Add new opcodes ( OP_RUN, OP_GETDOWNVAL, OP_OLDTABLE, and OP_XXOR) to break decompilation and. Fake the version: try to make believe Lua 5.1 while it’s Lua 5.3. Some parts of the cheat are written in Lua whose VM has been modified to: It adds another layer to reverse, as we need to understand the VM architecture before being able to understand the original semantic of the code.īut what about using an interpreted language (like Python) and obfuscate its VM or its interpreter with O-LLVM? Some obfuscation techniques are based on transforming the original code through a VM (like VMProtect). Nevertheless, the obfuscation is relatively weak against emulation and static analysis 1. On the other hand, PGSharp uses different layers of obfuscation to prevent its analysis.įirst of all, it uses O-LLVM to obfuscate the native code that includes, at least, control-flow flattening and Gotta Catch ‘Em All: Frida & jailbreak detection),Īnd since only this part of the game is heavily obfuscated, it gives a hint about where the critical functionalities are. The Unity part is “compiled” into libil2cpp.so but we can recover some metadata with Perfare/Il2CppDumper.Īll the obfuscation is focused on libNianticLabsPlugin.so (c.f. Game is absolutely not protected, such as we have the original class and method names. 
It is worth mentioning that only a subset of the game is obfuscated.
PokemonGO is a target of choice for reverse engineers and some critical functionalities are protected by a commercial solution.
0 kommentar(er)
