Jump to content
MaxCheaters Official Group on X
MaxCheaters Official Group on Discord

Smart Guard's Smart Crypt Is A Scam!

kavar.dyminsky
 Share

Recommended Posts

kavar.dyminsky Newbie

kavar.dyminsky

Posted
Posted
I represent all clients that bought this software. 
Smart guard, be honest with yourself and refund every noob that you sold it to.
 
Instructions:
Decrypt any files protected by SmartCrypt with effectively two lines of code.
 
SmartCrypt can be bypassed simply by loading the file you want into memory via the Core.dll method appLoadFileToArray
The array loaded by appLoadFileToArray will be completely free of any encryption, it can then be saved to file, I personally use appSaveArrayToFile as the Core already has this function for us.
 
This proof of concept was created on the Interlude client but should work without issue on any client version.
The following code must be compiled using Visual Studio as a DLL and the resulting DLL should be attached to l2.bin
 
Attaching DLL Instructions


Download Explorer Suite http://www.ntcore.com/exsuite.php
Use CFF Explorer to open L2.bin
On the left side, click "Import Adder"
Click "Add", locate your compiled DLL file
In "Exported Functions" box click "DllMain" then click "Import By Name"
Click "Rebuild Import Table"
On the left side, click "Rebuilder"
Click "Bind Import Table" check box then click "Rebuild"
Save L2.bin (Keep a backup of original ofc)

 
#include <windows.h>
 
void DumpFile()
{
typedef void (__cdecl *f_appLoadFileToArray)(char *, wchar_t *, int);
typedef void (__cdecl *f_appSaveArrayToFile)(char *, wchar_t *, int);
 
f_appLoadFileToArray appLoadFileToArray = (f_appLoadFileToArray)GetProcAddress(GetModuleHandleA("Core.dll"), "?appLoadFileToArray@@YAHAAV?$TArray@E@@PBGPAVFFileManager@@@Z");
f_appSaveArrayToFile appSaveArrayToFile = (f_appSaveArrayToFile)GetProcAddress(GetModuleHandleA("Core.dll"), "?appSaveArrayToFile@@YAHABV?$TArray@E@@PBGPAVFFileManager@@@Z");
 
char TArray[0x14];
memset(TArray,0,0x14);
 
appLoadFileToArray(TArray, L"..\\System\\Interface.u", *((int *)GetProcAddress(GetModuleHandleA("Core.dll"), "?GFileManager@@3PAVFFileManager@@A")));
appSaveArrayToFile(TArray, L"..\\System\\Interface.decrypted.u", *((int *)GetProcAddress(GetModuleHandleA("Core.dll"), "?GFileManager@@3PAVFFileManager@@A")));
}
bool dumped = false;
void StartCheck()
{
// wait until WinDrv is loaded just so we know everything we need is initialized correctly
if (GetModuleHandleA("WinDrv.dll") != NULL) {
if (!dumped) {
DumpFile();
dumped = true;
}
}
}
__declspec(dllexport) BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved )
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
case DLL_THREAD_ATTACH:
StartCheck();
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
 
Below are screenshots of a successfully decrypted SmartCrypt protected Interface.u with source fully viewable via UTPT
 
post-193482-0-83528400-1472863106_thumb.jpg
post-193482-0-41080000-1472863098_thumb.jpg
 
The words of the developer:
"Private encryption keys - 100% safety!"
"Protected files are guaranteed from being modified or viewed"
 
That's your chance to claim your money back and quit wasting money.
 
 
I wasn't sure where was the best place to stick this topic as it didn't really fit into the categories so if a mod feels it's better placed somewhere else feel free to move it, thanks!
  • Thanks 1
Link to comment
Share on other sites
imtheboss2012 Newbie

imtheboss2012

Posted
Posted

*haha*

 

 

 

not

 

thought it was some bypass for smartguard, people will still buy it, no matter if there are some backdoors on files. eglobal also had some shitty things on their system and people still played there. 

Link to comment
Share on other sites
Szakalaka Newbie

Szakalaka

Posted
Posted

It's true for everything, see how themida managed to protect retail client files, wow

 

Do you realise they are using 10 yo version without any special features? There are even scripts for those who do not know how to unpack basic stuff

Link to comment
Share on other sites
  • 3 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


  • Posts

    • UTCHIHAmkt
      ✨FULL VERIFIED AGED DISCORD ACCOUNTS 2015–2024 Start at 0.4$

      By UTCHIHAmkt · Posted

      DISCORD : utchiha_market telegram : https://t.me/utchiha_market SELLIX STORE : https://utchihamkt.mysellix.io/ Join our server for more products : https://discord.gg/hood-services https://campsite.bio/utchihaamkt  
    • tomlondon12
      ✅ Mass DM Panel | Instagram, Twitter, Telegram and Discord!

      By tomlondon12 · Posted

      We are taking new orders!!    
    • FaTal1Ty
      L2-Prodigy

      By FaTal1Ty · Posted

      Server Rates: » Xp 500x. » Sp 500x. » Aden 500x. » Drop 1x. » PartyXp 2x. » PartySp 2x. » Starting character level -61. Enchant rates: » Safe enchant +4. » Blessed and simple scrolls max enchant (+16). » Crystal scrolls max enchant (+20). » Simple enchant scrolls chance – 65%. » Blessed enchant scrolls chance – 100%. » Crystal enchant scrolls chance – 50% Augmentations: » Mid life stone skill chance – 5%. » High life stone skill chance – 10%. » Top life stone skill chance – 20%. » Augments 1+1 Unique features: » Main town – Giran » Automatic-Manual Potions. » Working 2 castle sieges. (Giran-Aden) » SPS cancel lasts 10 seconds and than buffs come back. » Stackable scrolls, lifestones, book of giants. » Unique pvp zone » More then 11 active raid bosses. » Wedding system. » Unique farming areas. » Npc skill enchanter. » Full npc buffer with auto buff. » Max count of buffs – 55. » Max subclasses – 4. » Free and no quest class change. » Free and no quest sub class. » Raid boss drop nobless item. » No weight limit. » Unique protection anti-hwy armor for archers/daggers etc. » Ingame password change. » Top pvp/pk/online ranks NPC. » Unique monsters & NPC. » Interlude retail skills. » Server up-time [24/7] [99]%. » Perfect class balance (all class can kill all class depending on players skill and setup knowledge,gear,augmentations). » Announcements on double kills triple kills etc. » Announcements on Grand Boss death , with the name of the killer as well as clan name of the player. » Information Npc in game with all servers infromations. Custom server gear : 1). Titanium Armor Lv.1 2). Epic Armor Lv.2 3). Epic Weapons-Kamikaze-Black S grade (Same Stats) 4). Demonic-Angelic Wings-Baium Hair-Custom Accessories (SameStats) 5). Custom Fighter/Mage tattoo Lv1-Lv2-Lv3 6). Shirt (STR,CON,INT +1) 7). Custom Shields Server Commands: .tvtjoin .tvtleave – Join or leave tvt event. .ctfjoin .ctfleave – Join or leave ctf event. .dmjoin .dmleave – Join of leave dm event. .online – current online players count. .repair – repairs stuck character in world. .menu – opens online menu panel. .exit – PVP zone exit in case you are bullied. .changepassword - Opens online menu then u can change ur password in game. .farm - Enable/disable autofarm Event system: » TVT event » CTF event » DM event » Tournament Event » Party Zone » Unique event shop. Olympiad game: » Retail olympiad game. » Competition period [1] week. » Olympiad start time [18:00] end [00:00] GMT+2. » New Heroes every Sunday.
    • MarGaZeaS
      [L2J] KoofsVsNoobs

      By MarGaZeaS · Posted

      Tomorrow grand opening lests go 🙂 
    • SeconD
      [L2J] L2Blaze

      By SeconD · Posted

      New season of Warfire X150 has been postponed to September 28th.

  • Topics

×
×
  • Create New...