long
String TMP p= "%10.10f" VAR_LONG # no VAR2 or VAR3
print "%TMP%"
s a sscanf-like experimental work-around
VAR the second variable or string
note:
you can use also some keywords like strstr instead of & or printf
instead of p and so on
examples:
string FULLPATH += NAME
string FULLPATH +=
string NAME -= ".zip"
string NAME -= 4
string PATH R= "." "/"
string FULLPATH p= "c:folder\%04x%04x.dat" VAR1 VAR2 # VAR1/2 are the input
string FULLPATH s= "c:folder\%04x%04x.dat" VAR1 VAR2 # VAR1/2 are the output
.......................................................................
CleanExit
terminates the script, it's possible also to use just Exit
.......................................................................
If VAR COND VAR
...
[Elif VAR COND VAR]
...
[Else]
...
EndIf
It checks various conditions and performes the needed operation
when the condition is verified, in short:
- If is ever the first condition
- Elif is another condition and can be used endless times
- Else is the operation to do when no conditions are met, the last
- EndIf delimits the If command
arguments:
VAR first part of the condition
COND valid for both strings and numbers:
< minor
> major
!= different
== equal
>= major/equal
<= minor/equal
& string: var2 is included in var1
number: logical AND
^ string: equal
number: logical XOR
| number: logical OR
% number: modulus
/ number: division
<< number: shift left
>> number: shift right
! number: negation
!! number: true, use it to know if VAR is non-zero
~ number: complement
ext compares the string after the last dot
basename compares the string before the last dot
any other operation supported by the Math command (valid
only for the numeric variables)
add a 'u' before COND for forcing the usage of unsigned
operations useful with shift, divisions and possibly other
operations
VAR second part of the condition
Examples:
If NAME != ""
...
Endif
If MASK & 1
Elif MASK & 2
Elif MASK & 4
Elif MASK & 8
Else
Endif
.......................................................................
GetCT VAR TYPE CHAR [FILENUM]
It reads a string till the reaching of the CHAR delimiter.
arguments
VAR output variable
TYPE only unicode is the alternative type, any other value
is just ignored because doesn't matter for this
operation
CHAR the delimiter character as 8bit number
FILENUM number of the file associated to the archive (0)
examples:
GetCT NAME string 0x0a
GetCT NAME string 0x3b
set DELIMITER_BYTE long 0x0a
GetCT NAME string DELIMITER_BYTE
GetCT NAME unicode 0x0a
.......................................................................
ComType ALGO [DICT]
It selects the specified compression algorithm to use with the Clog
command.
It's also possible to choose a number as ALGO for an "utopic" idea
about a scanner for being able to guess the possible compression
algorithm in an unknown compressed data block:
http://aluigi.org/papers/bms/comtype_scan2.bat
http://aluigi.org/papers/bms/comtype_scan2.bms
comtype_scan2.bat comtype_scan2.bms input_file output_folder
comtype_scan2.bat comtype_scan2.bms input_file output_folder uncompressed_size
Obviously this feature is only for advanced people who knows exactly
what they are doing... and works really perfectly.
Note that some algorithms may work only on Windows
arguments:
ALGO copy, simple copy that could be useful in some rare cases with
data encrypted with block ciphers like AES and blowfish so
use comtype copy and encryption
zlib, RFC 1590 (aka windowbit 15, the data starts with a 'x')
DICT supported
deflate, RFC 1591 (aka windowbit -15) used for example in the ZIP files
DICT supported
lzo1a till lzo2a, LZO (remember that the most used is lzo1x)
DICT supported
lzss, with default configuration (dictionary of 4096 bytes)
this particular algorithm can be fully configured setting the
EI, EJ and
Show Posts
