Jump to content
View in the app

A better way to browse. Learn more.

Shaiya.gg

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Help with file protection

Hi, I know a lot of developers will ignore this question because this service is being sold but I am just hoping if maybe there will be someone who can share on how to protect the data.saf like it won't be opened with some tools. I also would like to know how to open other server data.saf

Featured Replies

the .saf is nothing more than a blob. the .sah is what they try to protect, because it defines the values you need to read the data from the .saf. if you have the offset and length of the file you want, you can write a program to seek the offset, read the bytes, and write the file.

 

most people still use the file count xor method. the key is in plain sight in raw format when the file count is null. in this case, you can find the key next to the folder name. some use multiple keys or different math, so don't expect it to be that easy.

 

anyhow, you don't have to crack their encryption. study the .sah format and the function the client uses to parse the file. it creates file and folder objects, so you can get the filename, offset, and length and append them to a .txt file (e.g. filename,12341234,1234). then, write a program to read each line, pass the filename, offset, and length to some functions, and extract the file.

the .saf is nothing more than a blob. the .sah is what they try to protect, because it defines the values you need to read the data from the .saf. if you have the offset and length of the file you want, you can write a program to seek the offset, read the bytes, and write the file.

 

most people still use the file count xor method. the key is in plain sight in raw format when the file count is null. in this case, you can find the key next to the folder name. some use multiple keys or different math, so don't expect it to be that easy.

 

anyhow, you don't have to crack their encryption. study the .sah format and the function the client uses to parse the file. it creates file and folder objects, so you can get the filename, offset, and length and append them to a .txt file (e.g. filename,12341234,1234). then, write a program to read each line, pass the filename, offset, and length to some functions, and extract the file.

tyvm.its very detailed,but i dont know how to program.If possible, could you share a tool or source code to encrypt or decrypt my own sah

tyvm.its very detailed,but i dont know how to program.If possible, could you share a tool or source code to encrypt or decrypt my own sah

once upon a time, Cups shared some code. it can be used to encrypt the file too with some editing. if you like C#, the source code for Parsec will be helpful.

 

https://www.elitepvpers.com/forum/shaiya-pserver-guides-releases/4169356-source-decrypting-shens-xor-file-count-encryption.html

tyvm.I will try, although it may be challenging for me

it was for me too. i'll see if i can make something, but i don't want to promise i will.

tyvm.its very detailed,but i dont know how to program.If possible, could you share a tool or source code to encrypt or decrypt my own sah

this should help you get started. it's a very basic windows forms app. it comes with a sah class, etc. open Form1.cpp and add your key to the Crypto constructors. i tested with xor, but i didn't test with add or subtract. i encourage you to work toward a better system.

this should help you get started. it's a very basic windows forms app. it comes with a sah class, etc. open Form1.cpp and add your key to the Crypto constructors. i tested with xor, but i didn't test with add or subtract. i encourage you to work toward a better system.

Thanks again, it worked, the encrypted SAH cannot be opened, and after decryption, it becomes openable, but my client doesn't seem to use it, how can I change this to the client as well

Thanks again, it worked, the encrypted SAH cannot be opened, and after decryption, it becomes openable, but my client doesn't seem to use it, how can I change this to the client as well

you have to find the sah read function in your client and set a detour where it reads the file count and decrypt the value after it's read from the file. you have to do it before it uses the count to iterate the files in the folder. the client uses a C function to read the data files.

 

https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/read?view=msvc-170

 

the updater is the same. if i remember correctly, this has to be done in two places. this is partly why i wrote my own updater. once you start doing something more complex than file counts, this will become a huge pain in the ass. writing the updater was less painful.

you have to find the sah read function in your client and set a detour where it reads the file count and decrypt the value after it's read from the file. you have to do it before it uses the count to iterate the files in the folder. the client uses a C function to read the data files.

 

https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/read?view=msvc-170

 

the updater is the same. if i remember correctly, this has to be done in two places. this is partly why i wrote my own updater. once you start doing something more complex than file counts, this will become a huge pain in the ass. writing the updater was less painful.

yeah.After reading your reply, I am already in pain

[ATTACH type=full]27[/ATTACH]

yeah.After reading your reply, I am already in pain

 

i feel like it's better to learn the format of the files you want to protect. Parsec has all the code you need to write the crypto programs. example: if you don't want people copying the items, you'd encrypt item.sdata. the best part is, you won't have to modify the updater.

  • Author
(comment removed)

Edited by Zhein

Create an account or sign in to comment

Account

Navigation

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.