GameGuard INI Decrypter

[webmaster_imds]

Hello.
First of all, if this is categorized as a small release, then say it please

It works with every game that uses GameGuard, Trickster including.

HowTo:
-) Download and extract GameGuard INI Decrypt.rar
-) Copy&Paste the game's ini file(example: TricksterTW.ini) in the "GameGuard INI Decrypt.exe"

Encrypted

ìÞmØÉ÷¤LÛ
ó®"W¹@·qËÍä'’ù›M'îö2l#ïC#xmœV’„bò‰ÐP’Ï=éÈÕn$o¸µåÄ„¡;ÅÂU6å󌛥خ Ó€ÙÁ‚Š/¥6ÐìÙ6¢º?ù skqÑ®ºËx—oÕΨ:Y÷p›d>Á‹´À&c„Õm¥ihAÛ'OK¨ñ}“Û‹äæUpfó½2'›
`” 'öå!ϵT_zdŠîË2D”zæQíÙ´ˆ¥BsÀeÿôHÞò̯ŽÔ!‚ˆçÏ]½ds¹¿3÷[?Þ‰BMþõÿ³.ºÝo‡†-e†eñ- TricksterUS.ini º¯¹Ëýô(ÜAwËwDA”<§ê.Z·fïÚÝbÅLéu.¹ù¿oûý6h–Ü‚it­Unêy²õˆö’"&2   @   !&2

Vuala, you have decrypted the .ini file! (TricksterTW.ini_Decrypted.txt)

Decrypted

[GAMEMON]
GAME_NAME=TricksterUS
UPDATE_SERVER=ntreevnpro.nefficient.com
UPDATE_PATH=/ntreevnpro/nProtect/GameGuard/RealServer/
BACKUP_SERVER=
BACKUP_PATH=
OPTION_VALUE=0
SPEEDCHECK_INTERVAL=1000
SENDERL=1
GAMECRC=2
USE_DRV=1
REVISION=47

Note for an error if you directly decrypt it from the game's folder:
If you get the error: "Failed to open file!", then it´s because you dont have enough rights to open the file. Just copy the .ini somewhere else and then decrypt it :


Have fun with emulating the GameGuard easier, with the info you get from the game's ini file :

Thanks to XxharCs

 

[[GM]Xia]

and how to encrypt it?

 

[webmaster_imds]

and how to encrypt it?

to encrypt it again, I have not yet found a tool, but as soon as I find it, I'll post it here...


but now with the decrypted file, you can emulate the gameguard using the windows host file
(C:\Windows\System32\drivers\etc\hosts)

 

[altasking]

Found the source code c++ for the decryption tool:

#include <stdio.h>
#include <stdlib.h>
#include <sys/stat.h>
#include <windows.h>
#include <wincrypt.h>
 
#include <winsock.h>
 
#define VER     "0.1"
#define KEY     "ectGameMon"
#define SIGN1   0x32812622
#define SIGN2   0x32812621
#define PUBKEY  "\x06\x02\x00\x00\x00\x24\x00\x00\x52\x53\x41\x31\x00\x02\x00\x00" \
                "\x01\x00\x01\x00\xFB\xE3\xFC\x09\xAF\xAE\x65\x8C\x96\x4C\xC5\x37" \
                "\xD2\xA4\x77\xE7\x4C\x41\xC2\xCF\xF2\xFE\x2D\x9C\x80\x94\x0C\x88" \
                "\x6D\xB3\x84\x9F\x8C\x22\xA0\xC9\xCD\xC0\xAB\x30\x65\x82\x42\x3C" \
                "\xEE\x3C\xA8\xB7\x11\xD6\x22\xFA\xFB\x23\xF7\x72\xCD\xE7\xD0\x6F" \
                "\x6A\x8E\x96\xE3"
 
 
void std_err(int type);
 
 
int main(int argc, char *argv[]) {
    FILE        *fd;
    struct stat xstat;
    HCRYPTPROV  hProv;
    HCRYPTHASH  hHash;
    HCRYPTKEY   hKey;
    DWORD       len;
    u_int      buffsz;
    u_char      *buff,
                *input,
                *output,
                *filename,
                *signature;
 
    struct gameguard_header {
        u_int  sign1;
        u_int  filename_size;
        u_int  signature_size;
        u_int  sign2;
    } *gh = NULL;
 
 
    setbuf(stdout, NULL);
 
    fputs("\n"
        "GameGuard files decrypter "VER"\n"
        "by Luigi Auriemma\n"
        "e-mail: aluigi@autistici.org\n"
        "web:    aluigi.org\n"
        "\n", stdout);
 
    if(argc < 3) {
        printf("\n"
            "Usage: %s <input_file> <output_file>\n"
            "\n", argv[0]);
        exit(1);
    }
 
    input  = argv[1];
    output = argv[2];
 
    printf("- open input file:     %s\n", input);
    fd = fopen(input, "rb");
    if(!fd) std_err(0);
 
    fstat(fileno(fd), &xstat);
    buffsz = xstat.st_size;
    printf("  filesize:            %u\n", buffsz);
 
    buff = malloc(buffsz);
    if(!buff) std_err(0);
    len = fread(buff, 1, buffsz, fd);
    fclose(fd);
 
    len -= sizeof(struct gameguard_header);
    gh = (struct gameguard_header *)(buff + len);
    len -= (gh->filename_size + gh->signature_size);
 
    if((gh->sign1 != SIGN1) ||
       (gh->sign2 != SIGN2)) {
        printf("\n"
            "Alert: the signs in the file don't match the default signs, I try to continue:\n"
            "       0x%08x (should be 0x%08x) and 0x%08x (should be 0x%08x)\n"
            "\n",
            gh->sign1, SIGN1,
            gh->sign2, SIGN2);
    }
 
    filename  = buff + len;
    printf("- built-in filename:   %s\n", filename);
    signature = buff + len + gh->filename_size;
 
    if(!CryptAcquireContext(
        &hProv,
        NULL,
        MS_DEF_PROV,
        PROV_RSA_FULL,
        CRYPT_VERIFYCONTEXT)) std_err(1);
 
            /* VERIFY SIGNATURE */
 
    fputs("- verify signature:", stdout);
 
    if(!CryptCreateHash(
        hProv,
        CALG_MD5,
        0,
        0,
        &hHash)) std_err(1);
 
    if(!CryptImportKey(
        hProv,
        PUBKEY,
        sizeof(PUBKEY) - 1,
        0,
        0,
        &hKey)) std_err(1);
 
    if(!CryptHashData(
        hHash,
        buff,
        len + gh->filename_size,
        0)) std_err(1);
 
    if(!CryptVerifySignature(
        hHash,
        signature,
        gh->signature_size,
        hKey,
        NULL,
        0)) {
        fputs("    WRONG!\n", stdout);
    } else {
        fputs("    OK\n", stdout);
    }
 
    CryptDestroyKey(hKey);
    CryptDestroyHash(hHash);
 
            /* DECRYPT DATA */
 
    if(!CryptCreateHash(
        hProv,
        CALG_MD5,
        0,
        0,
        &hHash)) std_err(1);
 
    if(!CryptHashData(
        hHash,
        KEY,
        sizeof(KEY) - 1,
        0)) std_err(1);
 
    if(!CryptDeriveKey(
        hProv,
        CALG_RC4,
        hHash,
        0,
        &hKey)) std_err(1);
 
    if(!CryptDecrypt(
        hKey,
        0,
        TRUE,
        0,
        buff,
        &len)) std_err(1);
 
    printf("- write output file:   %s\n", output);
    fd = fopen(output, "wb");
    if(!fd) std_err(0);
    fwrite(buff, len, 1, fd);
    fclose(fd);
 
    CryptDestroyKey(hKey);
    CryptDestroyHash(hHash);
    CryptReleaseContext(hProv, 0);
    free(buff);
    fputs("- Finished\n", stdout);
    return(0);
}
 
 
 
void std_err(int type) {
    if(type) {
        printf("\n"
            "Error: error during the usage of the cryptography (0x%lx)\n"
            "       If you received a sign error before means this is not a valid GameGuard\n"
            "       INI file\n"
            "\n", GetLastError());
    } else {
        perror("\nError");
    }
    exit(1);
}

 

[samer208]

but now with the decrypted file, you can emulate the gameguard using the windows host file
(C:\Windows\System32\drivers\etc\hosts

hi
about that, what files do you need for the gameguard update? i cant get gameguard to update on localhost

 

[webmaster_imds]

but now with the decrypted file, you can emulate the gameguard using the windows host file
(C:\Windows\System32\drivers\etc\hosts

hi
about that, what files do you need for the gameguard update? i cant get gameguard to update on localhost

this script you only use to see the data that was encrypted in the ini, unfortunately you can not encrypt it again with this tool

but now with the decrypted file, you can emulate the gameguard using the windows host file
(C:\Windows\System32\drivers\etc\hosts

hi
about that, what files do you need for the gameguard update? i cant get gameguard to update on localhost

the files for update by server emulation nprotect I do not have anymore but you can find them on the internet maybe.

 

[kyha]

Hi everyone!

Do you know of any tool that encrypts again?