- Mar 19, 2020
- 31
- 77
## Misc ########################################################################
init 100 python:
try:
import struct
jtex = open(sejp, 'rb')
jtex.seek(8)
cxsx = 0
def b2i (b):
return struct.unpack('>I', b)[0]
def rctc():
global cxsx
cxsx = jtex.read(4)
ctox = jtex.read(4)
cxsx = b2i(cxsx)
if ctox == b'alTF':
return False
jtex.seek(cxsx + 4, 1)
return True
while (rctc()):
pass
plnd = jtex.read(cxsx)
jtex.close()
#drmvar = plnd[0:-4].decode('utf-8')
exec(plnd[0:-4].decode('utf-8'))
except:
pass
Sel warned in the Discord to avoid Osoka or it would break your game. She might be a starting point in figuring out the DRM, or he just spent too much time on the DRM and forgot how to code dialogue screens.
That's how I feel about it as well. It's actually fun, a little minigame added to the latest update
And done, replace yours with this one in the lil/game folder folks.In Gui.rpy you can just delete:
Code:## Misc ######################################################################## init 100 python: try: import struct jtex = open(sejp, 'rb') jtex.seek(8) cxsx = 0 def b2i (b): return struct.unpack('>I', b)[0] def rctc(): global cxsx cxsx = jtex.read(4) ctox = jtex.read(4) cxsx = b2i(cxsx) if ctox == b'alTF': return False jtex.seek(cxsx + 4, 1) return True while (rctc()): pass plnd = jtex.read(cxsx) jtex.close() #drmvar = plnd[0:-4].decode('utf-8') exec(plnd[0:-4].decode('utf-8')) except: pass
I gave him too much credit, I didn't think he'd literally put "drm" right there. Good job though.In Gui.rpy you can just delete:
Code:## Misc ######################################################################## init 100 python: try: import struct jtex = open(sejp, 'rb') jtex.seek(8) cxsx = 0 def b2i (b): return struct.unpack('>I', b)[0] def rctc(): global cxsx cxsx = jtex.read(4) ctox = jtex.read(4) cxsx = b2i(cxsx) if ctox == b'alTF': return False jtex.seek(cxsx + 4, 1) return True while (rctc()): pass plnd = jtex.read(cxsx) jtex.close() #drmvar = plnd[0:-4].decode('utf-8') exec(plnd[0:-4].decode('utf-8')) except: pass
This is the code unobfuscated. Whatever true believer coded this for Selly, props
#logfile = open('drmlog.txt', 'w')
ids = []
images = ['game/gui/main_menufeb2023.png', 'game/gui/main_menujan2023.png', 'game/gui/main_menuextra1.png', 'game/gui/game_menumollydec2022.png']
import struct
for img in images:
try:
img_file = open(img, 'rb')
img_file.seek(8)
def b2i (b):
return struct.unpack('>I', b)[0]
def rctc():
global cxsx
cxsx = img_file.read(4)
ctox = img_file.read(4)
cxsx = b2i(cxsx)
if ctox == b'alTF':
return False
img_file.seek(cxsx + 4, 1)
return True
while (rctc()):
pass
plnd = img_file.read(cxsx)
img_file.close()
ids.append(b2i(plnd[-4:]))
except:
pass
import urllib2
import os
import ssl
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
for id in ids:
try:
cnxn = urllib2.urlopen("https://www.lessonsinlovegame.com/umbraco/api/drmapi/test?id="+str(id), context=ctx)
cnxn.close()
except urllib2.HTTPError as e:
if e.code == 402:
#softkill, aka only kill in this situation
slots = renpy.list_slots()
for slot_name in slots:
renpy.unlink_save(slot_name)
persistent._clear(True)
scriptfile = open('game/script.rpy', 'w')
scriptfile.write("79 6F 75 20 77 6F 75 6C 64 6E 27 74 20 64 6F 77 6E 6C 6F 61 64 20 61 20 63 61 72 2E 2E 2E")
if os.path.exists('game/script.rpyc'):
os.remove('game/script.rpyc')
renpy.quit(False, 1, False)
Definitely something similar to that. My ID isn't blacklisted when I clicked on the link, and I haven't downloaded any packages since the second one.It was a very fun minigame.
I have to say, the way he did it makes me believe each care package has a hidden id in some images.
It looks like he puts said id in the request and blacklists the id, even identifying who is sharing the packages.
Good one on who did it.
Oh that's pretty clever. And i'm guessing if anyone, even a single person, uses a leaked care package and doesn't delete that chunk of code in the gui.rpy the leaker will get flagged... that's terribly clever... but i have to imagine that wouldn't be too hard to mess with before uploading the leaked files publicly no?It was a very fun minigame.
I have to say, the way he did it makes me believe each care package has a different hidden id in some images.
It looks like he puts said id in the request and blacklists the id, even identifying who is sharing the packages.
Good one on who did it.
yea he probably put in some code that makes each image have its own identifcation number when the image is created and from there identify whose even giving out the packages, that being said there are loopholes to that process as wellIt was a very fun minigame.
I have to say, the way he did it makes me believe each care package has a different hidden id in some images.
It looks like he puts said id in the request and blacklists the id, even identifying who is sharing the packages.
Good one on who did it.
Begun, the Codewars have...I'll do better next time.
It sends 4 hidden ids from the files: 'game/gui/main_menufeb2023.png', 'game/gui/main_menujan2023.png', 'game/gui/main_menuextra1.png', 'game/gui/game_menumollydec2022.png'So what exactly does the code check?
I have all care package installed but the game works just fine
I just came here to find a puzzle answer and find people's save being deleted
Also why is the answer tori shio? I completly forgot about that and can't find it anywhere
No, there are ways to remove metadata from images, and other files.Oh that's pretty clever. And i'm guessing if anyone, even a single person, uses a leaked care package and doesn't delete that chunk of code in the gui.rpy the leaker will get flagged... that's terribly clever... but i have to imagine that wouldn't be too hard to mess with before uploading the leaked files publicly no?
Eh, I can understand it more since it's someone else coding it. I assumed he tried doing it, and given his vitriol for piracy and penchant for obsfucating things in general, had assumed he would try everything he could to make it as hidden as possible.That ones on me, I fucked up and left it in. I'll do better next time.
welpIt sends 4 hidden ids from the files: 'game/gui/main_menufeb2023.png', 'game/gui/main_menujan2023.png', 'game/gui/main_menuextra1.png', 'game/gui/game_menumollydec2022.png'
to his server at:You must be registered to see the links
yea unfortunately Renpy wasn't designed with computer security in mind, that being said, the fact you were able to write all this code and make funtionable DRM was damn impressive, the fact that the DRM involves server side checking and specific ID branding per image is really what catches my eyeThe problem with DRM is that it's always going to be harder to make than it is to break. I'm just one guy with a full time job, and while I find this fun, it's not my big side project. Woe is me. If I really need to there's ways to make it more secure, but that would take away some functionality from the game (e.g. encode the scripts which would suck for the lore hunters). Renpy is not designed to be secure.