Jump to content
MaxCheaters Official Group on Discord
-> Place your ad text here <-
LINEAGE2.GOLD INTERLUDE SERVER ON ESSENCE CLIENT

Smart Guard's Smart Crypt Is A Scam!

kavar.dyminsky
 Share

Recommended Posts

kavar.dyminsky Newbie

kavar.dyminsky

Posted
Posted
I represent all clients that bought this software. 
Smart guard, be honest with yourself and refund every noob that you sold it to.
 
Instructions:
Decrypt any files protected by SmartCrypt with effectively two lines of code.
 
SmartCrypt can be bypassed simply by loading the file you want into memory via the Core.dll method appLoadFileToArray
The array loaded by appLoadFileToArray will be completely free of any encryption, it can then be saved to file, I personally use appSaveArrayToFile as the Core already has this function for us.
 
This proof of concept was created on the Interlude client but should work without issue on any client version.
The following code must be compiled using Visual Studio as a DLL and the resulting DLL should be attached to l2.bin
 
Attaching DLL Instructions


Download Explorer Suite http://www.ntcore.com/exsuite.php
Use CFF Explorer to open L2.bin
On the left side, click "Import Adder"
Click "Add", locate your compiled DLL file
In "Exported Functions" box click "DllMain" then click "Import By Name"
Click "Rebuild Import Table"
On the left side, click "Rebuilder"
Click "Bind Import Table" check box then click "Rebuild"
Save L2.bin (Keep a backup of original ofc)

 
#include <windows.h>
 
void DumpFile()
{
typedef void (__cdecl *f_appLoadFileToArray)(char *, wchar_t *, int);
typedef void (__cdecl *f_appSaveArrayToFile)(char *, wchar_t *, int);
 
f_appLoadFileToArray appLoadFileToArray = (f_appLoadFileToArray)GetProcAddress(GetModuleHandleA("Core.dll"), "?appLoadFileToArray@@YAHAAV?$TArray@E@@PBGPAVFFileManager@@@Z");
f_appSaveArrayToFile appSaveArrayToFile = (f_appSaveArrayToFile)GetProcAddress(GetModuleHandleA("Core.dll"), "?appSaveArrayToFile@@YAHABV?$TArray@E@@PBGPAVFFileManager@@@Z");
 
char TArray[0x14];
memset(TArray,0,0x14);
 
appLoadFileToArray(TArray, L"..\\System\\Interface.u", *((int *)GetProcAddress(GetModuleHandleA("Core.dll"), "?GFileManager@@3PAVFFileManager@@A")));
appSaveArrayToFile(TArray, L"..\\System\\Interface.decrypted.u", *((int *)GetProcAddress(GetModuleHandleA("Core.dll"), "?GFileManager@@3PAVFFileManager@@A")));
}
bool dumped = false;
void StartCheck()
{
// wait until WinDrv is loaded just so we know everything we need is initialized correctly
if (GetModuleHandleA("WinDrv.dll") != NULL) {
if (!dumped) {
DumpFile();
dumped = true;
}
}
}
__declspec(dllexport) BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved )
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
case DLL_THREAD_ATTACH:
StartCheck();
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
 
Below are screenshots of a successfully decrypted SmartCrypt protected Interface.u with source fully viewable via UTPT
 
post-193482-0-83528400-1472863106_thumb.jpg
post-193482-0-41080000-1472863098_thumb.jpg
 
The words of the developer:
"Private encryption keys - 100% safety!"
"Protected files are guaranteed from being modified or viewed"
 
That's your chance to claim your money back and quit wasting money.
 
 
I wasn't sure where was the best place to stick this topic as it didn't really fit into the categories so if a mod feels it's better placed somewhere else feel free to move it, thanks!
  • Thanks 1
imtheboss2012 Newbie

imtheboss2012

Posted
Posted

*haha*

 

 

 

not

 

thought it was some bypass for smartguard, people will still buy it, no matter if there are some backdoors on files. eglobal also had some shitty things on their system and people still played there. 

Szakalaka Newbie

Szakalaka

Posted
Posted

It's true for everything, see how themida managed to protect retail client files, wow

 

Do you realise they are using 10 yo version without any special features? There are even scripts for those who do not know how to unpack basic stuff

  • 3 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • Posts

    • Kotsidaki
      Wtb items on l2walrand

      By Kotsidaki · Posted

      Wtb full account or items on l2 warland 
    • VegaBoy
      [L2J] L2Old Pride

      By VegaBoy · Posted

      https://discord.gg/k53SZ4DM5z   Interlude Client L2Old Pride is a L2 Pride Interlude Based All functional skills (Not archer/mage server)   L2Old Pride Helper (Works like Woundrous Cubic) https://imgur.com/iYqmHQY Farm Zones: Cave of Trials and Elven Ruins (Chaotic) Olympiads: Every 15 days Various Cosmetic Items https://imgur.com/uoeU6Jw https://imgur.com/oCS2Zed PvP Zone: Gludin Village (No-Parties, Disguised) More than 100 new Skills https://imgur.com/6RaPsQV Max Level: 90 https://imgur.com/z4QVJKZ Gaining Xp by PVP https://imgur.com/LRqI31T Purchasable S-grade items +10 or +20 with random chance to enchant +5 Purchasable Custom Items Depends on Tier Mysterious Merchants https://imgur.com/2ZwWyPH Auto Enchant Via PvPing (with low chance) Custom Raid Bosses Siege Every Weekend (Aden, Rune, Giran) Autofarm / Drop Tracker https://imgur.com/Vz3rha6   RATES: • Start Level 80 • Max level 90  • EXP: 5000x • SP: 5000x • ADENA 6000x   ENCHANT: • Maximum enchant S Grade Items: +35. • Maximum enchant Unique/Epic Items: +25. • Maximum enchant Legendary Items: +18. • Maximum enchant Relic Items: +14. •Descriptions for rate at scrolls!   EVENTS: • TEAMS vs TEAMS • CAPTURE THE FLAG • DOMINATION • DEATH MATCH • DICE OF DEATH • CHAOTIC ZONE   OTHERS: Assistance system in pvps. Where support classes are enabled to receive pvp with a low chance, for supporting a party member during pvp. •  /sit to regen HP/MP/CP • Custom Shots Glows https://imgur.com/FLK0DmR • Achievements System • Daily Tasks System • Monthly Tasks System   CUSTOM ARMORS SETS Dread Armor/Titanium Armor Pride Armor Rykros Armor https://imgur.com/SPxoQp1   CUSTOM WEAPONS SETS Unique Weapons Pride Weapons Legendary Weapons Relic Weapons https://imgur.com/kOHNXhS   CUSTOM ACCESSORIES Standard Superior Legendary https://imgur.com/zPqNiiX   CUSTOM JEWELS/TATTOO Legendary Nightmarish https://imgur.com/gcqS28P There are many more features that you will only understand by playing and following. Beta testing server is currently open. Follow us on our discord and join our server to test it.
    • VPSLab
      — VPSLAB — Fast & Private RDP/VPS | 100% Instant Setup

      By VPSLab · Posted

      Active & Taking Orders!
    • Tryskell
      Attack Speed problem with ultra status server [aCis]

      By Tryskell · Posted

      You shouldn't use rev 382, not sure why everyone keep using that.   I don't make changesets for fun, I don't make new revisions for nothing.   Follow the revisions.
    • Tryskell
      GeoEngine Interlude ( aCis )

      By Tryskell · Posted

      Your issue isn't related to geoengine at all (as always), rev 410 got improved water movement management.

  • Topics

×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock