Short novel incoming, but hopefully this is useful to pass on. Turns out this would hypothetically be super easy to do, even with all the obfuscation. Please remember to follow your local copyright laws and do not do anything unethical or illegal.
I would
strongly expect these steps to do what you expect.
- Open
BeastBeat_Data\Managed\Assembly-CSharp.dll
in dnSpy 64 bit
- Navigate to the BeastBeat.View > MainView reference
- Find where the menuitems are instantiated, specifically the gallery. You'd be looking for a line of code something like:
Code:
this.<OBFUSCATED_NAME>.Get<Button>("Gallery", true).RANDOMTEXT(new UnityAction(this.MORERANDOMTEXT), true);
In a method with an obfuscated name in
public class MainView : ViewItem
.
- The parameter passed to the UnityAction constructor in that line (this.MORERANDOMTEXT) is a pointer to a method. Follow that to find a method that will have two early-exit conditions based off an obfuscated conditional that might not make very much sense. This code is more or less saying: "if either of these conditions are true, don't show them the gallery select and instead show the LoginView."
If we remove both of those early returns and just allow the call to ShowView<GallerySelectView>() and recompile + save, voila, we can now access the gallery in game as expected. There's one small catch though, we can't do anything there.
There are a ton of functions in this unit that look
exactly like the function we just changed, but I assume that's just duplication to support more obfuscation (I guess if you don't know the entry point or it's not obvious, it's harder to rule all these out as dead code), so that's the only change you'll have to make.
Anyway, at this point, nothing in the gallery will unlock because
the developers are idiots wasting their time on obfuscation and silly overly complicated authentication rather than making better maps ...reasons.
So we check out the
GallerySelectView
and take a look. Well fuck me sideways, there are tons of functions that look something like this that are clearly used to determine whether or not we're authenticated:
Code:
public bool AWFULNAMEHERE(int FOOBAR)
{
return ABCDEFG.HIJKLMNOP() && QRSTUVWXYZ.ABCD1234.FOOBARBAZ(MORETEXT);
}
The first method in this conditional (ABCDEF....) is actually one of the methods used in the GallerySelectView code we nuked. I wonder what would happen if we were to navigate to that method by clicking on it and then change the method body (Right click -> Edit method (C#)) and change it to just return true. At that point, hypothetically, you could probably save and recompile the dll and everything will probably work.
If that didn't work, which I'm fairly sure it will, you could also go the nuclear option of right clicking ALL of those authentication methods and going to "Change IL Instructions" and changing the assembly to just return true (if you need to know what instructions do that, just change a method in a file that actually complies to return true and just steal the instructions. It should be one register edit + a
ret
statement). Modifying the assembly instead of the C# code here is necessary because the GallerySelectView itself won't actually compile if you edit due to specific compilation/translation nonsense I don't really want to get into, but modifying the underlying assembly will always work.
Hope that helps, sorry for the massive fucking wall of text. If this is useful to you, give this dude a like because his post is useful:
https://f95zone.to/threads/beastbeat-v0-1-12-c-bonegames.131957/post-11474130