Unity FurryVNE [2024-11-09] [FurryVNE Team]

[Depesonalization]

Does the authenticator have differences between builds?

I believe so. The system I'd assume is the same, but the key is different. On top of that they probably run encryption/obfuscation with each update again so no version have the same named functions and such.

Shortly put, minor differences that make a decent impact

 

[ctOS__]

I believe so. The system I'd assume is the same, but the key is different. On top of that they probably run encryption/obfuscation with each update again so no version have the same named functions and such.

Shortly put, minor differences that make a decent impact

In npomme's patcher it creates a custom key that supposedly is able to work across any device when used. Only problem we have in some stupid fucking background authenticators so you got the main verifier, than the main authenticator, than you might think that's it but nope. There's than some more stuff hidden away in the background which is where npomme was running into Char issues. But he is fixing it so all we can do is hope he makes it work.

 

[npomme]

I believe so. The system I'd assume is the same, but the key is different. On top of that they probably run encryption/obfuscation with each update again so no version have the same named functions and such.

Shortly put, minor differences that make a decent impact

yes but i will just generate a signature with ida and make ida restore my project if it works it will be matter of hours for the crack to append but right now i decided to patch the previous build and go play LiesOfPI that is finally cracked by RUNE and you guy will way a bit before i check on the new one

I decompiled it for shit and giggle and its obfuscated too i was hoping dev will forget to obfuscate the build but no this is not the cas so it will wait a bit before i get to it!

 

[npomme]

Ok found everithing i need now i just need for real to identify 1 function in the code or at least were the mofo store the value in RAM and we are all set and i dont even need to bother about the athentication as dev coded themself the fucking bypass

I maybe need an acount for each build to make the crack append but the shit is simple AF but kinda twisted they made 100% sure that we will need a file provided by them to play and that file is the key for all the shit that append offline

First you login the game create cookies and check if backend is alive

then the game request /login that is to verify you logged to patreon and it set username and some data

then the game request /verify-user that is the part that verify if you have pledged at least once in your life

if the login id fucked up it return > Valid= false; reason="login"

if not it return a json string that say > Valid= false; reason="pledged"

and then it delete the password 1 - 15 inside the registry

But if the password are set when the game launch and you dont have web the game try to read a file called {timestamp}.bytes that contain 103Kb of data that are encrypted and i cant find what type of encryption they use here but we dont care for now as long as you have valid pledge the data stay the same and that is what the backend give you as a response when pledge is valid

so the real problem here is the game store the timestamp somewhere if i can find where i set the name of the file to dick.bytes and the game will always try to read dick.bytes instead of 5ce07faab31e865bcc4b9006ac93a2789e5b017a.bytes or 65b6380ba313445427dee1ff9fb3d22d5e617aed wich suck because this value change at millisecond interval so if i find where the name generated write a patcher you guy can enjoy the game lifetime

just need to get back from work to search for this name!

 

[ctOS__]

Ok found everithing i need now i just need for real to identify 1 function in the code or at least were the mofo store the value in RAM and we are all set and i dont even need to bother about the athentication as dev coded themself the fucking bypass

I maybe need an acount for each build to make the crack append but the shit is simple AF but kinda twisted they made 100% sure that we will need a file provided by them to play and that file is the key for all the shit that append offline

First you login the game create cookies and check if backend is alive

then the game request /login that is to verify you logged to patreon and it set username and some data

then the game request /verify-user that is the part that verify if you have pledged at least once in your life

if the login id fucked up it return > Valid= false; reason="login"

if not it return a json string that say > Valid= false; reason="pledged"

and then it delete the password 1 - 15 inside the registry

But if the password are set when the game launch and you dont have web the game try to read a file called {timestamp}.bytes that contain 103Kb of data that are encrypted and i cant find what type of encryption they use here but we dont care for now as long as you have valid pledge the data stay the same and that is what the backend give you as a response when pledge is valid

so the real problem here is the game store the timestamp somewhere if i can find where i set the name of the file to dick.bytes and the game will always try to read dick.bytes instead of 5ce07faab31e865bcc4b9006ac93a2789e5b017a.bytes or 65b6380ba313445427dee1ff9fb3d22d5e617aed wich suck because this value change at millisecond interval so if i find where the name generated write a patcher you guy can enjoy the game lifetime

just need to get back from work to search for this name!

good luck!

 

[G_777888999000]

Ok found everithing i need now i just need for real to identify 1 function in the code or at least were the mofo store the value in RAM and we are all set and i dont even need to bother about the athentication as dev coded themself the fucking bypass

I maybe need an acount for each build to make the crack append but the shit is simple AF but kinda twisted they made 100% sure that we will need a file provided by them to play and that file is the key for all the shit that append offline

First you login the game create cookies and check if backend is alive

then the game request /login that is to verify you logged to patreon and it set username and some data

then the game request /verify-user that is the part that verify if you have pledged at least once in your life

if the login id fucked up it return > Valid= false; reason="login"

if not it return a json string that say > Valid= false; reason="pledged"

and then it delete the password 1 - 15 inside the registry

But if the password are set when the game launch and you dont have web the game try to read a file called {timestamp}.bytes that contain 103Kb of data that are encrypted and i cant find what type of encryption they use here but we dont care for now as long as you have valid pledge the data stay the same and that is what the backend give you as a response when pledge is valid

so the real problem here is the game store the timestamp somewhere if i can find where i set the name of the file to dick.bytes and the game will always try to read dick.bytes instead of 5ce07faab31e865bcc4b9006ac93a2789e5b017a.bytes or 65b6380ba313445427dee1ff9fb3d22d5e617aed wich suck because this value change at millisecond interval so if i find where the name generated write a patcher you guy can enjoy the game lifetime

just need to get back from work to search for this name!

Good luck.

 

[bartroli]

this devs take more effort on that goofy ah drm than working on the real project lmao.

 

[G_777888999000]

this devs take more effort on that goofy ah drm than working on the real project lmao.

Yeah.

 

[npomme]

Hey Guy i got news unless there an update on it i will be like that i contacted someone that gave guidance on the start of the project maybe he will find what i didnt find but the files.bytes is Hardware bound wich suck because i cant generate them i dont know how the dev do it at the start but there clues maybe one of you already seen this shit and can help

Can i crack it short answer is Kinda i can with an pledged account generate for the end user all the hardware bound file and password i have a poc written with someone that gave me access to his account to make the reverse engineering happend faster but i dont have a personnal account so i cant distribute my "crack" as i dont mind messing my account but i'm not messing with someone property if i get banned i played the game and loose thats it

Long answer is :

The game generate password 15 of them that are all structured like this ffffffff-1h1h-134f-12a4-1f2f3f4f5f6f
this go to the backend along with your hardware id and the build version
The backend generate a file and encrypt this file probably with these data i dont know how and also dont know the algorythm but it can take all of this in input and then the backend return his magic {timestamp}.byte that act as a license for the game

i can't know for sure the content of this file but i bet you it contain a json string that has the login information and the data for all the slider the file is 103Kb and the decryption of it by the game is hardware bound if the key set and file are valid but you dont get internet and the hardwareid dont match the game wont load.

but found a way to get this file but that need a account i dont want to detail it that much but you will need to run a patcher once per computer and build and never touch it again as long as you keep the file my patcher will generate safe and dont change your hardware to much the game will work offline

the catch is i dont know if they can ban the account and idk how long it will work but all the succefull activation will be life time if the file and passwords are safe and hardware dont change to much

 

[G_777888999000]

Hey Guy i got news unless there an update on it i will be like that i contacted someone that gave guidance on the start of the project maybe he will find what i didnt find but the files.bytes is Hardware bound wich suck because i cant generate them i dont know how the dev do it at the start but there clues maybe one of you already seen this shit and can help

Can i crack it short answer is Kinda i can with an pledged account generate for the end user all the hardware bound file and password i have a poc written with someone that gave me access to his account to make the reverse engineering happend faster but i dont have a personnal account so i cant distribute my "crack" as i dont mind messing my account but i'm not messing with someone property if i get banned i played the game and loose thats it

Long answer is :

The game generate password 15 of them that are all structured like this ffffffff-1h1h-134f-12a4-1f2f3f4f5f6f
this go to the backend along with your hardware id and the build version
The backend generate a file and encrypt this file probably with these data i dont know how and also dont know the algorythm but it can take all of this in input and then the backend return his magic {timestamp}.byte that act as a license for the game

i can't know for sure the content of this file but i bet you it contain a json string that has the login information and the data for all the slider the file is 103Kb and the decryption of it by the game is hardware bound if the key set and file are valid but you dont get internet and the hardwareid dont match the game wont load.

but found a way to get this file but that need a account i dont want to detail it that much but you will need to run a patcher once per computer and build and never touch it again as long as you keep the file my patcher will generate safe and dont change your hardware to much the game will work offline

the catch is i dont know if they can ban the account and idk how long it will work but all the succefull activation will be life time if the file and passwords are safe and hardware dont change to much

Developers are scum.

 

[npomme]

Developers are scum.

at least half the character creator is good but the animator seem to be some unity free assets modified
i found this inside their game :

You must be registered to see the links

You must be registered to see the links

there maybe more i dont have digged to much but they seem to use lots of assets from all other the place wich is good when you are a small team but idk how much dev they are and if they are good they probably can get this working in a year or so not 4 year
EDIT:
and i think this why they made the game not free they buy ressources from the store they need to get their money back but for real the a 5$ pledge will get that investment back

 

[Drae]

So much for "all that work put into physics" eh? I'm starting to wonder how much of that time was really them working on stuff and how much of it was milking the Patreon.

npomme soooo, in the end, does that mean that basically it's cracked but requires a sacrificial account, or does it still need a pledge?

 

[Depesonalization]

So much for "all that work put into physics" eh? I'm starting to wonder how much of that time was really them working on stuff and how much of it was milking the Patreon.

npomme soooo, in the end, does that mean that basically it's cracked but requires a sacrificial account, or does it still need a pledge?

Npomme needs a sacrificial account, yes.
The game is only partially "cracked", but because the game ties itself to the unique ID of each PC it is installed on, he needs an actual working copy to bypass that.

At this point, crack only lets you into an empty scene, where you can only enjoy the beautiful sights of all those magnificant backgrounds... And that's it, no meshes are loading because of that ID protection thing.
(Simplified explanation, I have surface level understanding of cracking stuff)

 

[npomme]

So much for "all that work put into physics" eh? I'm starting to wonder how much of that time was really them working on stuff and how much of it was milking the Patreon.

npomme soooo, in the end, does that mean that basically it's cracked but requires a sacrificial account, or does it still need a pledge?

In the end i need 1 account to make it append to all the one that need it and the account need to have a pledge

Or a crypto expert that manage to reproduce the backend and decipher the files

 

[tester72]

at least half the character creator is good but the animator seem to be some unity free assets modified
i found this inside their game :

You must be registered to see the links

You must be registered to see the links

there maybe more i dont have digged to much but they seem to use lots of assets from all other the place wich is good when you are a small team but idk how much dev they are and if they are good they probably can get this working in a year or so not 4 year
EDIT:
and i think this why they made the game not free they buy ressources from the store they need to get their money back but for real the a 5$ pledge will get that investment back

WAIT... are you telling us that the animator is practically nothing but some assets bought straight from the store mildly repurposed?

Goddamm.

but you dont get internet and the hardwareid dont match the game wont load.

Also there goes the "IF you bought the game its always yours regardless if you stop supporting part".

 

[ctOS__]

WAIT... are you telling us that the animator is practically nothing but some assets bought straight from the store mildly repurposed?

Goddamm.

Yea don't the devs just sound so "professional" I bet most of their code is just some assets they bought

 

[Depesonalization]

WAIT... are you telling us that the animator is practically nothing but some assets bought straight from the store mildly repurposed?

Goddamm.

I mean. What about it? Even if they didn't use that exact packadge, they'd go with default built-in rigging tools, they'd wouldn't make a whole IK system from scratch, that's just unnessesary pain.

I wouldn't be surprised if their main focus was on how the characters interact with each other more than anything.

 

[ctOS__]

I mean. What about it? Even if they didn't use that exact packadge, they'd go with default built-in rigging tools, they'd wouldn't make a whole IK system from scratch, that's just unnessesary pain.

I wouldn't be surprised if their main focus was on how the characters interact with each other more than anything.

Yea but they spent 4 years on this just for it to be a asset lmao

 

[Depesonalization]

Yea but they spent 4 years on this just for it to be a asset lmao

You've missed my last line.

Even if it's an "asset", when it says "Animation tools" on the main page, it refers to it being tools for animating in Unity, as in the engine, not "drag and drop and you got a full on UI and you can just make own animations in game now".

Not every game runs off pure unique "off-scratch" code.

 

[tester72]

I mean. What about it? Even if they didn't use that exact packadge, they'd go with default built-in rigging tools, they'd wouldn't make a whole IK system from scratch, that's just unnessesary pain.

I wouldn't be surprised if their main focus was on how the characters interact with each other more than anything.

I can understand that it was just im quite sure some people argued with me here this game not being a scam because they are building the whole thing up from scratch and thats why it takes them this long to deliver.