|
Cheat Engine The Official Site of Cheat Engine
|
View previous topic :: View next topic |
Author |
Message |
panraven Grandmaster Cheater Reputation: 55
Joined: 01 Oct 2008 Posts: 942
|
Posted: Mon Aug 24, 2015 2:11 pm Post subject: crack me password and trainer protection |
|
|
I remembered I wrote something similar b4 but forgot where, so here a little game and to prove the concept. (just in case, this is never my original idea, I guess "hash the password" is common sense for coder using password.)
how to play:
1. click "test me" entry
2. guess the password
3. look into the source to find hint for part 1
4. you (virtually) cant find part 2 password if the concept is right
0. cannot protect from your friend whose you give him the real password. He can see the decoded source with a bit lua/scripting knowledge.
enjoy~
Description: |
|
Download |
Filename: |
0.passwordtest.CT |
Filesize: |
4.41 KB |
Downloaded: |
560 Time(s) |
_________________
- Retarded.
Last edited by panraven on Tue Aug 25, 2015 12:14 pm; edited 1 time in total |
|
Back to top |
|
|
lolAnonymous Expert Cheater Reputation: 1
Joined: 19 Jul 2015 Posts: 154
|
Posted: Mon Aug 24, 2015 2:53 pm Post subject: |
|
|
I Don't Know What Are U Saying Because Of My Weak English But Can I Ask U What Is This ? I Got This From Your .ct File
Code: | {$lua}
if syntaxcheck==true then return '' end
--
--
-- common function
function loadTableFile(n,mode)
local hdr = 'loadTableFile: '
assert(type(n)=='string',hdr.."input should be a string -"..tostring(n).." of "..type(n))
local m = assert(findTableFile(n),hdr.."can't find table file -"..n).Stream
m = assert(readStringLocal(m.Memory,m.Size),hdr.."can't read content -"..n)
if type(mode)~='boolean' then return m end
m = assert(loadstring(m,n),hdr.."lua script load fail -"..n)
return mode and m() or m
end
function enc(s,k,infile,outfile) -- this can be not include on releasing trainer/table, but ok to include
if type(k)~='string' then return nil,'?ERROR?' end
if type(infile)=='string' then
local ok,f = pcall(io.open,infile,'r')
if ok and f then
s = f:read("*a")
f:close()
end
elseif findTableFile(s or '') then
s = loadTableFile(s)
end
if type(s)~='string' then return nil,'?ERROR?' end
k = stringToMD5String(k)
local kt,t,i,j = {},{},1
while k:byte(i) do kt[1+#kt]=k:byte(i) i=i+1 end
i=1
while s:byte(i) do
j = 1+((i-1) % #kt)
t[1+#t]= bAnd(bXor(kt[j],s:byte(i)),0xff)
i = i+1
end
t = #t>0 and "{"..table.concat(t,",").."}" or '{}'
if type(outfile)=='string' then
local ok,f = pcall(io.open,outfile,'w')
if ok and f then
f:write(t)
f:close()
end
end
return t
end
local dec = function(t,k)
if type(t)~='string' or type(k)~='string' then return nil,'*ERROR*' end
k = stringToMD5String(k)
local fs = "return "..t
local kt,i = loadstring(fs),1
local ok
if type(kt)=='function' then ok,t = pcall(kt) end
if not ok or type(t)~='table' then return nil,'!ERROR!' end
kt = {}
while k:byte(i) do kt[1+#kt]=k:byte(i) i=i+1 end
local s,j = {}
for i=1,#t do
j=1+((i-1) % #kt)
s[1+#s]= string.char(bAnd(bXor(kt[j],t[i]),0xff))
end
return table.concat(s)
end
--- do not ship your train/table with the real password
--- do not ship your train/table with the real password
--- do not ship your train/table with the real password
--- do not ship your train/table with the real password
local coreSource = "Ok, you got the explict password from source, well done!!! ;) now try the hidden one :D"
local password = "ce"
--- do not ship your train/table with the real password
--- do not ship your train/table with the real password
--- do not ship your train/table with the real password
--- do not ship your train/table with the real password
--- sample code to make encoded tablefile
--- sample code to make encoded tablefile
--- sample code to make encoded tablefile
--- sample code to make encoded tablefile
--enc(nil,"no-this-is-not-password-:D",[[mysource.lua]],'enctbl')
--- sample code to make encoded tablefile
--- sample code to make encoded tablefile
--- sample code to make encoded tablefile
--- sample code to make encoded tablefile
local enSource = enc(coreSource,password) -- replace this as " loadTableFile('enctbl') " like ==ENCODE== below
function r(psw)
print('')
print('')
-- explict source password is 'ce'
local deSource = dec(enSource,psw)
print("Explict Source:\n")
print( deSource)
deSource = dec(loadTableFile('enctbl'),psw) -- ==ENCODE==
-- this one is runnable
print("Hidden Source:\n")
local ok,runnable = pcall(loadstring,deSource)
if ok and type(runnable)=='function' then
print("Good! you crack the hidden source!")
print("here you go!")
runnable()
else
print( deSource)
end
end
r(inputQuery("Password","Enter Password>","cancel to pretent you know the password ;)") or password)
{$asm}
[ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
[DISABLE]
//code from here till the end of the code will be used to disable the cheat |
|
|
Back to top |
|
|
panraven Grandmaster Cheater Reputation: 55
Joined: 01 Oct 2008 Posts: 942
|
|
Back to top |
|
|
atom0s Moderator Reputation: 198
Joined: 25 Jan 2006 Posts: 8517 Location: 127.0.0.1
|
Posted: Mon Aug 24, 2015 7:31 pm Post subject: |
|
|
Given that this is just the plain text CE file, it has no protection to it since anyone can see the code used to encrypt and decrypt your trainer information.
The password is: ce
_________________
- Retired. |
|
Back to top |
|
|
mgr.inz.Player I post too much Reputation: 218
Joined: 07 Nov 2008 Posts: 4438 Location: W kraju nad Wisla. UTC+01:00
|
Posted: Tue Aug 25, 2015 7:27 am Post subject: |
|
|
second password: dSg
At least your script says: "Good! you crack the hidden source!"
_________________
|
|
Back to top |
|
|
panraven Grandmaster Cheater Reputation: 55
Joined: 01 Oct 2008 Posts: 942
|
Posted: Tue Aug 25, 2015 9:04 am Post subject: |
|
|
mgr.inz.Player wrote: | second password: dSg
At least your script says: "Good! you crack the hidden source!"
|
Ah, embarrassing...
My testing response is failed.
The "Good!" message show if the decoded string compile as function by loadstring, but no, the decoded string will be a run-able script with another message, there are more than the just "Good!" response will be show.
(That mean a complete lua script can be encode and decode and run)
To save time for using brute force, the pass is a 11-alpha. (was 9-alpha, but it seems I cannot count my fingers ~_~)
atom0s wrote: | Given that this is just the plain text CE file, it has no protection to it since anyone can see the code used to encrypt and decrypt your trainer information.
The password is: ce |
The psw should not be include in the published ct, that's what the hidden part
ADDED: Updated. It should now only show the "Good" message with correct password (or matching md5 hashed string?) in hidden part.
_________________
- Retarded.
Last edited by panraven on Tue Aug 25, 2015 12:16 pm; edited 2 times in total |
|
Back to top |
|
|
lolAnonymous Expert Cheater Reputation: 1
Joined: 19 Jul 2015 Posts: 154
|
Posted: Tue Aug 25, 2015 11:00 am Post subject: |
|
|
Hmmm.... Thanks A lot For This Code/Script Now I Can Save My Auto Assembler Scripts
Hey But Can U Tell Me How U Got The Second Password ?
Thanks,
|
|
Back to top |
|
|
panraven Grandmaster Cheater Reputation: 55
Joined: 01 Oct 2008 Posts: 942
|
|
Back to top |
|
|
atom0s Moderator Reputation: 198
Joined: 25 Jan 2006 Posts: 8517 Location: 127.0.0.1
|
Posted: Tue Aug 25, 2015 5:36 pm Post subject: |
|
|
@panraven: If you want to test the security of things, post up a completed trainer/table that has your protections in-tact without any extra stuff that should not be there. You will get a better overall analysis of what you are trying to do to protect the file.
Keep in mind though, if you are just using the stock Cheat Engine trainer stuff, it is super easy to undo any and all of the protections.
_________________
- Retired. |
|
Back to top |
|
|
Rydian Grandmaster Cheater Supreme Reputation: 31
Joined: 17 Sep 2012 Posts: 1358
|
Posted: Tue Aug 25, 2015 5:48 pm Post subject: |
|
|
After all, you can't stop somebody from looking at files on their own computer.
You can make it harder or more annoying for them to get useful info out of it, but you can't stop them.
_________________
|
|
Back to top |
|
|
panraven Grandmaster Cheater Reputation: 55
Joined: 01 Oct 2008 Posts: 942
|
|
Back to top |
|
|
lolAnonymous Expert Cheater Reputation: 1
Joined: 19 Jul 2015 Posts: 154
|
Posted: Tue Sep 01, 2015 11:26 am Post subject: |
|
|
Panraven Bro I Want To Pm U Need To Talk Some Thing About Your Trainer Can U Pm Me I Can't Pm U Because CE Forum Don't Allow Me
Thanks In Advance
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
|
|