ROM Hack WIP SplatHeX A Splatoon Save Editor

Status
Not open for further replies.
Joom

Joom

 ❤❤❤
Member
Level 16
Joined
Jan 8, 2016
Messages
6,067
Trophies
1
Location
US
Website
mogbox.net
XP
6,077
Country
United States
TheHomesk1llet said:
@SimonMKWii take notes tbh. this guy's approach is much better than "here's a png of a rat embedded in the program(?) and an image of some java i found in a hex editor once". dunno if you're trying to say that's in the program itself, but i certainly haven't found any sort of java from the ram dump i did. environment variables with my java path, yes. harmless javascript, sure. anything like what you posted, nah.

do your research before trying to start a witch hunt for attention or whatever.

also the method you used to we can reproduce what you're saying would be helpful.
Click to expand...
With all due respect, a RAM dump won't produce anything useful if the payload isn't in RAM. .NET has timers, which noobs tend to use to bypass runtime detections. More "sophisticated" payloads wait for an x amount of idle time before executing. You see this a lot with malicious crypto miners so that they can make full use of the hijacked resources, but yeah.
 
Last edited by Joom,
ZoNtendo

ZoNtendo

Well-Known Member
Member
Level 5
Joined
May 25, 2015
Messages
585
Trophies
0
Age
28
XP
709
Country
Joom said:
With all due respect, a RAM dump won't produce anything useful if the payload isn't in RAM. .NET has timers, which noobs tend to use to bypass runtime detections. More "sophisticated" payloads wait for an x amount of idle time before executing. You see this a lot with malicious crypto miners so that they can make full use of the hijacked resources, but yeah.
Click to expand...
Yes but he said he got his info from the RAM

SimonMKWii said:
It's literally one of the first things you see in the program's RAM objects.
It's clear you didn't even attempt to debug it, you'll see it nearly instantly.
Click to expand...


Which make no sense now
 
Minox

Minox

Thanks for the fish
Former Staff
Level 16
Joined
Aug 27, 2007
Messages
6,995
Trophies
2
XP
6,156
Country
Japan
ZoNtendo said:
Yes but he said he got his info from the RAM

Which make no sense now
Click to expand...
Nothing he has said so far has been reproduced by anyone else, until he provides detailed steps for other people to follow to confirm his findings I'd say it's fair to say the accusation appears to be unfounded.
 
Miqote

Miqote

Well-Known Member
Member
Level 6
Joined
May 2, 2018
Messages
259
Trophies
0
XP
822
Country
Macedonia, The Former Yugoslav Republic of
@SimonMKWii You probably have a RAT on your computer from something else that injects itself into all running processes. This explains why you "found" this icon in the process and no one else has.
 
SimonMKWii

SimonMKWii

Professional Idiot
Member
Level 11
Joined
Nov 18, 2017
Messages
666
Trophies
0
Location
Melbourne, Victoria
XP
2,760
Country
Australia
Miqote said:
@SimonMKWii You probably have a RAT on your computer from something else that injects itself into all running processes. This explains why you "found" this icon in the process and no one else has.
Click to expand...
Well this is awkward...
You were right, but at least I realised my PC was infected :blush:
The program is safe.
I take full responsibility for this.
Sorry to the program authors and to the users who were misled.
 
  • Like
Reactions: tastymeatball
thomasnet

thomasnet

Well-Known Member
Member
Level 5
Joined
Mar 6, 2016
Messages
175
Trophies
0
XP
579
Country
France
But you said you've seen a jRAT icon IN SplatHeX.
So, it wasn't in there? You've seen it somewhere else?
You've opened the wrong program with x64dbg?
Also, what about the open port?
 
Minox

Minox

Thanks for the fish
Former Staff
Level 16
Joined
Aug 27, 2007
Messages
6,995
Trophies
2
XP
6,156
Country
Japan
SimonMKWii said:
Well this is awkward...
You were right, but at least I realised my PC was infected :blush:
The program is safe.
I take full responsibility for this.
Sorry to the program authors and to the users who were misled.
Click to expand...
Could you please edit your previous posts in this topic pointing out this mistake of yours? Currently one would have to read until this page to figure out that it was a false alarm.
 
  • Like
Reactions: Darth Meteos
JordantheBuizel

JordantheBuizel

Well-Known Member
Newcomer
Level 3
Joined
Jul 14, 2016
Messages
54
Trophies
0
Age
28
Location
Limbo
XP
283
Country
United States
Is this/will this be open sourced? I'm curious how the saves are setup and it seems to be written in a .Net Framework language (hopefully C#) but the binary is obfuscated which is kinda odd to me and searching both Lenny's Github and just the app on GitHub yielded no results.
 
TheHomesk1llet

TheHomesk1llet

Also known as "Kupo"
Member
Level 4
Joined
Apr 29, 2013
Messages
210
Trophies
0
Location
Cyberspace
XP
439
Country
United States
JordantheBuizel said:
Is this/will this be open sourced? I'm curious how the saves are setup and it seems to be written in a .Net Framework language (hopefully C#) but the binary is obfuscated which is kinda odd to me and searching both Lenny's Github and just the app on GitHub yielded no results.
Click to expand...
considering the save is encrypted, the binary probably has the decryption method and key baked into it, and the developers probably don't want people to edit their rank/mmr. i'd say most likely not, but i can't speak for them.
 
JordantheBuizel

JordantheBuizel

Well-Known Member
Newcomer
Level 3
Joined
Jul 14, 2016
Messages
54
Trophies
0
Age
28
Location
Limbo
XP
283
Country
United States
TheHomesk1llet said:
considering the save is encrypted, the binary probably has the decryption method and key baked into it, and the developers probably don't want people to edit their rank/mmr. i'd say most likely not, but i can't speak for them.
Click to expand...

upload_2018-5-21_14-55-33.png


EDIT: oh edit it I see, hmm C# it could probably be pretty trivial to figure out how to edit that since it already displays it. Anyways I don't even want that I just want to see how the save file is setup. I like reverse engineering ROMs and save games. Its really cool to see everything just match up properly when you figure it out.
 
Last edited by JordantheBuizel,
Proto-Propski

Proto-Propski

Legally Weird!
Member
Level 6
Joined
Apr 29, 2018
Messages
266
Trophies
0
Age
25
Location
Boulevard of Broken Meme's
XP
768
Country
United Kingdom
JordantheBuizel said:
View attachment 124322

EDIT: oh edit it I see, hmm C# it could probably be pretty trivial to figure out how to edit that since it already displays it. Anyways I don't even want that I just want to see how the save file is setup. I like reverse engineering ROMs and save games. Its really cool to see everything just match up properly when you figure it out.
Click to expand...

Would be nice I agree, but frankly it's a Pandora's Box though, and if we open it, I can almost assure you people will find ways to edit their weapon stats, or armor stats to achieve otherwise un-optainable results that provide an impossible advantage in online play.

sure they'll get banned eventually, but it'll still ruin the experience of the game, as you'd not be able to challenge them on equal grounds, no matter your own legit skill, and gear.
 
Last edited by Proto-Propski,
TheHomesk1llet

TheHomesk1llet

Also known as "Kupo"
Member
Level 4
Joined
Apr 29, 2013
Messages
210
Trophies
0
Location
Cyberspace
XP
439
Country
United States
Proto-Propski said:
Would be nice I agree, but frankly it's a Pandora's Box though, and if we open it, I can almost assure you people will find ways to edit their weapon stats, or armor stats to achieve otherwise un-optainable results that provide an impossible advantage in online play.

sure they'll get banned eventually, but it'll still ruin the experience of the game, as you'd not be able to challenge them on equal grounds, no matter your own legit skill, and gear.
Click to expand...
that's not how gear editing works.
 
  • Like
Reactions: DairyOrange and ownedlol
TheHomesk1llet

TheHomesk1llet

Also known as "Kupo"
Member
Level 4
Joined
Apr 29, 2013
Messages
210
Trophies
0
Location
Cyberspace
XP
439
Country
United States
Proto-Propski said:
Depends from game to game, and how they organize their saves I don't know what a raw Splatoon 2 save looks like to know if they have nitty gritty stuff like that
Click to expand...
weapon parameters are in the rom itself. the save only handles gear, weapon stats (turf inked, freshness level), single player stats, flags, etc. typical save stuff. there's no way to give yourself an unfair advantage in splatoon 2, or most multiplayer games, for that matter, by editing your save.
 
  • Like
Reactions: thomasnet
Proto-Propski

Proto-Propski

Legally Weird!
Member
Level 6
Joined
Apr 29, 2018
Messages
266
Trophies
0
Age
25
Location
Boulevard of Broken Meme's
XP
768
Country
United Kingdom
TheHomesk1llet said:
weapon parameters are in the rom itself. the save only handles gear, weapon stats (turf inked, freshness level), single player stats, flags, etc. typical save stuff. there's no way to give yourself an unfair advantage in splatoon 2, or most multiplayer games, for that matter, by editing your save.
Click to expand...
Fair enough, thanks for letting me know... I still don't feel entirely ok with anyone having access to it, especially considering IDK how they'll choose to use it, and to what extent they can abuse it, besides SplatHeX has everything a normal user would/could accomplish given enough time which is the only advantage it gives you (time), and besides I like Playing Splatoon 2 enough online that I'd prefer to not have the game ruined any further even if it's more so hopeful thinking to assume it won't get cracked open sooner, or latter given the fact we do already see Octoling Hackers which means something is going on in the background whether with saves, or something else
 
Last edited by Proto-Propski,
Status
Not open for further replies.

Site & Scene News

Go to forum More news

Popular threads in this forum

Emulation Homebrew  duckstation for Switch

Can you trade in a banned switch for an unbanned one?

Why is Atmosphere so dominant?

Crosscode Hacking thread

Hacking  Weird findings from that DQ trilogy switch port

Migswitch backups without certificate files

Hacking Misc Tutorial  Eiyuden Chronicle Hundred Heroes save editing

switch change sd card, but android start fail

General chit-chat
Help Users
  • K3Nv2 @ K3Nv2:
    Going with that right now with a dental claim morons put the wrong company name and rejected claims been on hold an hour for the claims department
  • K3Nv2 @ K3Nv2:
    @Sicklyboy, BTW is it better to go usb or bt for these mini Pcs figure you may know since you play with rack systems so much
  • Sicklyboy @ Sicklyboy:
    Counting my blessings that my insurance hasn't caused me really any headache (yet, at least) despite the fact that I've been getting way more appointments and what not recently due
  • Sicklyboy @ Sicklyboy:
    @K3Nv2, what do you mean, what are you trying to do?
  • K3Nv2 @ K3Nv2:
    Just looking at a built in mouse pad keyboard combo
  • K3Nv2 @ K3Nv2:
    I loose the dongle constantly but they may have better connection with usb frequency
  • Sicklyboy @ Sicklyboy:
    Imo Bluetooth is always a option of last resort for me
  • Sicklyboy @ Sicklyboy:
    Except for phones because it tends to be pretty reliable there
  • K3Nv2 @ K3Nv2:
    I got a bad habit of taking out usb transmitter and loosing it because they can't you know print names on the damn things
  • Sicklyboy @ Sicklyboy:
    But any desktop OS, I've never had anything but frustration trying to get Bluetooth devices to work reliably and stable. It might pair and connect once, and then next time I go to use it I have to delete and re-pair it again
  • K3Nv2 @ K3Nv2:
    5.3 has been so good I think 6 is really going to make it stable
  • K3Nv2 @ K3Nv2:
    I remember how shit 3 was
  • Sicklyboy @ Sicklyboy:
    Ptouch labeler aren't terribly expensive, label shit yourself fam. This is the one I own and there are cheaper ones too https://www.amazon.com/Brother-P-Touch-PTH110BP-Portable-included/dp/B09QXYND6S
  • Sicklyboy @ Sicklyboy:
    Solves part of the problem, mixing up which dongle is which. Then you just have to not lose them lol
  • K3Nv2 @ K3Nv2:
    Double D would be proud
     +1
  • Sicklyboy @ Sicklyboy:
    Even my Xbox One controller I have it paired to my desktop over Bluetooth, it USUALLY works but sometimes it refuses to connect and I have to delete and re-pair it. Maddening
  • K3Nv2 @ K3Nv2:
    Gigabytes built in mobo bt/wifi pairs pretty decent
  • Sicklyboy @ Sicklyboy:
    That's what I'm using :(
  • K3Nv2 @ K3Nv2:
    Ran a driver update in device manager?
  • Sicklyboy @ Sicklyboy:
    Not recently but I think it's less a driver issue and more just Windows having a garbage Bluetooth stack
  • K3Nv2 @ K3Nv2:
    Could be I was having issues when I first upgraded it and didn't realiser gigabyte has specific driver revisions which is stupid
  • K3Nv2 @ K3Nv2:
    Which is married to the boards revision
  • Xdqwerty @ Xdqwerty:
    Made my first review
  • RedColoredStars @ RedColoredStars:
    I've gone years without ever removing a logitech usb transmitter. Across several replacements of keyboards and mice. It just stays put.
  • Sicklyboy @ Sicklyboy:
    tldr usb > bluetooth imo
     +1
    Sicklyboy @ Sicklyboy: tldr usb > bluetooth imo +1