So I'm working on a project on making an online android game work on PC from packet sending / receiving. Limited graphics.
Basically all packets are sent in a very unencrypted way, using very easy text and integers.
Easily picked up from packet sniffing, IP, Data etc. However, return results seems to be encrypted according to some packetscanning application for android. Unsure as packetscanning for android seems a bit meh. As I cannot get the game to launch thru bluestacks as hardware is listed as "Unsupported", I cannot find out for sure. Else I could have gotten more data and from that and could just have made the entire game based on the scanned sent/recieved packets coming from bluestacks. However the game also sends login info with each packet similar to
SendPacket(RetrieveResources,xxx,yyy,date,time,use rname,authid)
Username and authid is based of android hardware ID, which could easily be recoded into the java application.
But then I cannot find how it bases the authid and username of hardare id. Or how the application tells the server to create a new user.
Now, Myself I am an Java developer, however as I've never worked on Android applications previously this stuff is zzzz compared to real Java. I've managed to get about 99% source code from decompiling, deobfuscating and extracting the .dex file inside the application.
However, here's where things just go into full wtf-mode. I've extracted over 200 .class files into their correct folders and such, however, as confusing as this is. I simply cannot find how the game functions, or where it stores the IP and such, is it stored in an offsite .xml file? Storage file? Database? Resource file? Browsing through unlimited lines of scrap code, that seems irrelevant to the game, Facebook connections, Amazon, Google play purchase, Crittercism, GooglePlay classes etc. But noone of them actually seem to hold any useful data and alot of stuff actually just seems to be "Drag and Drop this into your application then call functions from it" like, "Authenticate to Facebook". I've managed to find alot of things loading .obb files, that doesnt seem to exist at all, tho the game pretty much goes "!blabla.obb" "CreateObb();" The game does not exist on facebook at all, just uses it to recieve ProfilID as an Login ID.
The game also uses UnityPlayer which seems to be the "Launch" class, which I've browsed thru but found nothing relevant. I found alot of .classes that seems similar to each other aswell containing the same stuff. I've also found alot of stuff that actually seems to be packet sends and connections, however, there is nothing that points that it is towards the game, but rather connections for i.e google play services.
Biggest .class>.java file is about ~40kb. Which for mee seems small, as projects I usually work with is well about 10mb inside the main.class then calls for unnecessary stuff from side classes.
Anyone mind pointing out on how android applications handles connections?
Is the files really no bigger than 40kb and just scrambled into tons of subclasses?
Feels like I'm missing obvious stuff that should be right there declared as a variable, but I can't find it.
Basically all packets are sent in a very unencrypted way, using very easy text and integers.
Easily picked up from packet sniffing, IP, Data etc. However, return results seems to be encrypted according to some packetscanning application for android. Unsure as packetscanning for android seems a bit meh. As I cannot get the game to launch thru bluestacks as hardware is listed as "Unsupported", I cannot find out for sure. Else I could have gotten more data and from that and could just have made the entire game based on the scanned sent/recieved packets coming from bluestacks. However the game also sends login info with each packet similar to
SendPacket(RetrieveResources,xxx,yyy,date,time,use rname,authid)
Username and authid is based of android hardware ID, which could easily be recoded into the java application.
But then I cannot find how it bases the authid and username of hardare id. Or how the application tells the server to create a new user.
Now, Myself I am an Java developer, however as I've never worked on Android applications previously this stuff is zzzz compared to real Java. I've managed to get about 99% source code from decompiling, deobfuscating and extracting the .dex file inside the application.
However, here's where things just go into full wtf-mode. I've extracted over 200 .class files into their correct folders and such, however, as confusing as this is. I simply cannot find how the game functions, or where it stores the IP and such, is it stored in an offsite .xml file? Storage file? Database? Resource file? Browsing through unlimited lines of scrap code, that seems irrelevant to the game, Facebook connections, Amazon, Google play purchase, Crittercism, GooglePlay classes etc. But noone of them actually seem to hold any useful data and alot of stuff actually just seems to be "Drag and Drop this into your application then call functions from it" like, "Authenticate to Facebook". I've managed to find alot of things loading .obb files, that doesnt seem to exist at all, tho the game pretty much goes "!blabla.obb" "CreateObb();" The game does not exist on facebook at all, just uses it to recieve ProfilID as an Login ID.
The game also uses UnityPlayer which seems to be the "Launch" class, which I've browsed thru but found nothing relevant. I found alot of .classes that seems similar to each other aswell containing the same stuff. I've also found alot of stuff that actually seems to be packet sends and connections, however, there is nothing that points that it is towards the game, but rather connections for i.e google play services.
Biggest .class>.java file is about ~40kb. Which for mee seems small, as projects I usually work with is well about 10mb inside the main.class then calls for unnecessary stuff from side classes.
Anyone mind pointing out on how android applications handles connections?
Is the files really no bigger than 40kb and just scrambled into tons of subclasses?
Feels like I'm missing obvious stuff that should be right there declared as a variable, but I can't find it.
Download from this link
No comments:
Post a Comment