Greetings sirs and madams. I wasn't sure where to post this and the newbie forum seemed the most appropriate

So, my question is related to the Android platform, but I'm sure it'd be almost the same as for linux (and I'm sure there're plenty of linux gurus here ). My question is this: Is it possible to decompile the .so files of a program (when NOT having access to the original source code) and then modify them to change the way a program works?

In specific terms, there's a game that I've installed on my Android. It is impervious to attempts by GameCIH, GameGuardian (memory-modification based cheating app ) to change the values it stores in the temporary memory. If this were some other game, I'd simply access it's savegame and modify the values I wanted. But see, this game encrypts its savegames as well. So, I set out on a quest to find out if I could somehow modify its mscorlib.dll file (which I believe contains the command to make the game encrypt the save file[other games that encrypt their saves have an .so file. BTW what is the difference b/w an .so and a .dll file?]) to make it create a savegame file WITHOUT encryption.

In the end, let me say that I HAVE searched THOROUGHLY but haven't come across much relevant material. Secondly, I do NOT wish to simply cheat this game, I want to know that there's ALWAYS another way. I tried myself, but being inexperienced with programming, I turn to you guys. I ran REC on another game's lib.so file, but that returned gibberish.

So... I guess I'll wait for someone to come along, see this, and (hopefully) help me out.

You want a copy of IDA Pro. It will handle Android .so files. Btw shared libraries are native code. You cannot reliably decompile native code, but you can disassemble it (with IDA Pro).

Thank you for the reply rendari! But HOTDAMN that software is expensive! 550 bucks! Damn... Well, because you didn't say anything to contradict me, I assume what I'm trying to do is possible?

Indeed, there is an entire community that specializes in what you are trying to do. You may find one of their main webpages here:
http://www.gamedeception.net/

Enjoy

And a little searching may actually produce a version of the software (IDA PRO) which would work sufficiently for your project, even if it is not the latest version. That's why we suggest people should learn how to SEARCH for what they want!!!

Regards,

Thanks a LOT for the link rendari. Your help is MUCH appreciated I'm surprised google didn't lead me to those boards even though I searched for over a week before coming here. Sleepless nights, here I come :P

Thank you for the tips JMI Already procured a version and decompiled an .so and now scratching my head over it Your assistance is much appreciated

Flood, I don't know if you need this advice or not, but I'll offer it anyway. The way that I would attack that, is to search the .so for references to the savegame name. That SHOULD lead you to where it's opened, which would give you the file handle, you can then trace where that handle is used, and find where the file is written, etc. From looking at the file writing code (probably a call to "write" of "fwrite", you can see if the data is encrypted somewhere else, and just flushed out with the writes, or if the write routine does the encryption, and THEN the write.

Once you know this, you can probably figure out the encryption routine, and just write yourself a decrypt/encrypt util so that you no longer care about REMOVING the encryption, you just open the file, edit it, and save it back.


To answer a question you asked earlier. A .so is the Linux version of a .dll same basic idea.