search

hldh214 / lok_bot

Yet another League of Kingdoms farming bot
MIT License
38 stars 37 forks source link

Question: How do you figure out how to decrypt payload #82

Closed Jimmy-JS closed 1 year ago

Jimmy-JS commented 1 year ago

Hi @hldh214, Thanks for continuing this amazing bot script. I just curious on how do you figure out how to decrypt the payload? Because previously I try to figure it out but I gave up haha. so I just really want to know how you do it.

hldh214 commented 1 year ago

If you were to review my commit history, you would see that I was at a loss for a long time when the XOR encryption was first introduced in the game. However, in 2023, I decided to challenge myself once again.

For the technical part, I attempted reverse engineering. Initially, I tried reverse engineering the web version, but I found it too challenging to read the machine code of WebAssembly. So, I turned to reverse engineering the Android APK instead. Luckily, there are many tools available for reverse engineering Unity, making it easy to obtain decompiled C#/C++ code. Then came the tedious task of browsing through the code. Fortunately, I was able to identify some key words, such as "xor" and "gzip" and with some manual experimentation, I eventually obtained the contents of this repository that you are currently seeing.

In summary, it was mostly luck and a small part experience that led to my success.

Jimmy-JS commented 1 year ago

Thank you so much for your explanation. I also tried reverse engineering from the web version and stopped continuing because could not read the source through the binary editor thing. Glad that you mention about reverse engineering from android APK. I will try it by myself to see if I can do that. May I know which tool / guide that you're following to reverse engineering the android APK? that would be helped me and I'll appreciate that.

Again, thank you for your effort on this project and for not giving up on the encryption!

hldh214 commented 1 year ago

There are generally three types of tools for decompiling a Unity APK:

  1. Get libil2cpp.so: You can use apktool or any other tool of your choice.
  2. Extracting source code and symbols from .so files: Il2CppDumper, frida-il2cpp-bridge, ...
  3. General decompilers: You can use IDA, Ghidra, or other similar tools.

There isn't a comprehensive guide available for this, or at least I haven't come across one during my search. The tools mentioned above are just recommendations and there might be other tools that are required as well. So, good luck!

Jimmy-JS commented 1 year ago

Got it!! Thank you so much for the information & direction! I'll try those and wish me luck :D