Skip to content
View in the app

A better way to browse. Learn more.
ResHax

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.
Help us keep the site running.

LuaQ with new library

ZenHAX
in Zenhax

Featured Replies

  • Author
  • Localization

Ziyan_555, posted Sun Dec 27, 2020 4:04 am (61306)

Need help to decompile LuaQ with new library.
Previously using the standard library, dev changed it after an update.
Here the lua file and dll library, spotted with my poor coding knowledge.



Game: ???? (Age of Wushu - Taiwan Version)

LuaQ.rar

  • Author
  • Localization

atom0s, posted Sun Dec 27, 2020 8:21 pm (61331)

Looks like the scripts are xor'd with the key: 'snailgame'

Usage 1:
Code:
void *__cdecl sub_10005E10(int a1, int a2, size_t Size, int a4)
{
  size_t v4; // esi
  void *v5; // ebp
  _BYTE *v6; // ecx
  int v7; // edi

  v4 = 0;
  if ( dword_10091020 >= Size )
  {
    v5 = Block;
  }
  else
  {
    if ( Block )
      free(Block);
    v5 = malloc(Size);
    Block = v5;
    dword_10091020 = Size;
  }
  if ( Size )
  {
    v6 = v5;
    v7 = a2 - (_DWORD)v5;
    do
    {
      if ( a4 )
        *v6 = v6[v7] ^ byte_10075AD4[v4 % 9];
      else
        *v6 = v6[v7];
        v4;
        v6;
    }
    while ( v4 < Size );
  }
  return v5;
}


Usage 2:
Code:
char __cdecl sub_10005EA0(int a1, int a2, unsigned int a3, int a4)
{
  unsigned int v4; // ecx
  char result; // al

  v4 = 0;
  if ( a4 && a3 )
  {
    do
    {
      result = byte_10075AD4[v4 % 9];
      *(_BYTE *)(v4   a2) ^= result;
        v4;
    }
    while ( v4 < a3 );
  }
  return result;
}


byte_10075AD4 points to a small byte array holding the word: snailgame

This is how the game is writing and reading the blocks.
  • Author
  • Localization

Ziyan_555, posted Tue Dec 29, 2020 11:05 am (61363)

Can i apply the code directly using quickbms or need to link any library inside the code?, sorry I no knowledge on how to decompile apart the standard unluac.jar method.
  • Author
  • Localization

Ziyan_555, posted Sun Jan 03, 2021 8:18 am (61451)

atom0s wrote:
Looks like the scripts are xor'd with the key: 'snailgame'

Usage 1:
Code:
void *__cdecl sub_10005E10(int a1, int a2, size_t Size, int a4)
{
  size_t v4; // esi
  void *v5; // ebp
  _BYTE *v6; // ecx
  int v7; // edi

  v4 = 0;
  if ( dword_10091020 >= Size )
  {
    v5 = Block;
  }
  else
  {
    if ( Block )
      free(Block);
    v5 = malloc(Size);
    Block = v5;
    dword_10091020 = Size;
  }
  if ( Size )
  {
    v6 = v5;
    v7 = a2 - (_DWORD)v5;
    do
    {
      if ( a4 )
        *v6 = v6[v7] ^ byte_10075AD4[v4 % 9];
      else
        *v6 = v6[v7];
        v4;
        v6;
    }
    while ( v4 < Size );
  }
  return v5;
}


Usage 2:
Code:
char __cdecl sub_10005EA0(int a1, int a2, unsigned int a3, int a4)
{
  unsigned int v4; // ecx
  char result; // al

  v4 = 0;
  if ( a4 && a3 )
  {
    do
    {
      result = byte_10075AD4[v4 % 9];
      *(_BYTE *)(v4   a2) ^= result;
        v4;
    }
    while ( v4 < a3 );
  }
  return result;
}


byte_10075AD4 points to a small byte array holding the word: snailgame

This is how the game is writing and reading the blocks.


Hi, any solution to decompile with quickbms?
  • Author
  • Localization

atom0s, posted Mon Jun 21, 2021 8:59 am (64817)

Due to the number of people that have contacted me about this game/encryption, I have made a tool to do this. However, I will not be sharing said tool as I know it will just land up being resold or abused for sale elsewhere due to some forums already reselling other files for this game.

You can contact me via pm in regards to decrypting files for a fee.
You can also contact me via Discord: atom0s#0001
  • Author
  • Localization

bolunzai, posted Thu Oct 07, 2021 9:08 am (66890)

Came across this, any XOR-related compilers. I have created a working tool to strip the wrapper function and successfully decompiled it.

Contact me at Discord: YanTun#3937
  • Author
  • Localization

KnightAdol, posted Tue Nov 02, 2021 2:26 pm (67323)

atom0s wrote:
Due to the number of people that have contacted me about this game/encryption, I have made a tool to do this. However, I will not be sharing said tool as I know it will just land up being resold or abused for sale elsewhere due to some forums already reselling other files for this game.

You can contact me via pm in regards to decrypting files for a fee.
You can also contact me via Discord: atom0s#0001

Hello Atom0S.
Can you accept my invite on Discord?
My Discord ID: Ha S? Long#0602
  • Author
  • Localization

atom0s, posted Wed Nov 10, 2021 3:49 am (67450)

Added, for anyone else interested, I am still offering a small fee service for decrypting this games files. :)
I just rewrote/updated my tool as well for this.
Guest
This topic is now closed to further replies.
Go to topic listing

Account

Navigation

Search

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.