- Aug 10, 2017
- 213
- 348
thank you, i won't read closely that study(300 page is quite a lot...and i'm not a fact cheker or something like that), but i will take a look.
Unity FurryVNE [2024-11-09] [FurryVNE Team]
- Thread starter RedPillBlues
- Start date
- Mar 1, 2020
- 88
- 82
This is complete shit. Users are not a patient, bastard who can't shut up and keep calling names, I don't know what to say next. npomme if you manage to completely break the build, I advise you to take a big break. If the developers release a new build in days or weeks, do not pay attention to this.
Last edited:
- Feb 26, 2022
- 76
- 36
I think when a new build comes out he starts on it. But since he already has the info on what to do he can work semi fast
- Nov 20, 2020
- 398
- 610
There a New build out it can change the whole deal so i Will check on it when i have spare time today
- Nov 20, 2020
- 398
- 610
I have a solution for the previous build i Write the patcher when i get back home i was multitasking all Day at m'y job
- May 2, 2023
- 55
- 136
Does the authenticator have differences between builds?I have a solution for the previous build i Write the patcher when i get back home i was multitasking all Day at m'y job
- Jun 4, 2019
- 149
- 242
I believe so. The system I'd assume is the same, but the key is different. On top of that they probably run encryption/obfuscation with each update again so no version have the same named functions and such.
Shortly put, minor differences that make a decent impact
- Feb 26, 2022
- 76
- 36
In npomme's patcher it creates a custom key that supposedly is able to work across any device when used. Only problem we have in some stupid fucking background authenticators so you got the main verifier, than the main authenticator, than you might think that's it but nope. There's than some more stuff hidden away in the background which is where npomme was running into Char issues. But he is fixing it so all we can do is hope he makes it work.
- Nov 20, 2020
- 398
- 610
yes but i will just generate a signature with ida and make ida restore my project if it works it will be matter of hours for the crack to append but right now i decided to patch the previous build and go play LiesOfPI that is finally cracked by RUNE and you guy will way a bit before i check on the new one
I decompiled it for shit and giggle and its obfuscated too i was hoping dev will forget to obfuscate the build but no this is not the cas so it will wait a bit before i get to it!
- Nov 20, 2020
- 398
- 610
Ok found everithing i need now i just need for real to identify 1 function in the code or at least were the mofo store the value in RAM and we are all set and i dont even need to bother about the athentication as dev coded themself the fucking bypass
I maybe need an acount for each build to make the crack append but the shit is simple AF but kinda twisted they made 100% sure that we will need a file provided by them to play and that file is the key for all the shit that append offline
First you login the game create cookies and check if backend is alive
then the game request /login that is to verify you logged to patreon and it set username and some data
then the game request /verify-user that is the part that verify if you have pledged at least once in your life
if the login id fucked up it return > Valid= false; reason="login"
if not it return a json string that say > Valid= false; reason="pledged"
and then it delete the password 1 - 15 inside the registry
But if the password are set when the game launch and you dont have web the game try to read a file called {timestamp}.bytes that contain 103Kb of data that are encrypted and i cant find what type of encryption they use here but we dont care for now as long as you have valid pledge the data stay the same and that is what the backend give you as a response when pledge is valid
so the real problem here is the game store the timestamp somewhere if i can find where i set the name of the file to dick.bytes and the game will always try to read dick.bytes instead of 5ce07faab31e865bcc4b9006ac93a2789e5b017a.bytes or 65b6380ba313445427dee1ff9fb3d22d5e617aed wich suck because this value change at millisecond interval so if i find where the name generated write a patcher you guy can enjoy the game lifetime
just need to get back from work to search for this name!
I maybe need an acount for each build to make the crack append but the shit is simple AF but kinda twisted they made 100% sure that we will need a file provided by them to play and that file is the key for all the shit that append offline
First you login the game create cookies and check if backend is alive
then the game request /login that is to verify you logged to patreon and it set username and some data
then the game request /verify-user that is the part that verify if you have pledged at least once in your life
if the login id fucked up it return > Valid= false; reason="login"
if not it return a json string that say > Valid= false; reason="pledged"
and then it delete the password 1 - 15 inside the registry
But if the password are set when the game launch and you dont have web the game try to read a file called {timestamp}.bytes that contain 103Kb of data that are encrypted and i cant find what type of encryption they use here but we dont care for now as long as you have valid pledge the data stay the same and that is what the backend give you as a response when pledge is valid
so the real problem here is the game store the timestamp somewhere if i can find where i set the name of the file to dick.bytes and the game will always try to read dick.bytes instead of 5ce07faab31e865bcc4b9006ac93a2789e5b017a.bytes or 65b6380ba313445427dee1ff9fb3d22d5e617aed wich suck because this value change at millisecond interval so if i find where the name generated write a patcher you guy can enjoy the game lifetime
just need to get back from work to search for this name!
- Feb 26, 2022
- 76
- 36
- Mar 1, 2020
- 88
- 82
- Jul 21, 2017
- 116
- 185
this devs take more effort on that goofy ah drm than working on the real project lmao.
- Mar 1, 2020
- 88
- 82
- Nov 20, 2020
- 398
- 610
Hey Guy i got news unless there an update on it i will be like that i contacted someone that gave guidance on the start of the project maybe he will find what i didnt find but the files.bytes is Hardware bound wich suck because i cant generate them i dont know how the dev do it at the start but there clues maybe one of you already seen this shit and can help
Can i crack it short answer is Kinda i can with an pledged account generate for the end user all the hardware bound file and password i have a poc written with someone that gave me access to his account to make the reverse engineering happend faster but i dont have a personnal account so i cant distribute my "crack" as i dont mind messing my account but i'm not messing with someone property if i get banned i played the game and loose thats it
Long answer is :
The game generate password 15 of them that are all structured like this ffffffff-1h1h-134f-12a4-1f2f3f4f5f6f
this go to the backend along with your hardware id and the build version
The backend generate a file and encrypt this file probably with these data i dont know how and also dont know the algorythm but it can take all of this in input and then the backend return his magic {timestamp}.byte that act as a license for the game
i can't know for sure the content of this file but i bet you it contain a json string that has the login information and the data for all the slider the file is 103Kb and the decryption of it by the game is hardware bound if the key set and file are valid but you dont get internet and the hardwareid dont match the game wont load.
but found a way to get this file but that need a account i dont want to detail it that much but you will need to run a patcher once per computer and build and never touch it again as long as you keep the file my patcher will generate safe and dont change your hardware to much the game will work offline
the catch is i dont know if they can ban the account and idk how long it will work but all the succefull activation will be life time if the file and passwords are safe and hardware dont change to much
Can i crack it short answer is Kinda i can with an pledged account generate for the end user all the hardware bound file and password i have a poc written with someone that gave me access to his account to make the reverse engineering happend faster but i dont have a personnal account so i cant distribute my "crack" as i dont mind messing my account but i'm not messing with someone property if i get banned i played the game and loose thats it
Long answer is :
The game generate password 15 of them that are all structured like this ffffffff-1h1h-134f-12a4-1f2f3f4f5f6f
this go to the backend along with your hardware id and the build version
The backend generate a file and encrypt this file probably with these data i dont know how and also dont know the algorythm but it can take all of this in input and then the backend return his magic {timestamp}.byte that act as a license for the game
i can't know for sure the content of this file but i bet you it contain a json string that has the login information and the data for all the slider the file is 103Kb and the decryption of it by the game is hardware bound if the key set and file are valid but you dont get internet and the hardwareid dont match the game wont load.
but found a way to get this file but that need a account i dont want to detail it that much but you will need to run a patcher once per computer and build and never touch it again as long as you keep the file my patcher will generate safe and dont change your hardware to much the game will work offline
the catch is i dont know if they can ban the account and idk how long it will work but all the succefull activation will be life time if the file and passwords are safe and hardware dont change to much
- Mar 1, 2020
- 88
- 82
- Nov 20, 2020
- 398
- 610
at least half the character creator is good but the animator seem to be some unity free assets modified
i found this inside their game :
You must be registered to see the links
You must be registered to see the links
there maybe more i dont have digged to much but they seem to use lots of assets from all other the place wich is good when you are a small team but idk how much dev they are and if they are good they probably can get this working in a year or so not 4 year
EDIT:
and i think this why they made the game not free they buy ressources from the store they need to get their money back but for real the a 5$ pledge will get that investment back
So much for "all that work put into physics" eh? I'm starting to wonder how much of that time was really them working on stuff and how much of it was milking the Patreon.
npomme soooo, in the end, does that mean that basically it's cracked but requires a sacrificial account, or does it still need a pledge?
npomme soooo, in the end, does that mean that basically it's cracked but requires a sacrificial account, or does it still need a pledge?
- Jun 4, 2019
- 149
- 242
Npomme needs a sacrificial account, yes.
The game is only partially "cracked", but because the game ties itself to the unique ID of each PC it is installed on, he needs an actual working copy to bypass that.
At this point, crack only lets you into an empty scene, where you can only enjoy the beautiful sights of all those magnificant backgrounds... And that's it, no meshes are loading because of that ID protection thing.
(Simplified explanation, I have surface level understanding of cracking stuff)
- Nov 20, 2020
- 398
- 610
In the end i need 1 account to make it append to all the one that need it and the account need to have a pledge
Or a crypto expert that manage to reproduce the backend and decipher the files