- Jul 21, 2018
- 1,300
- 1,761
You misunderstood. If you work on the original file, sure. A dump, no because of MD5-change. Page 17 has your answer.
Unreal Engine Fallen Doll: Operation Lovecraft [v0.4.9 Cracked] [Project Helius]
- Thread starter monroe
- Start date
Your hints and a fair share of duckduckgoing is all my experience with reverse engineering, so perhaps I misunderstood some things here and there. The dump is not necessary in order to run it locally, right? I now got the game to run through x64dbg without having to do anything with the pak files. I now understand that modifying those is necessary if you'd want to make the crack permanent and portable in order to share it for example, and that the way I'm running the game now will always require running it through the debugger. Am I on the right track here?
- Jul 21, 2018
- 1,300
- 1,761
Yo, this whole "help people learn shit while supporting the dev" thread is a kind of heartwarming.
- Mar 2, 2017
- 421
- 2,336
Started looking into the pak extraction this morning, it is fairly straight forward and would have taken all of 5 minutes to get the aes key except my dyslexic ass misspelled "crypto" when testing the key and ended up spending and hours longer than I needed trying to figure out what I was doing wrong. Tomorrow I will try and research the next steps.
On a side note is it a me problem that i can unpack the files with unrealpak but can't get the aes key to work with umodel?
On a side note is it a me problem that i can unpack the files with unrealpak but can't get the aes key to work with umodel?
Last edited:
- Jul 21, 2018
- 1,300
- 1,761
There will be days when typos do this. I've run into them several times myself. Some that caused two-day benders. UModel...I dislike. I don't use it, no need. UModel also only uses LOD0.
nonymouse was the first to learn and I'd like for them to be the one to release this version. Always best to wait a week so that authors may make their profit. Otherwise they stop making things. No point. Just keep it for yourself this time. On the next version, it is first-come first-serve. I dunno if the author will change the protection, I hope he does, so that everyone can continue to learn things.
Last edited:
I tried it myself, but the language barrier is too thick
I'll wait quietly
I'll wait quietly
c'mon, take pity already, throw off the crack to ordinary mortals!
- Apr 1, 2018
- 77
- 94
You don't have long to wait; Monday is the most likely drop date for the crack.
Just a day away!
- Mar 2, 2017
- 421
- 2,336
So I've got myself a working exe. I feel like this is entirely wrong though because it is just the dumped exe with the md5 changed to match as a frustrated test after many hours of
. I was actually surprised to see that that worked. Currently the IAT Directory is empty which from some light reading doesn't even matter in a windows environment, imagebase hasn't been changed and is not at 140000000, it runs with the "ssbt" in and cleared out(which isn't a surpirse seeing as it bypassed altogether), text and rdata are still writing, ASLR is still randomizing, and my IAT sizes are off but it works for me. I don't plan to stop trying, but after spending most of the day on this it has given me a massive headache and I need a break.
Oh btw, I think a change of scenery is a nice thing for Bowser to do for Peach, at least she manages to get to see different places.
. I was actually surprised to see that that worked. Currently the IAT Directory is empty which from some light reading doesn't even matter in a windows environment, imagebase hasn't been changed and is not at 140000000, it runs with the "ssbt" in and cleared out(which isn't a surpirse seeing as it bypassed altogether), text and rdata are still writing, ASLR is still randomizing, and my IAT sizes are off but it works for me. I don't plan to stop trying, but after spending most of the day on this it has given me a massive headache and I need a break.Oh btw, I think a change of scenery is a nice thing for Bowser to do for Peach, at least she manages to get to see different places.
Last edited:
- Jul 21, 2018
- 1,300
- 1,761
Not sure what you're smoking but Jimmy Hendrix would have loved whatever it is. An empty IAT...your program won't even run. Clearly having issues dumping. Get to OEP, dump. Technically you're fine at that point (aside MD5 patch). Yeah, we all need change in life. :] Btw your IAT may report a few thunks as missing/invalid. Ignore. Bug in tool. Just subtract 0x20 from IAT size (though not necessary). You should only be using your new .text in it's old body...That'd solve your IAT problem. Clean it of ssbt...set OEP...image base size, CRC...
Working cracked version has been out on pan baidu the day it was released. DuckDuckGo is your friend
- May 21, 2019
- 296
- 757
As promised.
You may need to reset your settings since they would have adjusted to my system.
I couldn't check the VR version since I don't own a VR headset. However, everything should work fine.
Credits to BupoTiling03-Retired for teaching how things should be done.
You must be registered to see the links
You must be registered to see the links
You may need to reset your settings since they would have adjusted to my system.
I couldn't check the VR version since I don't own a VR headset. However, everything should work fine.
Credits to BupoTiling03-Retired for teaching how things should be done.
So I've successfully dumped and ran it with a black screen. I have also found the AES key and unpacked the pak(s is there more than one?) file. From what I can gather from the idea of the dump not working, is that once launched it attempts to access the pak and within the pak is the md5 of the executable which verifies that it is the correct exe, which our dumped exe is not, hence the black screen. Which is why we need to unpack the pak and change where the md5 is located.
I'm not too sure on how to find the md5 of a file or change the md5 as I've read some people doing(Bupo mentioned that's not the correct course but I'm just curious). Another thing I'm not too sure of is how to open up the files from the unpacked pak in order to find the md5.
Bupo mentioned a binary search all, but googling that hasn't really helped (dunno what the right keywords are).
Any advice on tools that can help me for all this?
I'm not too sure on how to find the md5 of a file or change the md5 as I've read some people doing(Bupo mentioned that's not the correct course but I'm just curious). Another thing I'm not too sure of is how to open up the files from the unpacked pak in order to find the md5.
Bupo mentioned a binary search all, but googling that hasn't really helped (dunno what the right keywords are).
Any advice on tools that can help me for all this?