I’m sharing this humblebrag with you as a prelude to explaining my motivation regarding miHoYo’s games. They subsequently paid me to fix it for them (this is the smart play by the way: nobody can design security products as well as hackers Sony would have done well to take this tip instead of suing GeoHot). When I rewrote the disassembly of a Sky pay-TV smartcard in C in 1997 (I know, I was an unruly teenager who turned into an unruly adult, sorry) and the company who designed the smartcard ( NDS – now merged with Cisco) wanted to “have a little chat” with me about this, one of the first questions they asked me was: if you wanted free TV, why didn’t you just run the smartcard code in a CPU emulator once you’d dumped the ROM instead of spending 8 months rewriting it in C? My answer was matter-of-fact: I already have a Sky subscription, I just wanted to know how the card worked and prove it could be done. Some people have a quite different motive: reverse engineering is a hobby for them they don’t use or care about the product, they’re merely interested to learn about how different protections work – the reverse engineering is the game, so to speak.
#Reverse engineering unity games software
If you’re the nefarious type who sells exploits for money, you probably don’t care how the target software works either, as long as you can sell your exploitative trash (shame on you).
#Reverse engineering unity games how to
If you’re a malware analyst, you don’t care how the payload is encrypted you just want to understand what threat vectors the malware exploits, what its key behaviour is, and how to create a signature to detect it. People reverse engineer code for different reasons. We had a good chuckle together reverse engineering League of Legends: Wild Rift, but now it’s time to get serious. miHoYo has taken aim at our beloved (and sometimes hated) IL2CPP tools and trashed them with customized metadata encryption and extensive struct reordering, encapsulated in an obfuscated UnityPlayer.dll built from a modified Unity source code base. Of all the IL2CPP workloads that have landed on my office desk over the years, those published by miHoYo (web site in Chinese) are what I consider to be the current gold standard for IL2CPP obfuscation.
0 kommentar(er)
