ROM Hack WIP SplatHeX A Splatoon Save Editor

[Darth Meteos]

i went to sleep when the argument against a GEAR EDITOR was "it'll make people have infinite specials"
i wake up and it's somehow degenerated still further into this

Man, I love this website, but wow what the fuck

 

[Joom]

@SimonMKWii take notes tbh. this guy's approach is much better than "here's a png of a rat embedded in the program(?) and an image of some java i found in a hex editor once". dunno if you're trying to say that's in the program itself, but i certainly haven't found any sort of java from the ram dump i did. environment variables with my java path, yes. harmless javascript, sure. anything like what you posted, nah.

do your research before trying to start a witch hunt for attention or whatever.

also the method you used to we can reproduce what you're saying would be helpful.

With all due respect, a RAM dump won't produce anything useful if the payload isn't in RAM. .NET has timers, which noobs tend to use to bypass runtime detections. More "sophisticated" payloads wait for an x amount of idle time before executing. You see this a lot with malicious crypto miners so that they can make full use of the hijacked resources, but yeah.

 

[ZoNtendo]

With all due respect, a RAM dump won't produce anything useful if the payload isn't in RAM. .NET has timers, which noobs tend to use to bypass runtime detections. More "sophisticated" payloads wait for an x amount of idle time before executing. You see this a lot with malicious crypto miners so that they can make full use of the hijacked resources, but yeah.

Yes but he said he got his info from the RAM

It's literally one of the first things you see in the program's RAM objects.
It's clear you didn't even attempt to debug it, you'll see it nearly instantly.

Which make no sense now

 

[Minox]

Yes but he said he got his info from the RAM

Which make no sense now

Nothing he has said so far has been reproduced by anyone else, until he provides detailed steps for other people to follow to confirm his findings I'd say it's fair to say the accusation appears to be unfounded.

 

[Miqote]

@SimonMKWii You probably have a RAT on your computer from something else that injects itself into all running processes. This explains why you "found" this icon in the process and no one else has.

 

[SimonMKWii]

@SimonMKWii You probably have a RAT on your computer from something else that injects itself into all running processes. This explains why you "found" this icon in the process and no one else has.

Well this is awkward...
You were right, but at least I realised my PC was infected
The program is safe.
I take full responsibility for this.
Sorry to the program authors and to the users who were misled.

 

[thomasnet]

But you said you've seen a jRAT icon IN SplatHeX.
So, it wasn't in there? You've seen it somewhere else?
You've opened the wrong program with x64dbg?
Also, what about the open port?

 

[Jayro]

Anyone getting this error when trying to open the latest version?

Spoiler

View attachment 123738

Looks like you're trying to run it from inside the zip file. Extract it to the desktop and it runs fine.

 

[hudhair]

Looks like you're trying to run it from inside the zip file. Extract it to the desktop and it runs fine.

No, it was already unzipped. It was an issue with the release itself, but they fixed it.

 

[Jayro]

Oh, okay. Because I just tried it, and mine works fine.

 

[Minox]

Well this is awkward...
You were right, but at least I realised my PC was infected
The program is safe.
I take full responsibility for this.
Sorry to the program authors and to the users who were misled.

Could you please edit your previous posts in this topic pointing out this mistake of yours? Currently one would have to read until this page to figure out that it was a false alarm.

 

[JordantheBuizel]

Is this/will this be open sourced? I'm curious how the saves are setup and it seems to be written in a .Net Framework language (hopefully C#) but the binary is obfuscated which is kinda odd to me and searching both Lenny's Github and just the app on GitHub yielded no results.

 

[TheHomesk1llet]

Is this/will this be open sourced? I'm curious how the saves are setup and it seems to be written in a .Net Framework language (hopefully C#) but the binary is obfuscated which is kinda odd to me and searching both Lenny's Github and just the app on GitHub yielded no results.

considering the save is encrypted, the binary probably has the decryption method and key baked into it, and the developers probably don't want people to edit their rank/mmr. i'd say most likely not, but i can't speak for them.

 

[JordantheBuizel]

considering the save is encrypted, the binary probably has the decryption method and key baked into it, and the developers probably don't want people to edit their rank/mmr. i'd say most likely not, but i can't speak for them.

EDIT: oh edit it I see, hmm C# it could probably be pretty trivial to figure out how to edit that since it already displays it. Anyways I don't even want that I just want to see how the save file is setup. I like reverse engineering ROMs and save games. Its really cool to see everything just match up properly when you figure it out.

 

[Proto-Propski]

View attachment 124322

EDIT: oh edit it I see, hmm C# it could probably be pretty trivial to figure out how to edit that since it already displays it. Anyways I don't even want that I just want to see how the save file is setup. I like reverse engineering ROMs and save games. Its really cool to see everything just match up properly when you figure it out.

Would be nice I agree, but frankly it's a Pandora's Box though, and if we open it, I can almost assure you people will find ways to edit their weapon stats, or armor stats to achieve otherwise un-optainable results that provide an impossible advantage in online play.

sure they'll get banned eventually, but it'll still ruin the experience of the game, as you'd not be able to challenge them on equal grounds, no matter your own legit skill, and gear.

 

[TheHomesk1llet]

Would be nice I agree, but frankly it's a Pandora's Box though, and if we open it, I can almost assure you people will find ways to edit their weapon stats, or armor stats to achieve otherwise un-optainable results that provide an impossible advantage in online play.

sure they'll get banned eventually, but it'll still ruin the experience of the game, as you'd not be able to challenge them on equal grounds, no matter your own legit skill, and gear.

that's not how gear editing works.

 

[Proto-Propski]

that's not how gear editing works.

Depends from game to game, and how they choose to structure their saves, I wouldn't know exactly with Splatoon 2 as it's encrypted, and I haven't seen it's raw data.

 

[TheHomesk1llet]

Depends from game to game, and how they organize their saves I don't know what a raw Splatoon 2 save looks like to know if they have nitty gritty stuff like that

weapon parameters are in the rom itself. the save only handles gear, weapon stats (turf inked, freshness level), single player stats, flags, etc. typical save stuff. there's no way to give yourself an unfair advantage in splatoon 2, or most multiplayer games, for that matter, by editing your save.

 

[Proto-Propski]

weapon parameters are in the rom itself. the save only handles gear, weapon stats (turf inked, freshness level), single player stats, flags, etc. typical save stuff. there's no way to give yourself an unfair advantage in splatoon 2, or most multiplayer games, for that matter, by editing your save.

Fair enough, thanks for letting me know... I still don't feel entirely ok with anyone having access to it, especially considering IDK how they'll choose to use it, and to what extent they can abuse it, besides SplatHeX has everything a normal user would/could accomplish given enough time which is the only advantage it gives you (time), and besides I like Playing Splatoon 2 enough online that I'd prefer to not have the game ruined any further even if it's more so hopeful thinking to assume it won't get cracked open sooner, or latter given the fact we do already see Octoling Hackers which means something is going on in the background whether with saves, or something else

 

[BatteryDank]

I'm getting a "Not a valid savegame file" error ://