Reputation: 313
How to reverse engineer an .exe that uses a .resource file to store an assembly?
Context
I work as a game developer at a studio that develops an MMO. We built an authoritative server but still run into issues with exploits and automation. I downloaded the main bot used to hack our game in an effort to determine how it exploits our server so we can patch accordingly.
Question
I decompiled the .exe using dotPeek to get the source files but ran into an issue: I only got the source files for the launcher. The launcher injects the core assembly into our application at runtime. It does so by storing the assembly as hex data in a .resource file. Any idea of how I can get the source code from this .resource file?
Solution
Thanks for everyone's help. I got the source files by extracting the binary data from the .resource file and writing it to a .dll file and then decompiling it using dotPeek. See my solution for more details.
Upvotes: 1
Views: 4846
Answers (3)
Reputation: 313
Thanks everyone for the help - a combination of using a decompiler and reading the binary assembly data at runtime and writing it to a .dll file helped me get the source code:
I used dotPeek to decompile the launcher. In assembly explorer, I then right clicked the assembly and selected Export to Project... I then opened the project in Visual Studio and inserted a line that used File.WriteAllBytes to write the the byte[] (already available via their application, but this just got the binary data from the .resource file using ResourceManager.GetObject) to a .dll file. I then opened that .dll file in dotPeek and wala - source code visible.
Upvotes: 1
Reputation: 764
I recommend designing around the problem, a kind of soft-captcha enforced by the server. The truth of your problem is: .Net is open to extension. Rather than engage in a 'cat and mouse arms race' around the client exe, think about how you detect non-human activity, or how to randomly demand human-only activity.
If your game is worth the attention, they will overcome you. They are many :)
Upvotes: 0
Reputation: 59
Shouldn't you be able to use GetManifestResourceStream to get the embedded data?
Upvotes: 2
Related Questions
- How do I decompile a .NET EXE into readable C# source code?
- How to decompile an exe or a dll to assembly
- Is it possible to "decompile" a Windows .exe? Or at least view the Assembly?
- Editing a C# resource file of a compiled assembly
- View content of a .resource file
- How can I extract images from the .resources file created by a decompile of a .NET assembly?
- how to decompile an .exe file which is not a .net module
- How to retrieve a binary file from .NET assembly?
- Decompile C# Exe with partial source code available
- retrieving resource from dotnet assembly