Unity FurryVNE [2024-11-09] [FurryVNE Team]

[npomme]

where can i look for version number?

You must be registered to see the links

 

[Meanini]

Been lurking this thread for a while and noticed there's been less updates (by updates i mean new releases of the crack, i'm away npomme's been taking a break i think? Unless i read wrong), are the devs putting more ''''''''''effort'''''''' and time into the denuvo-ripoff than the actual game itself again?

 

[npomme]

Been lurking this thread for a while and noticed there's been less updates (by updates i mean new releases of the crack, i'm away npomme's been taking a break i think? Unless i read wrong), are the devs putting more ''''''''''effort'''''''' and time into the denuvo-ripoff than the actual game itself again?

i was pretty much overworked and dev added some new shit to their DRM so as i wasnt having time tto work on a crack i took a break bit i'm currently working on a crack

but if you want there is somewhere a crack i made that emulate a newer version of the game to load new character into old version some character will not work but most of them are working

 

[Meanini]

i was pretty much overworked and dev added some new shit to their DRM so as i wasnt having time tto work on a crack i took a break bit i'm currently working on a crack

but if you want there is somewhere a crack i made that emulate a newer version of the game to load new character into old version some character will not work but most of them are working

No worries, i'm just baffled at how some devs care more about working on a thing nobody asked for than the actual product, i can't say much because i'm not and never have been a game dev though. Good luck and please don't overwork yourself!

 

[Zbu6ZyAsAZLelgZw2q9C]

What's the current blocker to getting this cracked? I don't feel like reading through the last ~50 pages. I browsed through the binary real quick and the "drm" itself just seems to be embedded chromium (javascript, callbacks, zfc, json, redirecting, cookies etc) if im not wrong? Which doesn't seem that hard to work around, although without an account I'm practically always reaching dead ends.
I can skip the verification which "works" but the entire game becomes dysfunctional (and eventually freezes), so I'm probably missing some important functions that need to be called.

 

[npomme]

What's the current blocker to getting this cracked? I don't feel like reading through the last ~50 pages. I browsed through the binary real quick and the "drm" itself just seems to be embedded chromium (javascript, callbacks, zfc, json, redirecting, cookies etc) if im not wrong? Which doesn't seem that hard to work around, although without an account I'm practically always reaching dead ends.
I can skip the verification which "works" but the entire game becomes dysfunctional (and eventually freezes), so I'm probably missing some important functions that need to be called.

They use and encrypted file that you cant get without pledge wich is linked to your computer and its mainly checked with hmac i did bypass hmac check but latest build has new tricks

Tldr the main blocker is that you need to make the game think the computer you run the game on is the one you used the login on there no crack without account because if you dont have the magic file the game behave like you decribed

And no that not deviceuniqueidentifier only that lock the file anymore they added so much layer because on the latest cracked build i was able to falsify the file thats is not possible anymore the exploit is patched they were stupid not anymore

Also you cant use a valid account as proxy to authenticate they detect it like after 10 login and autoban the pledged account

So.you need account pledge bytefile and password set valid and falsify the host computer identity with a custom one but in the Last build they added some shit on top that detect if the value are messed up and thats is the hard part

 

[npomme]

They use and encrypted file that you cant get without pledge wich is linked to your computer and its mainly checked with hmac i did bypass hmac check but latest build has new tricks

Tldr the main blocker is that you need to make the game think the computer you run the game on is the one you used the login on there no crack without account because if you dont have the magic file the game behave like you decribed

And no that not deviceuniqueidentifier only that lock the file anymore they added so much layer because on the latest cracked build i was able to falsify the file thats is not possible anymore the exploit is patched they were stupid not anymore

Also you cant use a valid account as proxy to authenticate they detect it like after 10 login and autoban the pledged account

So.you need account pledge bytefile and password set valid and falsify the host computer identity with a custom one but in the Last build they added some shit on top that detect if the value are messed up and thats is the hard part

Ho and to be noted you should not give a fuck about the login process only the verify process because all the shit are offline the login process is just to get the file and password wich are not really password but to long to explain bypassing login is useless

 

[Zbu6ZyAsAZLelgZw2q9C]

Ho and to be noted you should not give a fuck about the login process only the verify process because all the shit are offline the login process is just to get the file and password wich are not really password but to long to explain bypassing login is useless

Wouldn't it be easier to make a proxy that acts as the (auth) server then? If you know how the server acts (log packets) you could theoretically repeat how someone who owns the game would use it. I only reversed the game for ~2 hours and didn't check if it digitally verifies what the server sends (even then that should be fairly easy to patch out), but if it doesn't this seems like a better solution.

 

[npomme]

Wouldn't it be easier to make a proxy that acts as the (auth) server then? If you know how the server acts (log packets) you could theoretically repeat how someone who owns the game would use it. I only reversed the game for ~2 hours and didn't check if it digitally verifies what the server sends (even then that should be fairly easy to patch out), but if it doesn't this seems like a better solution.

As said they have a way to detect that sadly they ban the account after some random number of login so no the login proxy isnt the answer

 

[Zbu6ZyAsAZLelgZw2q9C]

As said they have a way to detect that sadly they ban the account after some random number of login so no the login proxy isnt the answer

I meant more like your own pc being the login server so instead of the game sending requests to the furryvne servers, it would instead go to localhost.

 

[npomme]

I meant more like your own pc being the login server so instead of the game sending requests to the furryvne servers, it would instead go to localhost.

yeah but the file is generated by the backend of their server and is linked to the hardware so if i were to distribute my file this will not work you need to send the good data to the backend so you get the good file for your computer so you cant roll an entire offline solution

the path is simple

the game login to their backend through patreon send a set of of 16 "passwords" your computer unique identifier and some other value that are for the other layer of security like marble and other shit

if you pledged the backend give you a {timestamp}.byte file

when you have that all the verification process is offline as long as you dont modify hardware in a significant way and some other verification im trying to figure out lately because before it was only Hardware unique identifier now it has more

so the process go like that they read the byte file as a bytestream and do HMAC sorcery on the password set and some other generated hash from other function if its all good the game create a decryptor that take some crypto result from all the shit appening before and feed it as a key if you modify anything on the computer they check the key is fucked

then they enter a second verify process that verify some data (unknown yet) that can detect i messed up the data if the data is messed up game go back to login i think they do 2 thing ! HMAC512 and one HMAC 256 to authenticate the computer against the file and after that they have a custom rolled solution to generate their uniqueidentifier and do a final check like a md5 sum if data altered ==>back to login

im slow as fuck too cryptography shit isnt my domain and also im an old ass dumbass that use static debugger and ida as i never used anything else

you can check YL2::Verification::Verify::HBELBOJBBAI::KIJJFFLDDLO(int) on the 2025-10-24 build seem interesting

 

[Zbu6ZyAsAZLelgZw2q9C]

when you have that all the verification process is offline as long as you dont modify hardware in a significant way

This means the game knows how to verify, all you theoretically need is to find the algorithm(s) and use it to produce the .bytes file based off of your own hardware.

then they enter a second verify process that verify some data (unknown yet) that can detect i messed up the data if the data is messed up game go back to login i think they do 2 thing ! HMAC512 and one HMAC 256 to authenticate the computer against the file and after that they have a custom rolled solution to generate their uniqueidentifier and do a final check like a md5 sum if data altered ==>back to login

Unless I'm wrong this just seems like a checksum to make sure you haven't modified the file, although I don't see a reason why the dev would use 3 different algorithms for the same thing.

im slow as fuck too cryptography shit isnt my domain and also im an old ass dumbass that use static debugger and ida as i never used anything else

I'm on linux so runtime debugging with wine is annoying, although i did use ida and cpp2il (make sure It's the new-analysis branch, you might have to compile it yourself because the binary releases are old and don't have unity v31 support, and use --just-give-me-dlls-asap-dammit) which isn't perfect and some methods fail to be made into C#IL but it's a lot better and easier than only using ida.

you can check YL2::Verification::Verify::HBELBOJBBAI::KIJJFFLDDLO(int) on the 2025-10-24 build seem interesting

I don't have access to the 2025-10-24 build I only checked 2025-09-10.

 

[npomme]

This means the game knows how to verify, all you theoretically need is to find the algorithm(s) and use it to produce the .bytes file based off of your own hardware.




Unless I'm wrong this just seems like a checksum to make sure you haven't modified the file, although I don't see a reason why the dev would use 3 different algorithms for the same thing.




I'm on linux so runtime debugging with wine is annoying, although i did use ida and cpp2il (make sure It's the new-analysis branch, you might have to compile it yourself because the binary releases are old and don't have unity v31 support, and use --just-give-me-dlls-asap-dammit) which isn't perfect and some methods fail to be made into C#IL but it's a lot better and easier than only using ida.




I don't have access to the 2025-10-24 build I only checked 2025-09-10.

give me access to you MP seem i cant send you PM i will send you the build