Jump to content

StupidRepo

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

Additional Information

  • Device
    a52sxq
  • Service provider
    Other

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

StupidRepo's Achievements

Newbie

Newbie (1/14)

  • Conversation Starter Rare

Recent Badges

0

Reputation

  1. StupidRepo
    Hey! I'm trying to make a server reimplementation for a game called Egg, Inc. The game has a protobuf message called `AuthenticatedMessage`, which contains a `message` field and a `code` field. In previous versions of the game, the `code` field used a v1 hash (which I have cracked) but the newer versions use an 'ei_hash_v2' function which I have no idea how to reverse-engineer as a) I have limited C++ knowledge and Assembly + Ghidra knowledge b) it's confusing asf. The game doesn't use unity btw, so all stuff is in libegginc.so. When the game sends a message to the server, it expects the server to send an AuthenticatedMessage back with a (I believe) SHA-256 hash of the bytes from the 'message' field, in the 'code' field. Not sure how or where, but the game will also generate a v2 hash from the 'message' field and compared it to the one sent back, discarding the AuthenticatedMessage if it doesn't match. This is why it's crucial to reverse this hash because otherwise the game just ignores invalid responses... As previously mentioned, the game used to use the old v1 hash which I have already cracked but now it uses v2. If someone could figure out how v2 hashes, and can reimplement it successfully, please let me know how! Game uses Google's pairipcore, so dynamic debugging goes right out of the window unless there is another method. You can find the latest, or older versions, of the .proto file extracted from the game on this person's GitHub if needed. Figured I'd ask this here as GameGuardian can do memory editing stuff (will try it on Egg, Inc. in a sec to see what I can do) (Here is a authenticatedmessage serialised to JSON if you're lazy) { "message": { // pretend this was a list instead of an array. idk why it isn't an array. "0": 16, "1": 68, "2": 24, "3": 2, "4": 34, "5": 18, "6": 69, "7": 73, "8": 54, "9": 52, "10": 56, "11": 50, "12": 57, "13": 49, "14": 54, "15": 48, "16": 54, "17": 55, "18": 51, "19": 55, "20": 55, "21": 49, "22": 53, "23": 50, "24": 42, "25": 16, "26": 100, "27": 102, "28": 50, "29": 50, "30": 54, "31": 57, "32": 101, "33": 98, "34": 56, "35": 48, "36": 102, "37": 48, "38": 51, "39": 51, "40": 100, "41": 98, "42": 50, "43": 0, "44": 58, "45": 0, "46": 66, "47": 57, "48": 10, "49": 18, "50": 69, "51": 73, "52": 54, "53": 52, "54": 56, "55": 50, "56": 57, "57": 49, "58": 54, "59": 48, "60": 54, "61": 55, "62": 51, "63": 55, "64": 55, "65": 49, "66": 53, "67": 50, "68": 16, "69": 68, "70": 26, "71": 6, "72": 49, "73": 46, "74": 51, "75": 52, "76": 46, "77": 50, "78": 34, "79": 6, "80": 49, "81": 49, "82": 49, "83": 51, "84": 48, "85": 49, "86": 42, "87": 7, "88": 65, "89": 78, "90": 68, "91": 82, "92": 79, "93": 73, "94": 68, "95": 50, "96": 2, "97": 71, "98": 66, "99": 58, "100": 2, "101": 101, "102": 110, "103": 64, "104": 0 }, "code": "5ef1374b6459bac4026fbaf20342be9af4c1f98dde393ce351bd63cab8ca8b36", // this is the v2 hash "version": 68 }
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.