Re: decrypting bgt stuff?
2019-03-08
Thread
AudioGames . net Forum — Developers room : gabriel-schuck via Audiogames-reflector
Re: decrypting bgt stuff? The topic is interesting and, as already mentioned, there are those who do not want the sounds of their game to be used, especially when there is work involved that justifies this.I did not get the code that attempts to decrypt sounds, but for programmers who care
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @53, yeah, I get ya. init_pton() can be ported ridiculously easily. I can post the code here if you like -- I managed to port it with almost no changes to it. And yeah, I don't get why the *_s functions are not enabled for most compilers. It doesn't make sense
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? Thanks for the information on memset_s. that's gotta be one of my biggest gripes on c++ and it's compilers. Among other things, I found myself coding a raw implementation of inet_pton because mingw doesn't know what it means. I've often wondered why the hell
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @50, memset_s (and its friends) are C11-specific and none of the compilers I use implement them. Cppreference.com says: "As with all bounds-checked functions, memset_s is only guaranteed to be available if __STDC_LIB_EXT1__ is defined by the implement
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @50, memset_s (and its friends) are C11-specific and none of the compilers I use implement them. Cppreference.com says: "As with all bounds-checked functions, memset_s is only guaranteed to be available if __STDC_LIB_EXT1__ is defined by the implement
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? The thing is, every design is useless if it's used too much and therefore cracked. Look at mainstream devs, every game gets cracked (except multiplayer of course, accounts and such) but people don't use them because risk of viruses and steam is easy enough. Every
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? Nah, Angelscript has no such ability and nor does BGT bother to wipe memory. Or if it did the implementation was so bad I haven't been able to track it down which is very likely. I'd imagine the number one goal was bringing simplicity to the development process
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? I can imagine a token attempt at encryption to abide by license agreements might sometimes be necessary. It could be argued that not encrypting sounds would be the equivalent of redistributing them. URL: https://forum.audiogames.net/post/416519/#p416519
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? It doesn't say in the docs so you have to assume it does not actively erase or zero secure memory after it runs out of scope. likewise, you can not assume it actively protects keys in ram.writing secure C++ is tough even in the best of circumstances. Writing
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @46, I have no idea if it does or doesn't. However, if we are able to pull keys out of it via debugging, the chances are low that it does do those things. URL: https://forum.audiogames.net/post/416465/#p416465 -- Audiogames-reflector mailing list Audiogames
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? Does BGT do those things? URL: https://forum.audiogames.net/post/416450/#p416450 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @44, mapping memory with memory dumps only works to a point. There are ways like this and this to prevent exactly that. For example, most good crypto libraries do not call memset() to zero out memory because the compiler can optimize it away and make that call
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? This discussion is painful to read because it sounds like the things Ethin is saying are trivially disproven by the existence of, for example, my SoR2 program. Am I misunderstanding the argument here completely? Because, like, it really does sound trivial. Like
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? the link is already goin to die in 29 days, URL: https://forum.audiogames.net/post/416412/#p416412 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? Moderation:I'm removing the link, but am not issuing any punishment beyond that. There is no intent to harm, or none that I can see at any rate, and it appears that this discussion is remaining fairly theoretical.I agree with the standpoint that it's okay to talk
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? amusing URL: https://forum.audiogames.net/post/416390/#p416390 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? Again, I say remove the damn link before archive.org takes another snapshot of the site and manages to pull this topic in with i and capture that link for evermore. I have no doubt that google has already cached it.Edit: Oh fuck, it pretty much has. https
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? I'm really not here to attempt to convince you that my opinion is the right or only way, indeed I can clearly see both sides. I'm merely wishing to protect and respect the work of our comparatively few developers.Normally, these matters are better dealt
Re: decrypting bgt stuff?
2019-03-04
Thread
AudioGames . net Forum — Developers room : Rastislav Kiss via Audiogames-reflector
Re: decrypting bgt stuff? Just one thing I've forgotten, of course you need to crack just one sound. Samtupycracker v2 as well as v3 will print out used password, which you can then apply to all other sounds, so number of them doesn't increase time needed to find the password.@Cartertemm
Re: decrypting bgt stuff?
2019-03-04
Thread
AudioGames . net Forum — Developers room : Rastislav Kiss via Audiogames-reflector
Re: decrypting bgt stuff? Just one thing I've forgotten, of course you need to crack just one sound. Samtupycracker v2 as well as v3 will print out used password, which you can then apply to all other sounds, so number of them doesn't increase time needed to find the password.@Cartertemm
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? As a prerequisite, I enjoy hacking/reverse engineering as much as the next guy. Give me a game and a code puzzle and I'll choose the code puzzle any day of the week without fail. Most every challenge comes with new knowledge to be had and that's what I live
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? As a prerequisite, I enjoy hacking/reverse engineering as much as the next guy. Give me a game and a code puzzle and I'll choose the code puzzle any day of the week without fail. Most every challenge comes with new knowledge to be had and that's what I live
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? Both sides of this discussion are correct. I also think decryption of sounds is nothing. there are bigger things to be worrying in application development.I would suspect this psudo dictionary attack to work most of the time. I would suspect that most BGT devs
Re: decrypting bgt stuff?
2019-03-04
Thread
AudioGames . net Forum — Developers room : Rastislav Kiss via Audiogames-reflector
Re: decrypting bgt stuff? @30: exactly what I wanted to point out.BGT's security is very weak in some points. Regarding my example, I will keep this up. If some moderator thinks it would be better to delete it, feel free to do so, I am not here to judge those decisions.I just want to point
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? I do have to agree with Cartertemm. While I honestly doubt many will use this method due to the flaws that I pointed out (along with Cartertemm) it should not be on this particular forum. He could've PM'ed one of us or both of us, instead of posting it publicly
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @32 I've not looked at the program, but if it works the way I think it does it reads strings seperated by a newline from a textfile and tries them as decription keys, so it's literally 10 lines or so. I do agree with you, however that decription attempts
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? 30:I see what your saying, but must personally disagree. Whether he happens to test with a sample program, which he does unless package.zip was updated, doesn't matter. This method could be used to break the encryption of dozens of current audiogames. Although I
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? OK... so this is a dictionary attack. Of a kind. But it has two problems:* its ridiculously inefficient. He pretty much reads all bytes, skipps \ns (which isn't probably the wisest idea, especially on windows...) and tries each byte sequence as he goes
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? OK... so this is a dictionary attack. Of a kind. But it has two problems:* its ridiculously inefficient. He pretty much reads all bytes, skipps \ns (which isn't probably the wisest idea, especially on windows...) and tries each byte sequence as he goes
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? OK... so this is a dictionary attack. Of a kind. But it has two problems:* its ridiculously inefficient. He pretty much reads all bytes, skipps \ns (which isn't probably the wisest idea, especially on windows...) and tries each byte sequence as he goes
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @28, OK... so you get a list of strings... which may or may not be in the millions for a count of them. And your program just brute-forces it. Which is exactly what this is. You use an internal dictionary but yoru still brute-forcing the issue. The method people
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @28, I don't consider that link proof -- it linked me to a foreign site that was in a different language -- but I have nothing to say. The method people like Carter and I use has not only proven to work *all the time* but it has also proven to be much faster than
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? You could at least have used a sample bgt program to test this thing on, but yeah. strings, a program that basically prints all printable strings contained in a file + the bgt decriptor will decript all bgt stuff provided that the call to string encrypt
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? admins, please remove post 28 and take relevant action. His method might be extremely extremely tedious, and I'm not at the keyboard this very second to verify whether or not it actually works as expected, but I have no reason to believe otherwise. Horribly
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? admins, please remove post 28 and take URL: https://forum.audiogames.net/post/416175/#p416175 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: decrypting bgt stuff?
2019-03-04
Thread
AudioGames . net Forum — Developers room : Rastislav Kiss via Audiogames-reflector
Re: decrypting bgt stuff? @26: no, it isn't a brute force attack. The correct name is a dictionary based attack, where you build up a dictionary out of the memory dump and then try each key contained in it. In hacking, the dictionary based attack has a great advantage over brute force
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @26, the issues with the second methodology are the flaws you stated: time, and impracticality. URL: https://forum.audiogames.net/post/415759/#p415759 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? I think the problem is that there are two different methodologies at work here. Ethin, when he decrypts BGT data, is taking advantage of flaws in BGT itself. Let me say right out of the gate that I don't know how to do this, and if I did I wouldn't share details
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? ok, @rasti i did what you said to test, didn't plan to abuse it. I made a thing that reads the dmp files and tries to set every single line as decryption key, then trys to play a sound, an if that checks if the sound is playing and if it is copy the key. It don't
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @23, again, your missing the point. This technique doesn't work and if it did it would be horribly inefficient and makes far too may assumptions about the password. What if the password isn't a password within the ASCII table. What if its raw bytes. Again, I'll
Re: decrypting bgt stuff?
2019-03-01
Thread
AudioGames . net Forum — Developers room : Rastislav Kiss via Audiogames-reflector
Re: decrypting bgt stuff? Memory dumps of BGT programs normally haven't 500mb. From 100 to 200, in special cases more, but it isn't very frequent.Also I apologize for my mistake in calculation, in 1 bytes there are 9980 possible 20 byte sequences, not 500. Still not much
Re: decrypting bgt stuff?
2019-03-01
Thread
AudioGames . net Forum — Developers room : Rastislav Kiss via Audiogames-reflector
Re: decrypting bgt stuff? Memory dumps of BGT programs normally haven't 500mb. From 100 to 200, in special cases more, but it isn't very frequent.Also I apologize for my mistake in calculation, in 1 bytes there are 9980 possible 20 byte sequences, not 500. Still not much
Re: decrypting bgt stuff?
2019-03-01
Thread
AudioGames . net Forum — Developers room : Rastislav Kiss via Audiogames-reflector
Re: decrypting bgt stuff? Memory dumps of BGT programs normally haven't 500mb. From 100 to 200, in special cases more, but it isn't very frequent.Also I apologize for my mistake in calculation, in 1 bytes there are 9980 possible 20 byte sequences, not 500. Still not much
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @21, first, your not proving anything and making very wild assumptions about a lot of things. Your assuming that the key can be easily determined by picking random offsets in the core dump and just scanning from there. Sorry, buddy, not how that works. Your also
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @21, first, your not proving anything and making very wild assumptions about a lot of things. Your assuming that the key can be easily determined by picking random offsets in the core dump and just scanning from there. Sorry, buddy, not how that works. Your also
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @21, first, your not proving anything and making very wild assumptions about a lot of things. Your assuming that the key can be easily determined by picking random offsets in the core dump and just scanning from there. Sorry, buddy, not how that works. Your also
Re: decrypting bgt stuff?
2019-03-01
Thread
AudioGames . net Forum — Developers room : Rastislav Kiss via Audiogames-reflector
Re: decrypting bgt stuff? Hi,that's exactly why I marked BGT security as very vulnerable. To be able to decrypt german messages during world war II, allies needed to have working enigma machine first, so they could make a decryption machine based on it.In BGT, you have everything to find
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @19, that was generally what I was saying. You can encrypt and decrypt with BGT, but you can't just find a cryptographic key in a few minutes like Rastislav Kiss was claiming, with BGT. You can't "analyze memory dumps" with it, either -- not unles
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? I think what Ethan was arguing is that you can't do it with bgt. He wasn't arguing the difficulty of decryption, he was simply saying that you can't decrypt BGT with BGT and asking for evidence. URL: https://forum.audiogames.net/post/415284/#p415284
Re: decrypting bgt stuff?
2019-02-28
Thread
AudioGames . net Forum — Developers room : oussamabengatrane via Audiogames-reflector
Re: decrypting bgt stuff? at Ethin, in my case i have a lot of was to look for the key, and i will say it again, bgt stuff can be easy unpacked in a way or an other URL: https://forum.audiogames.net/post/415215/#p415215 -- Audiogames-reflector mailing list Audiogames-reflector
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? well, i didn't with bgt. I red the dump with npp, and was able to find my key. But i was not able to deteckt any keys, exept i know exactly how they go. Because there is nothing like key=deckey or so, so it's almost impossible to find it using that way. URL
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? And again, I doubt this. Significantly. The header of an embedded pack file is known by practically everyone who's invested time into it. But using BGT itself to analyze memory dumps to discover keys... you know my opinion already. Please provide some actual
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? And again, I doubt this. Significantly. The header of an embedded pack file is known by practically everyone who's invested time into it. But using BGT itself to analyze memory dumps to discover keys... you know my opinion already. Please provide some actual
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? ok, just for fun i tried this on my own game. I was in fact able to find my key in the ram dump, but this only works if it is your own game i think, because you don't know what is key and what not, so to efectively find it you need to know it before
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @13, yeah... OK then... whatever you say. URL: https://forum.audiogames.net/post/415038/#p415038 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @13, yeah... right... I totally believe -- without evidence at all -- that BGT is capable of analyzing memory dumps. That's totally possible in BGT and the version of angelscript it uses. URL: https://forum.audiogames.net/post/415038/#p415038 -- Audiogames
Re: decrypting bgt stuff?
2019-02-27
Thread
AudioGames . net Forum — Developers room : Rastislav Kiss via Audiogames-reflector
Re: decrypting bgt stuff? It is completely in BGT. I just give it a memory dump of target process and the rest is analysis. I have here a collection of decription keys to sounds of various BGT games, including popular titles like Redspot (did you know its key has about 170 characters
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @11, and again, I doubt your claim. BGT does not have the ability to read raw memory. I find it very hard to believe that you could easily figure out the key for any BGT game or pack file with BGT alone. If BGT had the ability to read and write raw memory I think
Re: decrypting bgt stuff?
2019-02-27
Thread
AudioGames . net Forum — Developers room : Rastislav Kiss via Audiogames-reflector
Re: decrypting bgt stuff? @Ethin: I didn't said cryptography is bad at all. Cryptographic algorithms themselves like AEs Rijndael or Serpent are fine. If you encrypt a string with bgt and store it somewhere, with good key it is impossible to decrypt it.However problems appear when
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @8 and 9, this is definitely untrue.8: cryptographic keys are stored in the compiled bytecode of the executable, not in the encrypted pack file. If the keys were stored in the pack file, decryption would not be possible without opening the file, figuring out
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @8 and 9, this is definitely untrue.8: cryptographic keys are stored in the compiled bytecode of the executable, not in the encrypted pack file. If the keys were stored in the pack file, decryption would not be possible without opening the file, figuring out
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @8 and 9, this is definitely untrue.8: cryptographic keys are stored in the compiled bytecode of the executable, not in the encrypted pack file. If the keys were stored in the pack file, decryption would not be possible without opening the file, figuring out
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? @8 and 9, this is definitely untrue.8: cryptographic keys are stored in the compiled bytecode of the executable, not in the encrypted pack file. If the keys were stored in the pack file, decryption would not be possible without opening the file, figuring out
Re: decrypting bgt stuff?
2019-02-27
Thread
AudioGames . net Forum — Developers room : Rastislav Kiss via Audiogames-reflector
Re: decrypting bgt stuff? In case of BGT, this is very easy. General problem is, that algorithms for things like encryption, packages managing, sounds loading etc. are used by everyone, thus attacker exactly knows what to search for.For example, if a game has sounds packaged
Re: decrypting bgt stuff?
2019-02-27
Thread
AudioGames . net Forum — Developers room : oussamabengatrane via Audiogames-reflector
Re: decrypting bgt stuff? bgt/c# stuff can be unpacked using the data libraryes that any dev used to pack that thing, i know some ways around how to unpack that stuff, using tools, or even a code to unpack this data, and if you wonder, i would tell yo the key is incide the dat file
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? I am also watching this topic as well. URL: https://forum.audiogames.net/post/414936/#p414936 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? I'm keeping an active eye on this topic. I definitely do not want to start seeing specific descriptions of how to break games, as BGT is still a language many devs use and we don't need them feeling as if they're going to be at risk by default. URL: https
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? hiI finded the thing called flm or something like that, can anyone tell me how this works? URL: https://forum.audiogames.net/post/414776/#p414776 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? i agreed, please watch this topic, URL: https://forum.audiogames.net/post/414755/#p414755 -- Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? Admins, could you please watch this topic? I feel here lies the potential for a great deal of destructive information getting leaked, the last thing this community needs is the ability to rip assets out of games especially in these times.I'll go ahead and skip
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? Admins, could you please watch this topic? I feel here lies the potential for a great deal of destructive information getting leaked, the last thing this community needs is the ability to rip assets out of games especially in these times.I'll go ahead and skip
Re: decrypting bgt stuff?
Re: decrypting bgt stuff? Unfortunately, there's ways to rip sounds and data no matter how you encrypt it, you could package them in a dat file or something, or in the game's exe, it doesn't matter, there's ways around it.I've entertained the idea of completely serverside sounds... URL
decrypting bgt stuff?
decrypting bgt stuff? Hi,So i've herd a lot of times from a lot of people that it's stupidly easy to decrypt anything made in bgt, like sounds etc. Most of you have probably herd of the BT sync folder called moresounds, which is basicly a huge ass folder full of different game sounds