Latest revision |
Your text |
Line 2: |
Line 2: |
|
| |
|
| Unity uses one of two languages (C# and UnityScript), both of which use Microsoft's .NET framework. The .NET framework is cross-platform since it uses a unified bytecode format: Common Intermediate Language (CIL) which then runs on the portable Common Language Runtime (CLR). Like Java bytecode, CIL is designed for an idealized computer that is emulated by the CLR, so the bytecode is easier to decompile. | | Unity uses one of two languages (C# and UnityScript), both of which use Microsoft's .NET framework. The .NET framework is cross-platform since it uses a unified bytecode format: Common Intermediate Language (CIL) which then runs on the portable Common Language Runtime (CLR). Like Java bytecode, CIL is designed for an idealized computer that is emulated by the CLR, so the bytecode is easier to decompile. |
|
| |
| The C# code is located in {{ic|Media/Managed/Assembly-CSharp.dll}}
| |
| The XML "server" data defining ships and accessories and other strings are in {{ic|Media/StreamingAssets/Xml/tables/master/}}
| |
|
| |
| Some chinese decompilers managed to figure out all the formulas in the game, see japanese translation document: https://twitter.com/KennethWWKK/status/780793591387959297
| |
|
| |
|
| == Move to PC Unity == | | == Move to PC Unity == |
Line 14: |
Line 9: |
| == Decompiling Unity DLLs == | | == Decompiling Unity DLLs == |
|
| |
|
| Use ILSpy or dotPeek to open three files located under {{ic|PCSG00684/Media/Managed/}}, <code>Assembly-CSharp.dll</code>, <code>Assembly-CSharp-firstpass.dll</code>, and <code>Assembly-UnityScript.dll</code>. | | Use ILSpy or dotPeek to open three files, <code>Assembly-CSharp.dll</code>, <code>Assembly-CSharp-firstpass.dll</code>, and <code>Assembly-UnityScript.dll</code>. |
|
| |
|
| * C# | | * C# |
Line 21: |
Line 16: |
| http://stackoverflow.com/a/5188580 | | http://stackoverflow.com/a/5188580 |
|
| |
|
| http://www.alanzucconi.com/2015/09/02/a-practical-tutorial-to-hack-and-protect-unity-games http://archive.is/ATA5L | | http://www.alanzucconi.com/2015/09/02/a-practical-tutorial-to-hack-and-protect-unity-games |
| | |
| This is a starter guide to direct CIL editing:
| |
| | |
| http://resources.infosecinstitute.com/net-reverse-engineering-1cil-programming/#gref
| |
| | |
| ilasm.exe can display as html or rtf? https://msdn.microsoft.com/en-us/library/f7dy01k1(v=vs.80).aspx
| |
| | |
| Basic CIL editing of unity and put back into dll: https://www.unknowncheats.me/forum/general-programming-and-reversing/106107-patching-cil-instructions-ida-hxd.html
| |
| | |
| === JetBrains dotPeek ===
| |
| | |
| You can use [https://www.jetbrains.com/decompiler/ JetBrains dotPeek], a free .NET decompiler, to figure out which IL code corresponds to an interpretation of it into C#. This allows you to read actual C# code so you know what you're dealing with.
| |
| | |
| Note that this is just a viewing method, you still need to get down and dirty with ilasm as stated in the next section. But at least dotPeek will show you exactly which C# code line corresponds with what IL.
| |
| | |
| # drag and drop the assembly-csharp.dll file into the leftmost assembly explorer pane
| |
| # Press the arrow next to the list entry for Assembly-CSharp
| |
| # At the top left menu click Windows->IL Viewer
| |
| # click the arrow next to a namespace you want to see, such as Server_Models
| |
| # Double-click the file you want to see, such as Mst_ships
| |
| # Click a line in the C# code that you want to read in IL, such as the "Name equals なし" code
| |
| | |
| === Change strings within DLLs (the Hard Way) ===
| |
| | |
| An easy test case to prove that we can edit to strings is to do a simple test case:
| |
| | |
| # Use find/replace in Notepad to change all instances of なし to None in [https://github.com/BASLQC/kc-vita-translation/blob/master/en/Xml/tables/master/mst_ship.xml mst_ship.xml].
| |
| # Decompile {{ic|Assembly-CSharp.dll}} using [http://stackoverflow.com/questions/6746387/manually-edit-msil-in-compiled-dll islasm.exe]. Choose '''UTF-8 Mode''' (it actually doesn't matter, just be consistent).
| |
| # In line number 974858 Change {{ic|なし}} to {{ic|None}} in this line:
| |
| #* '''C#''': {{ic|if(this.Name.Equals("なし"))}} (from dotPeek interpretation, {{ic|Server_Models/Mst_ship.cs}})
| |
| #* '''IL''': {{ic|IL_0084: ldstr bytearray (6A 30 57 30 )}} (little endian Unicode byte)
| |
| #* '''IL''' (modified) {{ic|IL_0084: ldstr "None"}}
| |
| # Recompile it in using [http://stackoverflow.com/questions/6746387/manually-edit-msil-in-compiled-dll islasm.exe].
| |
| #* Ensure that there are no compilation errors before proceeding.
| |
| # After that, copy to {{ic|Media/Managed/Assembly-CSharp.dll}} and {{ic|Media/StreamingAssets/Xml/tables/master/mst_ship.xml}} in the Kancolle game folder in your vita.
| |
| # Then just run the game again to see if it crashes on the title screen.
| |
| #* If there are no crashes, your mod works!
| |
| #* If there are crashes, you may have forgotten to change all instances of なし to None in mst_ship.xml. See step 1.
| |
| | |
| The relevant code line: https://github.com/limyz/KCKaiVita/blob/master/Assembly-CSharp/dotPeek/Server_Models/Mst_ship.cs#L941
| |
| | |
| If the modified Assembly-CSharp.dll works, this proves that DLLs can have their CIL code strings modified.
| |
| | |
| === Change strings within DLLs (the graphical way) ===
| |
| {{#evu:https://www.youtube.com/watch?v=fAHvevOFdbo|alignment=right}}
| |
| | |
| .NET Reflector with [http://reflexil.net/ Reflexil] can be used to directly edit the CIL bytecode and recompile it back in. This allows us to visually see Unicode strings and see code separated by classes as they would have originally been in C#.
| |
| | |
| http://resources.infosecinstitute.com/damn-vulnerable-thick-client-app-part-10/
| |
|
| |
|
| == Decompiling Unity Assets == | | == Decompiling Unity Assets == |