Assembly csharp dll чем открыть

Where can be assembly-csharp.dll decrypted?

It’s encrypted. The app seems to decrypt that assembly at app launch time. So I used UltraCompare to point out what is changed from previous version(It wasn’t encrypted). classes.dex was identical, so no java code was changed.
libmain.so and libunity.so was identical, but libmono.so had a big change. There was some new added symbols which seem to be related with encryption such as TEAEncrypt , TEADecrypt , TEAEncryptString , TEADecryptString , and some mono library’s C# internal call routine like ves_icall_System_Security_SecureString_EncryptInternal . If it’s the means of the encryption, I wander where are those functions called. There was some changes to Assembly-CSharp-firstpass.dll , Assembly-UnityScript.dll , Assembly-UnityStript-firstpass.dll with a same change pattern. I can’t figure out what does this means. So where can be the Assembly-CSharp.dll decrypted at runtime? Or is there another way without decrypting that at runtime?

1 Answer 1

Mono is, basically, open source. So anyone can create a Mono implementation that, whenever it reads a chunk of a CIL DLL file, applies encryption to it. Maybe Unity delivers a libmono.so that does encryption with its newest version; maybe the vendor of the game implemented something themselves. You could start checking patch notes of Unity to learn if this is an official new feature; if not, it’s likely that the game vendor created their own encrypting libmono.so.

Your TEA functions are, most likely, called within the libmono.so itself. If i had to implement something like that, i’d write wrapper functions TEAopen , TEAread , TEAclose for fopen , fread , fclose that decrypt on reading the file, then replace the f-* functions in the mono-code that reads a DLL with the TEA-* functions.

TEA encryption works with 8-byte chunks, which may be one of the reasons it was used here; if you want to read just a part of the file, you don’t need to read everything before your part, except a few bytes to fill the 8-byte-block. But this also means the same 8 input bytes will always result in the same 8 output bytes, if your original DLL has areas with a lot of ‘\0’ bytes, they will result in the same 8 bytes repeated over and over in the encrypted DLL.

While TEA has a weakness that turns a 128 bit key into 126 effective bits, there seems to be no known plaintext attack on it. This means, your observed same change pattern won’t help you. So you need to extract the key from the mono implementation yourself. Disassemble that file, especially the TEAEncrypt and TEADecrypt functions. They should look somewhat like the code from the Wikipedia article. Their second parameter is the key; either try to find out where that key is stored/generated, or do some dynamic analysis, put a breakpoint on those functions, and check what the parameter they get actually is. Also, check if it’s really a standard TEA implementation, or maybe XTEA or a different key schedule constant or something. Once you have the key, find a program that takes a file and a TEA key and decrypts it, or roll your own; this shouldn’t be too difficult as there are lots of open source TEA implementations in any language of your choice.

Источник

Unity5. Декомпиляция или взлом скриптов. + Видео

Уроки

Как взломать игровые скрипты.

Для того что бы, показать как взломать и посмотреть игровые скрипты, которые созданные в игровом движке Unity5, мы создадим пустой проект с каким-нибудь простым скриптом, например таймер.

Далее, сохраним сцену и скомпилируем все это в игру для платформы windows.

Укажем папку для сохранения игры и назовем файл к примеру test.

По сути, у нас уже готова игра с простым скриптом таймера, давайте попробуем взломать нашу игру и посмотреть из чего состоит этот скрипт.

В папке, куда скомпилирована наша игра, есть файл с расширением exe и папка с библиотеками куда Unity и компилирует все игровые скритпы, игровые модели и т.д. Нам понадобятся, для просмотра скрипта, всего один файл. В папке managed найдите файл Assembly-CSharp.dll

Далее скачиваем бесплатную программу ILSpy, распаковываем в удобное для нас место и запускаем программу.

Нажимаем File — Открыть и выбираем наш файл с расширением dll. Далее видим что программы декомпилировала все скрипты, которые находились в нашей игре и без труда показывает все содержимое этих скриптов. В нашем случае нам нужен скрипт timer, посмотрим на него.

Как видим, Unity не сильно то и затрудняется шифровать игровые скрипты , особо не меняет их структуру и так же, не меняет название переменных. Таким образом, есть возможность посмотреть скрипты большинства игр созданных на Unity, например скрипты игры The Long Dark без труда можно посмотреть в данной программе.

На этом все! Удачных проектов!

Источник

uragon MMO Development Blog

Now a days, mobile games uses Assembly-CSharp.dll wherein they hide the codes, procedures, function of their games even the IP address and ports where the client connect to game server.

So how to edit this assembly? This is based on my experience in editing unprotected Assembly. There are two types of assembly, unprotected and protected. Take note that you cannot edit the protected assembly, you need too much time to do it.

Now, we will talk on how to edit unprotected assembly.

To edit the Assembly-CSharp.dll you will need the following:
1. dnSpy — .NET assembly editor, debugger, decompiler
2. a bit knowledge in C# or VB (optional)
3. common sense

What’s so special about DNSpy? Well, this:

Yes! We can now edit the code directly using normal coding methods!

1. Open dnSpy
2. Load the Assembly-CSharp.dll, usually it is located in «assets\bin\Data\Managed»

3. In the search option, you can search a string or a class and even a reference.

4. If the search string or data is searchable but you cannot see the original data, kindly switch the module to IL then search it again.

5. Don’t forget to save the assembly.

In dnSpy, you can save the code or in a project. Goodluck!

Источник

Modding Tutorials/Decompiling source code

The base game provides a bunch of code snippets in ../Source/, relative to your Rimworld installation. Since this isn’t a lot, one might want to take a look at the game’s full source code. RimWorld’s EULA allows you to decompile the game for personal use. It’s recommended to read it.

The following programs are used and recommended by modders:

Contents

Decompiling source code [ edit ]

ILSpy [ edit ]

ILSpy is generally recommended as it is the best-maintained and most reliable decompiler. The core project only has binaries for Windows, but there is an Avalonia-based port as well as a CLI application for Mono framework for OS X and Linux.

1. Download ILSpy (Download latest release) and extract it to a directory of your choosing. Optionally create a desktop shortcut;
2. Either: associate the .dll extension with ILSpy:
   1. Navigate to Assembly-CSharp.dll in ../Rimworld***_Data/Managed/, relative to your Rimworld installation and with *** being a version number (See Note on MacOS below);
   2. Right-click «Open with» and select a standard program. Navigate to your ILSpy installation and double-click ILSpy.exe, tick the checkbox and accept;
   3. Double-click Assembly-CSharp.dll,
   1. Open ILSpy;
   2. Go to File -> Open or press Ctrl+O, navigate to ../Rimworld***_Data/Managed/, relative to your Rimworld installation and with *** being a version number (See Note on MacOS below);
   3. Select Assembly-CSharp.dll and confirm,
   1. Despite the instructions saying .NET 5.0 SDK is needed, you may also need .NET Core 3.1;
   2. It seems that it’s possible to simply build from a release tarball, even if the instructions suggest to use a git checkout;
   3. After you’ve built ILSpy, find the ilspycmd tool (should be located at ICSharpCode.Decompiler.Console/bin/Release/netcoreapp3.1);
   4. Run a command like ilspycmd RimWorld/RimWorld*_Data/Managed/Assembly-CSharp.dll -p -o (use proper paths to RimWorld and for the output directory);
   5. The given output directory now contains decompiled sources.

   dnSpy [ edit ]

   dnSpy is an alternative with a Visual Studio editor feel. At the time of this writing, however, the original project has been archived for more than two years and none of its forks have reached a similar level of adoption. Decompilation glitches can occur.

   1. Download dnSpy and extract it somewhere.
   2. Open dnSpy.exe. Once it’s open, click «open» on the top ribbon (or press Ctrl+O).
   3. Navigate to ../Rimworld***_Data/Managed/, relative to your Rimworld installation and with *** being a version number.
   4. Ctrl+Shift+K to open the search bar.
   5. Explore the assembly and look through the source code to your heart’s desire.

   Rider / dotPeek [ edit ]

   Rider is a cross-platform IDE with a built-in decompiler. If you’re using Rider as your IDE (Setup Instructions), you can view the source of any RimWorld class or method by right-clicking its name and clicking Go To > Definition.

   The developer of Rider also offers a free standalone decompiler in the form of dotPeek. dotPeek is preferred by some for reading IL Code for the purpose of Harmony transpilers, but suffers similar glitches and inconsistency as dnSpy when decompiling back to C# code.

   MonoDevelop [ edit ]

   MonoDevelop is capable of decompiling DLLs, albeit using clumsy initial settings. It is Linux only, otherwise you have to download Xamarin Studio which doesn’t have a decompiler.

   1. Download MonoDevelop and install it;
   2. Either: associate the .dll extension with MonoDevelop:
      1. Navigate to Assembly-CSharp.dll in ../Rimworld***_Data/Managed/, relative to your Rimworld installation and with *** being a version number (See Note on MacOS below);
      2. Right-click «Open with» and select MonoDevelop as standard program;
      3. Double-click Assembly-CSharp.dll,
      1. Open MonoDevelop;
      2. Go to File -> Open, navigate to ../Rimworld***_Data/Managed/, relative to your Rimworld installation and with *** being a version number (See Note on MacOS below);
      3. Select Assembly-CSharp.dll and confirm,

      MacOS Directories [ edit ]

      For Macs, directories are similar but in: ../RimWorldMac.app/Contents/Resources/Data/Managed.

      For Steam installed RimWorld, find your app here: ~/Library/Application Support/Steam/steamapps/common/RimWorld/RimWorldMac.app.

      How to make use of a decompiler [ edit ]

      Tips when decompiling [ edit ]

      1. Right-click any Type or Method and hit «analyse» to obtain more context on that item. ‘Used by’ and ‘Uses’ provide a lot of contextual clues which is required to know how things work.
      2. RimWorld often uses reflection to instantiate Workers and MakeThings. This means no decompiler will cleanly find what/where an instance of a class is created. Hint: if you find yourself using ‘new Pawn()’, you’re doing it wrong.
      3. If you’re going in circles trying to find things like «where is X assigned», odds are you’ll need to look at the XML for it. The XML contains the data, C# does things with it.

      See also [ edit ]

      Источник