Indlæg

Viser indlæg fra maj, 2017

Dumping files from custom OBB using BMS script

Billede
I found a script to dump custom obb made by EA. It's not a zip version of obb like the others, but it's self made compression obb, maybe FMOBB-02....
Note: This script may slow down and freeze your computer
Download QuickBMS and extract it: http://aluigi.altervista.org/quickbms.htm
Download the bms script: http://aluigi.altervista.org/bms/nfs_no_limits.bms
Copy the script, and create a .txt file
Launch quickbms.exe, a dialog box will appear. Select the .txt BMS script file
A dialogbox will open again, select obb file
And the last one, select the output folder you want to. It will take some time to dump files
That's all. I don't know if it's possible to compress it back. Hope someone who are binary expert will find out. In this game, i found some mp3, png... but there are lot of .dat files. I don't know what are these .dat files. I deleted all files after that because it froze my entire computer while explorer.exe not responding.  You can see more info about viewing car…

Bypass signature check in Assembly-Csharp.dll

Billede
Well that's pretty easy, just search IsGenuine, GetSignature or InstalledFromRightLocation and return it to TRUE. They are all boolean.
Use dnSpy, it's much easier to edit code. Right click inside method code, select "Edit Method (C#)..." and replace it with "return true;"

Tip: Dump source code from dll and search keywords in files using Notepad++ and analize them. It's much easier for me because i can search string, url string, excat code etc.
Keywords to search: Integrity, Check, Genuine, Signature, Installed, Location etc.
How i found IsGenuine? First, i was analizing ShowInvalidBuildError() but i was unable to locate the check, so i just just dump the entire source code and search "signature" in files using Notepad++ because it's much easier for me to find the useful code. My former friend told me that trick.
How i found InstalledFromRightLocation? I recorded a logcat using Matlog app to find an error, and i already found interesting function…