[HELP] Time Reversal - タイムリフレイン

[buncheandom]

Hello,

i have some question regarding reverse enginnering this mobile game.

This Mobile Game got shutdown, everywhere except Japan, so i kinda wanna provide an opportunity to play the game offline/online anywhere and everywhere. Yeah this might sound stupid because its an Gacha Mobile game, but i personally think its an good strategy game ( it has strategy aspects ingame, like solving quiz battle etc), i did invest some time into reverse engineering the game, i found the XXTEA key and sign, to decrypt almost the all game resourceses except .dat files.

Here (

You must be registered to see links

) is my Github Project about it, as of right now its kinda not filled with much informations because, i dont work 24/7 on it and make kinda slow progress.

So my Questions are:

how would i write an PacketSniffer for an mobile game, if that is even possible? (im asking to anything documentation related, i personally couldnt find much about this but maybe i searched the wrong keywords)

The XXTEA key and Sign, is hardcoded into the app itself, would that apply also to other keys like for .dat files? These files are encrypted should be encrypted with sqlcipher 3 or 4.

ALso i can provide the Apks, just need to upload them to gdrive or mega, and sorry if that is the wrong thread or something like that.

 

[Nothilvien]

you could try to modify the APK, for example dump every decrypted network packet to a file. To do so modify the method that handles the network data after it has been decrypted, to save the array of bytes to the android file system (

You must be registered to see links

) then you can inspect it with a hex viewer and build your own server to respond with the same data. if you respond with the unencrypted data be sure to patch the decryption method so the apk will use your data from your server directly without trying to decrpt it.
you would also probably be able to modify the connect method, to make it connect to your own server by providing a different ip.

you can also utilize your computer as your access point, so you would be acting as a proxy server and can capture all traffic from this app via wireshark for example. but data might be encrypted.
Using your pc / proxy as access point you might also be able to utilize your own server to respond to the traffic instead of returning data from original server

if you want a real time packet sniffer, the best would be to utilzie your pc as a proxy server, so the client connects to that one, which then connects to the original server. so you have access to all traffic that goes through your proxy server and can log it or edit it, give you re implemented the encryption/ decryption method from the apk if it utilize something like that. if not easy target.

To modify where the client connects to, when the android phone is in your private network you can host your own DNS server, that will allow to create an entry that will redirect to your LAN ip for a proxy server. think 'login.my-game.com -> 192.168.0.10' so that the host name points to your lan pc, which has a proxy server open that then connects to the real game ip.