The Format
ODL_header
struct {
char signature[8]; // EBFGONED
uint32 odl_version; // value seen = 2 or 3
uint32 unknown2;
uint64 unknown3; // value seen = 0
uint32 unknown4; // value seen = 1
char one_drive_version[0x40];
char os_version[0x40];
byte reserved[0x64];
} Odl_header;
Data_block
struct {
uint64 signature; // CCDDEEFF 0000000
uint64 timestamp; // Unix Millisecond time
uint32 unk1;
uint32 unk2;
byte unk3_guid[16];
uint32 unk4;
uint32 unk5; // mostly 1
uint32 data_len;
uint32 unk6; // mostly 0
byte data[data_len];
} Data_block_v2;
struct {
uint64 signature; // CCDDEEFF 0000000
uint64 timestamp; // Unix Millisecond time
uint32 unk1;
uint32 unk2;
uint32 data_len;
byte unk3;
byte data[data_len];
} Data_block_v3;
Data
struct {
uint32 code_file_name_len;
char code_file_name[code_file_name_len];
uint32 flags;
uint32 code_function_name_len;
char code_function_name[code_function_name_len];
byte parameters[];
} Data_v2;
struct {
byte unk1_guid[16];
uint32 unk2;
uint32 unk3;
uint32 code_file_name_len;
char code_file_name[code_file_name_len];
uint32 flags;
uint32 code_function_name_len;
char code_function_name[code_function_name_len];
byte parameters[];
} Data_3;
No comments:
Post a Comment