- Mar 18, 2018
- 30
- 27
Seems like the authenticator is the only thing in this game that works as intendedSo now they're going to push out an update every 2 days or something tiny just to change the DRM a little? Maybe if they hadn't spent so much time on making it as hard as possible to crack, we would have gotten the interactions much earlier...
if i get an account or the real response from the cloud for the verify page i can dive back into and take a try it but right now i'm stuck and i cant figure a way to get unstunk also i need the new game file i will take a quick look to se if there is any change but i doubt itIt's over...... ?
Someone quick throw money at this guy there's not enough furry porn in my systemif i get an account or the real response from the cloud for the verify page i can dive back into and take a try it but right now i'm stuck and i cant figure a way to get unstunk also i need the new game file i will take a quick look to se if there is any change but i doubt it
I'm guessing they're using beebyte obfuscation? I'm pretty sure it just adds a bunch of useless adresses and swap out the entries with random characters. You could probably compare the newer version with an older version that doesn't have beebyte using a simple script. If someone knows what the latest build without obfuscation is I can take try to take a crack at it, I just need the two versions.if i get an account or the real response from the cloud for the verify page i can dive back into and take a try it but right now i'm stuck and i cant figure a way to get unstunk also i need the new game file i will take a quick look to se if there is any change but i doubt it
the latest build without patreon is the one that you can download direcly from F95 page 1 of this topic the other one is in one of the previous pageI'm guessing they're using beebyte obfuscation? I'm pretty sure it just adds a bunch of useless adresses and swap out the entries with random characters. You could probably compare the newer version with an older version that doesn't have beebyte using a simple script. If someone knows what the latest build without obfuscation is I can take try to take a crack at it, I just need the two versions.
What has your process been? I've extracted some info to deobfuscate the functions in IDA and I've gotten promising results, I'll look more into it tomorrow.the latest build without patreon is the one that you can download direcly from F95 page 1 of this topic the other one is in one of the previous page
the real latest build hasnt be leaked yeat but you can edit the paquet send to the server and lie on the version to achieve the pledge error
yeah it feel like beebyte obfuscation but i think they also modified some thing that make their backend necessary to use the software if you skip the scene and jump directly to the one that contain the game and not the authentification shit the models are broken texture arent loading and so on
Maybe, I saw some people cracking bunch of stuff, but I'm too socially awkward even online to ask them to take a lookWasn't there something like this with Carnal Instinct and someone was able to crack it?
i used IL2CPPDumper to get metada and struct used the py script in my ida but that is the easy part i dont think i need tu make a tutorial for that ;pWhat has your process been? I've extracted some info to deobfuscate the functions in IDA and I've gotten promising results, I'll look more into it tomorrow.
Remember my friend. Nothing is uncrackablei used IL2CPPDumper to get metada and struct used the py script in my ida but that is the easy part i dont think i need tu make a tutorial for that ;p
then i made a 404 auto responder with fiddle and identified a function that has 2 UnitiWebRequest check the first verify if the status is 200 and the seconds verify if the status isnt 403 then i used Fiddler and created an autoresponder on the Yl2Cloud/verify to respond always 200 to these request an located an other function that wasnt called before "YL2_Verification_Verify_JGOEKHJEBJM__IBJJHCBJNCH" this function is doing some ciphering also taking password, key and some data from the previous request i tryed to bypass this by i dont know how much try and methods but alway get to crash or new error some related to empty variable inside arrays other because array seem to go out of bound so are cbc error wich are all handled thats what i find very strange and also i'm a bit worried that there some encryption going on the game file as the a direct check for !decrypted View attachment 3347658
that go to some error handeling
i also tried to be more violent an directly replace the jumpcall by the switch the the skytemple scene but go exactly the same behavior as the one you get with unity explorer when manually switching the scene also good to note that when you do that unity explorer error out some missing files
and also i was tired that the code jumped in all the direction so i have breakpoint all the function and just numbered them so now i dont need to run the program to know when and were they are called but this only helped to locate YL2_Verification_Verify_JGOEKHJEBJM__IBJJHCBJNCH after this i got stuck because it seem that the last call that is interesing after diving into garbage generated by bee and getting back to the login screen wich restart the loop or if you patch YL2_Verification_Verify_JGOEKHJEBJM__IBJJHCBJNCH create new error that sometimes i find funny
if you figure this out you nee to explain to me because i'm so frustrated right now i want to understand what i'm missing because i know i'm close to find the solution or the thing that said uncrackable because need some complicated backend or donwload file from authentified server
Yeah but sometimes there system that need so much work thats not worth it or like denuvo that need total genius to hack it the kind of genius that is not that common i doubt that this is one of these case i think i'm missing something and i really want someone to slap it in my face because i'm frustrated like crazyRemember my friend. Nothing is uncrackable
check AppData\LocalLow\FurryVNE Team\FurryVNE\player.log if you haven't. It says that some asset bundle is missing.i used IL2CPPDumper to get metada and struct used the py script in my ida but that is the easy part i dont think i need tu make a tutorial for that ;p
then i made a 404 auto responder with fiddle and identified a function that has 2 UnitiWebRequest check the first verify if the status is 200 and the seconds verify if the status isnt 403 then i used Fiddler and created an autoresponder on the Yl2Cloud/verify to respond always 200 to these request an located an other function that wasnt called before "YL2_Verification_Verify_JGOEKHJEBJM__IBJJHCBJNCH" this function is doing some ciphering also taking password, key and some data from the previous request i tryed to bypass this by i dont know how much try and methods but alway get to crash or new error some related to empty variable inside arrays other because array seem to go out of bound so are cbc error wich are all handled thats what i find very strange and also i'm a bit worried that there some encryption going on the game file as the a direct check for !decrypted View attachment 3347658
that go to some error handeling
i also tried to be more violent an directly replace the jumpcall by the switch the the skytemple scene but go exactly the same behavior as the one you get with unity explorer when manually switching the scene also good to note that when you do that unity explorer error out some missing files
and also i was tired that the code jumped in all the direction so i have breakpoint all the function and just numbered them so now i dont need to run the program to know when and were they are called but this only helped to locate YL2_Verification_Verify_JGOEKHJEBJM__IBJJHCBJNCH after this i got stuck because it seem that the last call that is interesing after diving into garbage generated by bee and getting back to the login screen wich restart the loop or if you patch YL2_Verification_Verify_JGOEKHJEBJM__IBJJHCBJNCH create new error that sometimes i find funny
if you figure this out you nee to explain to me because i'm so frustrated right now i want to understand what i'm missing because i know i'm close to find the solution or the thing that said uncrackable because need some complicated backend or donwload file from authentified server