Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 13:34

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 10 posts ] 
Author Message
 Post subject: pokerstars_inidec.bms
PostPosted: 10 Mar 2010 08:06 

Joined: 10 Mar 2010 07:58
Posts: 6
Hi,

this tool works perfectly - thank you

is there any way to encrypt the ini file back to its original format once i've completed my edits?

i'd be willing to make a donation in exchange for a solution

thanks


Top
 Profile  
 
 
 Post subject: Re: pokerstars_inidec.bms
PostPosted: 10 Mar 2010 12:29 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
sure, it's a manual way but it's very simple:

- first compress the file with gzip:
gzip -n file.decrypted

- xor the obtained gz file using the following script (exactly like the original one less some parts):
Code:
get NAME filename
string NAME += ".ini"
get SIZE asize
filexor "0x63 0x27 0x26 0x26 0x4F 0x35 0x1D 0x07 0x19 0x45 0x59 0x21 0x37 0x3F 0x00 0x1B 0x1B 0x1A 0x11 0x1B 0x03 0x04 0x4C 0x65 0x37 0x00 0x1D 0x1D 0x48 0x20 0x0B 0x3D 0x45 0x7B 0x55 0x36 0x16 0x00 0x19 0x00 0x59 0x06 0x1C 0x02 0x20"
log NAME 0 SIZE


Top
 Profile  
 
 Post subject: Re: pokerstars_inidec.bms
PostPosted: 10 Mar 2010 15:39 

Joined: 10 Mar 2010 07:58
Posts: 6
thanks!

do you have paypal for site donations?


Top
 Profile  
 
 Post subject: Re: pokerstars_inidec.bms
PostPosted: 10 Mar 2010 16:26 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
eh no, I don't accept donations.
for me it's enough that everything works well


Top
 Profile  
 
 Post subject: Re: pokerstars_inidec.bms
PostPosted: 11 Mar 2010 01:00 

Joined: 10 Mar 2010 07:58
Posts: 6
well, thank you very much then
everything seems to be working smoothly


Top
 Profile  
 
 Post subject: Re: pokerstars_inidec.bms
PostPosted: 13 Apr 2011 06:09 

Joined: 10 Mar 2010 07:58
Posts: 6
for one year i have enjoyed using this method to decrypt-edit-encrypt the gx.ini files for pokerstars, allowing me to reposition table graphics, increase font sizes, colors etc. making my online poker tables much more attractive

pokerstars has just added a speed bump

the ini files now contain a 344 character checksum at the beginning of the text. any attempt to edit the ini file results in a failure.

do you have any idea how a person might go about generating this checksum string to add to an edited ini file?

any insight you can provide would be greatly appreciated.

here is a link to a zip file containing 2 examples of a pokerstars gx.ini file - one encrypted, the other decrypted

http://tiltbuster.com/temp/gx.ini.samples.zip


Top
 Profile  
 
 Post subject: Re: pokerstars_inidec.bms
PostPosted: 14 Apr 2011 09:20 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
interesting so they have added a 256 byte signature.
at the moment I don't think I will check it but in any case if it's a signature encrypted with a private key there is not much you can do except:
- cracking the private key (mission impossible)
- fixing the executable so that it will not check the signature


Top
 Profile  
 
 Post subject: Re: pokerstars_inidec.bms
PostPosted: 14 Apr 2011 16:59 

Joined: 10 Mar 2010 07:58
Posts: 6
are there any topics in the forum that discuss how to go about
Quote:
- fixing the executable so that it will not check the signature
??

Also, I know that some people have edited this file in order to affect the layouts

i18n.msg_cli.txt

http://tiltbuster.com/temp/i18n.msg_cli.txt

I tried decrypting this file using the QuickBMS tool with pokerstars_inidec.bms, but It returns an error message

"the returned output size is negative (-1)"

can I modify the BMS script to decrypt this file?

Thanks for your help


Top
 Profile  
 
 Post subject: Re: pokerstars_inidec.bms
PostPosted: 14 Apr 2011 17:20 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
fixing the executable means forcing it to "think" that the signature is correct in any case.

the file you provided is not encrypted like the others.
use the following script for quickbms to decrypt it:
Code:
get NAME filename
string NAME += ".decrypted"
get SIZE asize
filexor 0x55
log NAME 0 SIZE


Top
 Profile  
 
 Post subject: Re: pokerstars_inidec.bms
PostPosted: 15 Apr 2011 04:30 

Joined: 10 Mar 2010 07:58
Posts: 6
thank you for your assistance and patience


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 10 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: