Stare zabezpieczenie plechito, robione przez "fanów" zeby jego sety tak łatwo nie wyciekały. Wrzucam w ramach bardziej ciekawostki, ale zrobicie z tym co chcecie.
The Plechito Packages file format (.plch) has been exclusively designed for Plechito by anonymous donators
to help him keep his files secure, and make it harder to extract, while keeping the implementation overhead
minimal.
Some information about the .plch file format:
- The format is "sealed", so after a package has been created it cannot be altered in any way. Changing the
name of the package will also render the package unusable.
- The data inside the packages are encrypted with asymmetric keys, using one master key for encryption and
a different client key for decryption. The master key is in the possession of the creator of the .plch
packages, and not exposed in any way to the customers.
- Every customer has a different client key, making it impossible to use packages from other customers.
The specific client keys (public an private) are stored in client_src/client.keys.
- The filenames inside the packages are not stored directly (except for properties package), instead a
hash is used to identify different files, making it impossible to extract files without knowing their
names.
- Obviously it is possible for the customer to unpack the .plch archives using the exposed functions,
otherwise the client wouldn't be able to use the files anyway, but such tool is not provided by default.
- The point of the new format is to provide a different "unknown" structure, so with only having access
for the package files its not possible anymore to extract these archives. Obviously with having access
to the dll and the client keys its possible to easily create programs for extraction. Also with some
knowledge it is possible to find the extraction keys by reversing the clinet binary, but it is still
way more complex just simply using the unsafe basic leaked eter pack functions and formats (eix/epk).
That way we hope that the file leaks from this loophole will be reduced to the minimum.
- The dll has some protection as well against reverse engineering, therefore some antiviruses might
detect it as false positive. The dll only open files requested by your code, verifies them, and does
various operations (decryption/decompression/parsing) on the data inside those files. No other kind of
operations are executed from the dll.
The default implementation has been made for the basic "leaked" files, therefore its possible that it has
been already modified by you or your associates. In this case here is a brief description about the
functions exposed by the dll (can be found in the plechito.h):
- bool RegisterPack(const char* fileName):
Registers a .plch archive, have to be called once on startup for each .plch file you have. The
filename argument must contain either the full path to the file, or a relative path. So for example
if you have the .plch file in the pack folder it should be pack/filename.plch.
The function returns true if the package has been found and passed the integrity check.
- bool IsGlobalExists(const char* fileName):
Checks if a file can be found in any of the registered .plch packages. The fileName argument must be
the name of the file, it will be auto converted to lowercase and \\ will be replaced to / automatically.
- bool GetGlobal(const char* fileName, std::vector<uint8_t>& data, const uint8_t* clientPrivate);
It will try to load the content of the file of fileName into a vector data declared outside of the library,
using the clientPrivate private key. The clientPrivate key can be found in the second line of
client_src/client.keys. It expects a 32 element uint8_t array.
The function will return true if the decryption and the decompression was successful, data containing
the original data of the file and its size matching the original size of the file before packing.
- uint32_t GetFileNamesFromSpecific(const char* fileName, std::vector<uint8_t>& data):
Returns the number of files inside fileName package, the filenames stored inside the data vector,
each filename separated by null byte.
Stare zabezpieczenie plechito, robione przez "fanów" zeby jego sety tak łatwo nie wyciekały.
Wrzucam w ramach bardziej ciekawostki, ale zrobicie z tym co chcecie.
Src_Plechito_Zabezpieczenie.zip