Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Eldevin Reverse Engineering Progress
#1
I've just started messing with Eldevin, I just finished writing a quick script to grab all of the decrypted strings from gbloader.jar.

GBLoader.jar Decrypted Strings:
Code:
b.r>z[0]:Unable to write libraries.
b.r>z[1]:Library Path: 
b.r>z[2]:file
b.r>z[3]:Unable to retrieve checksums.
b.r>z[4]:Attempting to update misc. libraries.
b.r>z[5]:gbloader.jar
b.r>z[6]:Updated misc library: 
b.r>z[7]:Invalid misc libary checksum: 
b.r>z[8]:client.eld
b.r>z[9]:Unable to retrieve misc library: 
b.r>z[10]:Unable to create directories: 
b.r>z[11]:lib
b.r>z[12]:lib//checksums.txt
b.r>z[13]:Updated library: 
b.r>z[14]:Invalid libary checksum: 
b.r>z[15]:Unable to retrieve library: 
b.r>z[16]:lib//
gbloader.g>z[0]:gbloader.jar
gbloader.g>z[1]:eldevindiag.jar
gbloader.g>z[2]:\\
gbloader.f>z[0]:Key cannot be null!
gbloader.f>z[1]:gbloader.jar
gbloader.f>z[2]:Unable to locate cache.
gbloader.b>z[0]:Content-Length
gbloader.b>z[1]:User-Agent
gbloader.b>z[2]:application/x-www-form-urlencoded
gbloader.b>z[3]:Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)
gbloader.b>z[4]:POST
gbloader.b>z[5]:Content-Type
gbloader.b>z[6]:bytes=
gbloader.b>z[7]:Accept-Ranges
gbloader.b>z[8]:Resume range request failed
gbloader.b>z[9]:Range
gbloader.b>z[10]:If-Range
gbloader.b>z[11]:bytes
gbloader.b>z[12]:Last-Modified
gbloader.f>z[0]:Key cannot be null!
gbloader.f>z[1]:gbloader.jar
gbloader.f>z[2]:Unable to locate cache.
b.o>z[0]:file
b.o>z[1]:lib
b.o>z[2]:native
b.o>z[3]:.class
b.o>z[4]:747DA8F0024ABFE26AA49B6C3285CC47
b.o>z[5]:AES
b.o>z[6]:CB13370FDC5197B54FA4D269D5A80ACD
b.o>z[7]:AES/CBC/PKCS5Padding
b.m>z[0]: Path: 
b.m>z[1]:Failed to save to local cache: 
b.m>z[2]:java.io.tmpdir
b.m>z[3]:Failed to load from cache.
b.m>z[4]:Net Cache: 
b.m>z[5]:client.eld
b.m>z[6]:Checksum failure!
b.m>z[7]:Updated Temporary Directory
b.m>z[8]:Local Cache: 
b.n>z[0]:checksum.eld
b.n>z[1]:Checksum loaded successfully
b.n>z[2]:client.eld
gbloader.GBAppLoader>z[0]:refcode
gbloader.GBAppLoader>z[1]:UTF-8
gbloader.GBAppLoader>z[2]:gbloader.jar
gbloader.GBAppLoader>z[3]:true
gbloader.GBAppLoader>z[4]:java.net.preferIPv4Stack
gbloader.GBAppLoader>z[5]:software
gbloader.GBAppLoader>z[6]:sun.java2d.noddraw
gbloader.GBAppLoader>z[7]:Failed to load
gbloader.GBAppLoader>z[8]:Unable to launch the Eldevin Application.
Submit a ticket at: https://www.huntedcow.com/support
gbloader.GBAppLoader>z[9]:gbclient.GBApp
gbloader.GBAppLoader>z[10]:/gbloader/resources/Eldevin_48x48.png
gbloader.GBAppLoader>z[11]:Updating Eldevin...
gbloader.GBAppLoader>z[12]:Cancel
gbloader.GBAppLoader>z[13]:noredirect
gbloader.GBAppLoader>z[14]:Eldevin
gbloader.GBAppLoader>z[15]:log.txt
gbloader.GBAppLoader>z[16]:/gbloader/resources/Eldevin_16x16.png
gbloader.GBAppLoader>z[17]:Tahoma
gbloader.GBAppLoader>z[18]:debug
gbloader.GBAppLoader>z[19]:Initializing...
gbloader.GBAppLoader>z[20]:/gbloader/resources/Eldevin_32x32.png
gbloader.GBAppLoader>z[21]:noupdate
gbloader.GBAppLoader>z[22]:newt
gbloader.GBAppletLoader>z[0]:fileserver
gbloader.GBAppletLoader>z[1]:cowpat
gbloader.GBAppletLoader>z[2]:Unable to launch the Eldevin Application.
Submit a ticket at: https://www.huntedcow.com/support
gbloader.GBAppletLoader>z[3]:gbclient.GBAppletAdapter
gbloader.GBAppletLoader>z[4]:start
gbloader.GBAppletLoader>z[5]:Failed to load
gbloader.GBAppletLoader>z[6]:stop
gbloader.GBAppletLoader>z[7]:destroy
gbloader.GBAppletLoader>z[8]:gfx
gbloader.GBAppletLoader>z[9]:software
gbloader.GBAppletLoader>z[10]:javaplugin.vm.options
gbloader.GBAppletLoader>z[11]:appletFailed();
gbloader.GBAppletLoader>z[12]:appletLoaded();
gbloader.GBAppletLoader>z[13]:Can't invoke javascript

I'll continue to dig into this and see what I can find. But from what I can tell from this the class b.o seems to handle de/encryption, the class b.m seems to be the cache downloader and gbloader.b looks like an http connection class.


If you're interested in reversing the loader, I suggest you start with those classes.
For reference I've uploaded the gbloader.jar I'm using - https://mega.co.nz/#!q49lHZDR!DRoBKfTwYQ...e1chmjWzxc
Reply
#2
I will start working on this as well, Thanks for the information and the String decryption method!
Reply
#3
i would start working on this but kinda busy with cfide and minenet + doing some freelancing and might be helping out with a new bot for minecraft
Reply
#4
(12-22-2014, 10:35 AM)Bibl Wrote:  i would start working on this but kinda busy with cfide and minenet + doing some freelancing and might be helping out with a new bot for minecraft

bots for minecraft get old.. so many out there Smile. This bot has potential
Reply
#5
(12-22-2014, 11:09 AM)Cafebabe Wrote:  
(12-22-2014, 10:35 AM)Bibl Wrote:  i would start working on this but kinda busy with cfide and minenet + doing some freelancing and might be helping out with a new bot for minecraft

bots for minecraft get old.. so many out there Smile. This bot has potential

theres only 1 public minecraft bot?
Reply
#6
Quote:public

Smile
Reply
#7
(12-22-2014, 11:52 AM)Cafebabe Wrote:  
Quote:public

Smile

pix then?
Reply
 


Forum Jump:


Users browsing this thread: 2 Guest(s)

About The Bytecode Club

We're a community focused on Reverse Engineering, we try to target Java/Android but we also include other langauges/platforms. We pride ourselves in supporting and free and open sourced applications.

Website