Closed Jimmy-JS closed 1 year ago
If you were to review my commit history, you would see that I was at a loss for a long time when the XOR encryption
was first introduced in the game. However, in 2023, I decided to challenge myself once again.
For the technical part, I attempted reverse engineering. Initially, I tried reverse engineering the web version, but I found it too challenging to read the machine code of WebAssembly. So, I turned to reverse engineering the Android APK instead. Luckily, there are many tools available for reverse engineering Unity, making it easy to obtain decompiled C#/C++ code. Then came the tedious task of browsing through the code. Fortunately, I was able to identify some key words, such as "xor" and "gzip" and with some manual experimentation, I eventually obtained the contents of this repository that you are currently seeing.
In summary, it was mostly luck and a small part experience that led to my success.
Thank you so much for your explanation. I also tried reverse engineering from the web version and stopped continuing because could not read the source through the binary editor thing. Glad that you mention about reverse engineering from android APK. I will try it by myself to see if I can do that. May I know which tool / guide that you're following to reverse engineering the android APK? that would be helped me and I'll appreciate that.
Again, thank you for your effort on this project and for not giving up on the encryption!
There are generally three types of tools for decompiling a Unity APK:
libil2cpp.so
: You can use apktool or any other tool of your choice..so
files: Il2CppDumper
, frida-il2cpp-bridge
, ...IDA
, Ghidra
, or other similar tools.There isn't a comprehensive guide available for this, or at least I haven't come across one during my search. The tools mentioned above are just recommendations and there might be other tools that are required as well. So, good luck!
Got it!! Thank you so much for the information & direction! I'll try those and wish me luck :D
Hi @hldh214, Thanks for continuing this amazing bot script. I just curious on how do you figure out how to decrypt the payload? Because previously I try to figure it out but I gave up haha. so I just really want to know how you do it.