search

royale-proxy / cr-proxy

A simple Clash Royale proxy, implementing the new encryption, built on top of Twisted in Python 3.5.
https://discord.gg/BuUtGPM
24 stars 7 forks source link

Are those keys also for CSV files? #11

Closed Agusnez closed 7 years ago

Agusnez commented 7 years ago

I was wondering if those keys will also work for the CSV files. I will try. If not, do you guys know where to find them? Thanks!

FilUnderscore commented 7 years ago

The CSV files are lzma compressed, so to decompress the CSV files I recommend following this guide (which works the same for Clash Royale, as it does for Clash of Clans) https://github.com/clugh/cocdp/wiki/Csv-Files

You will need a hex editor and an lzma API.

Agusnez commented 7 years ago

@FilUnderscore It worked, many thanks!! But now when I compress the file again the game doesn't recognise it and crashes...

FilUnderscore commented 7 years ago

First of all, there may or may not be a specific way to compress the CSV files, usually the file structure appears like this (in binary format): Decompressed Size (int/long) + Compressed String

Here is an example of this implementation in Java: https://gist.github.com/FilUnderscore/20fe189b9ec1832920b8a7153f90e489

However, the CSV files can only be modified within the client APK after the fingerprint.json file has been regenerated to include the list of new files with their respective MD5 hashes and location. If the fingerprint file is not regenerated and if the server that the client is connecting to does not contain the same MD5 hash as in the server's fingerprint file, the client will download the same fingerprint file from Supercell's content server, which is the exact same copy of the server's fingerprint file.

Agusnez commented 7 years ago

@FilUnderscore So, is there a way to play in the official server having the CSV files modified? Connecting to a proxy will work? I'm going to try but I've seen that Supercell has blocked this methods...

FilUnderscore commented 7 years ago

At the moment, I'm not sure whether it would be possible using modified CSV files on the official server, because either way it wouldn't make a difference, mainly in gameplay because only your client should be able to see changes to the CSV file, however the server wouldn't and chances are there are checks in place to make sure certain values can't exceed a set amount.

I'm only guessing at this point, because I'm not sure if it has been attempted by anyone yet... however you could possibly write a client-proxy which can trick both the official server and the client, by sending the correct fingerprint hash in the Handshake & Login messages. It's basically a normal proxy however the Handshake and Login messages are intercepted and values are changed.