Hey guys,
I did some research regarding MHST Android version save data. I found that there are 2 save files, `mhr_game0.sav` and `mhr_game1.sav`. The 0 one is autosave file, while the 1 is the conventional save file (saving the game manually). Each of them has backup file named: `mhr_game0_bk.sav` and the 1 counterpart.
By comparing the save file and backup file, I assume that the 20 bytes of data starting from 0x0C up to 0x1F is a checksum. I've tried hashing the save data with the offset of 0x20, and incrementing the offset in a loop (up to offset = data.length) with SHA-1 and RIPEMD-160 (since they both yield 20 bytes / 160 bits of digest data). Didn't match with the aforementioned 20 bytes checksum.
I actually got 2 phones, one is rooted with a broken screen, but I can still use it thanks to Vysor app. One is Galaxy s8 on nougat, the other one is Galaxy Note 3 on Lineage (oreo). So I tried restoring the save data across 2 phones. But every time I restored the file from one phone to the other, the game just didn't recognize the save data at all. It just prompted to play a new game, all other buttons are disabled. It works just fine if I restore the save file from & to the same phone.
I also found that in-game money offsets are different between save data from both phones. One on 0x9C314 , and the other one is on 0x9C32C. I guess there must be something to do with device Id / Android version / smth else...
No, you can actually dump your save data using ADB backup, even on an unrooted phone. It's a bit complicated tho, the backup file is in .ab format, which you need to unpack into .tar file. And then you can extract that tar file. Also don't forget to keep the order of the files within to repack it again (because somehow within the Android backup specification, the file order does matter, and it doesn't necessarily follow an alphabetical order). The save files come in `apps/jp.co.capcom.mhsspen/f/` directory.
IKR, I'm pretty sure some kind of 'device info' data is used to calculate the checksum. I think the easiest way (which actually is not that easy either) is to reverse engineer the game file and look for the checksum-function to find out the algorithm. Rather than bruteforcing any random hash algorithms just like what I did. By the way, hit me up if you still need multiple save files, I have couples of them
It'll happen if someone with sufficient skill on reverse engineering the apps willing to take their hands down on this. I'm quite new to Monster Hunter series, this MHST Android is literally my first Monster Hunter game, and I love it. Put a lot of efforts on doing my research, but yeah.. this is practically a dead end for me. RE is out of my reach
I did some research regarding MHST Android version save data. I found that there are 2 save files, `mhr_game0.sav` and `mhr_game1.sav`. The 0 one is autosave file, while the 1 is the conventional save file (saving the game manually). Each of them has backup file named: `mhr_game0_bk.sav` and the 1 counterpart.
By comparing the save file and backup file, I assume that the 20 bytes of data starting from 0x0C up to 0x1F is a checksum. I've tried hashing the save data with the offset of 0x20, and incrementing the offset in a loop (up to offset = data.length) with SHA-1 and RIPEMD-160 (since they both yield 20 bytes / 160 bits of digest data). Didn't match with the aforementioned 20 bytes checksum.
I actually got 2 phones, one is rooted with a broken screen, but I can still use it thanks to Vysor app. One is Galaxy s8 on nougat, the other one is Galaxy Note 3 on Lineage (oreo). So I tried restoring the save data across 2 phones. But every time I restored the file from one phone to the other, the game just didn't recognize the save data at all. It just prompted to play a new game, all other buttons are disabled. It works just fine if I restore the save file from & to the same phone.
I also found that in-game money offsets are different between save data from both phones. One on 0x9C314 , and the other one is on 0x9C32C. I guess there must be something to do with device Id / Android version / smth else...
I'm pretty sure that you need to root your phone anyways to get the save data. Unless there's a way to copy saved data off of the iCloud / Android Game Cloud (or whatever it's called)
Edit- I get it now. The only way to pull the save from Android, right now, is to have a rooted device running Lucky Patcher and pulling the save from the backup of the app settings. What a pain. My thunder Los will have to wait..
No, you can actually dump your save data using ADB backup, even on an unrooted phone. It's a bit complicated tho, the backup file is in .ab format, which you need to unpack into .tar file. And then you can extract that tar file. Also don't forget to keep the order of the files within to repack it again (because somehow within the Android backup specification, the file order does matter, and it doesn't necessarily follow an alphabetical order). The save files come in `apps/jp.co.capcom.mhsspen/f/` directory.
That hash/MAC is probably some Android specific shit. Still not confirmed if account/device infos are involved calculating it. That's why i asked for 2 identical saves from 2 different devices/accounts.
IKR, I'm pretty sure some kind of 'device info' data is used to calculate the checksum. I think the easiest way (which actually is not that easy either) is to reverse engineer the game file and look for the checksum-function to find out the algorithm. Rather than bruteforcing any random hash algorithms just like what I did. By the way, hit me up if you still need multiple save files, I have couples of them
Android editor wont be happening. Too strong of edit/corruption deterance and not enough info to bypass it. Either learn to RAM edit on your phone or just play legit like everyone else.
It'll happen if someone with sufficient skill on reverse engineering the apps willing to take their hands down on this. I'm quite new to Monster Hunter series, this MHST Android is literally my first Monster Hunter game, and I love it. Put a lot of efforts on doing my research, but yeah.. this is practically a dead end for me. RE is out of my reach
Last edited by tadho,