I'm trying to learn how to reverse engineer an APK's file structure obfuscation. I know it was built on cocos2d - I've used a variety of tools to decompile it in a variety of ways, but I still can't figure out how the file structure was obfuscated, and how the app figures out where a given asset is. The structure is like so: assets/assets/X/Y/ZZ/ZZABC.file
X being one of 6 options: internal, localize, main, manifest, resources, script
Y being either import or native
ZZ being a 2 character folder name
The file name starts with those first two characters, and is usually a long segmented name such as: 6e576450-af40-49fd-b1de-1952bf60ca54
A few though are a bit shorter and similar to this: 1e58fbfa7
There is no mapping file. Any thoughts of how to proceed?
I'm not sure where to even look.. I've looked in several of the js files, in the cocos assets, etc. Now I'm working on using ghidra to decompile the libraries and see if that has a clue.
X being one of 6 options: internal, localize, main, manifest, resources, script
Y being either import or native
ZZ being a 2 character folder name
The file name starts with those first two characters, and is usually a long segmented name such as: 6e576450-af40-49fd-b1de-1952bf60ca54
A few though are a bit shorter and similar to this: 1e58fbfa7
There is no mapping file. Any thoughts of how to proceed?
I'm not sure where to even look.. I've looked in several of the js files, in the cocos assets, etc. Now I'm working on using ghidra to decompile the libraries and see if that has a clue.