He is also the same retard that went by the name Dark Empire that is the one that made 17526->17544 XBLBallin that was actualyl renting an API off me, funny shit I know!
Message to Cabbage:
We will continue to attack your shit pStealth rename service and any service you are a part of, you are part of the reason this community is going downhill.
Do everyone a favor and fuck off already.
You may ask "why emulate a free server?". Well I've listed some reason below!
1) the kid is a prick
2) the kid is the defition of scum
3) the kid is a money hungry prick and his shit never stays free, now it will :)
4) I've waited months for an opportunity to ruin this cunt, the time has finally come
Below I have reversed a lot of their shit xex, it is confirmed a Teapot V2/XBLS/pStealth rename and reskin. The service is a joke!
// Network connections:
// IP Address: 66.70.137.46
//Port: 4040
// Network packet structures:
// Authentication:
// Notes: Yeah, they store the KV for later use.Probably trying to keep them for their 'amazing No KV mode' that's on its way!
struct AUTH
{
DWORD Command;
DWORD RequestSize;
DWORD TitleId;
BYTE CPUKey[0x10];
BYTE SHA1ModuleHash[0x14]; // XeCryptSha((PBYTE)ReadFile("SkidLive:\\SkidLive.xex"), GetFileSize(SkidLive:\\SkidLive.xex), 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, (PBYTE)PacketAlloc + 0x1C, 0x14);
BYTE KV[0x4000]
};
// Presence:
// Notes: The calls to create the presence thread were nopped as they are not needed since this server has been officially fucked :) no updates here!
// .text:90DF4BA8 bl ExCreateThread // nop ExCreateThread
// .text:90DF4BC8 bl sub_90DF8330 // nop ResumeThread
// XeKeysExecute:
// Notes: Not too sure on the last 4 bytes, most likely the serialbyte to identify console board version
struct XKEC
{
DWORD Command;
DWORD RequestSize;
BOOL Crl;
BOOL Fcrt;
BYTE AOEPKey[0x10]; // (The joke that calls himself a crypto programmer doesnt even know what this key is for lmfao) // XeCryptRandom(*(PBYTE)0x90E0AC48, 0x10);
BYTE CPUKey[0x10];
BOOL IsType1KV;
DWORD Unk;
};
// XamExecuteAsyncChallenge:
// Notes: The call to PatchInJump has been nopped because I couldn't be bothered to reverse their shitty leeched XOSC, the chances are the stock XOSC is more correct than theirs lmfao
// .text:90DF5884 bl sub_90DF6D10 // nop PatchInJump 0x8169CD98
// Server response schema:
enum Responses
{
Authed = 0x5A00,
Freemode = 0x7A00,
Unk = 0x6400, // banned? time expires? idc.
ModuleUpdate = 0x9F00
};
// Schema:
// lis gpr, 0x5A00
DWORD gpr = (Response << 0x10); // (the response is the Low part of the HighLowKey, it has to be shifted by 0x10 to make it the High part of the HighLowKey)
Message to Cabbage:
We will continue to attack your shit pStealth rename service and any service you are a part of, you are part of the reason this community is going downhill.
Do everyone a favor and fuck off already.
You may ask "why emulate a free server?". Well I've listed some reason below!
1) the kid is a prick
2) the kid is the defition of scum
3) the kid is a money hungry prick and his shit never stays free, now it will :)
4) I've waited months for an opportunity to ruin this cunt, the time has finally come
Below I have reversed a lot of their shit xex, it is confirmed a Teapot V2/XBLS/pStealth rename and reskin. The service is a joke!
// Network connections:
// IP Address: 66.70.137.46
//Port: 4040
// Network packet structures:
// Authentication:
// Notes: Yeah, they store the KV for later use.Probably trying to keep them for their 'amazing No KV mode' that's on its way!
struct AUTH
{
DWORD Command;
DWORD RequestSize;
DWORD TitleId;
BYTE CPUKey[0x10];
BYTE SHA1ModuleHash[0x14]; // XeCryptSha((PBYTE)ReadFile("SkidLive:\\SkidLive.xex"), GetFileSize(SkidLive:\\SkidLive.xex), 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, (PBYTE)PacketAlloc + 0x1C, 0x14);
BYTE KV[0x4000]
};
// Presence:
// Notes: The calls to create the presence thread were nopped as they are not needed since this server has been officially fucked :) no updates here!
// .text:90DF4BA8 bl ExCreateThread // nop ExCreateThread
// .text:90DF4BC8 bl sub_90DF8330 // nop ResumeThread
// XeKeysExecute:
// Notes: Not too sure on the last 4 bytes, most likely the serialbyte to identify console board version
struct XKEC
{
DWORD Command;
DWORD RequestSize;
BOOL Crl;
BOOL Fcrt;
BYTE AOEPKey[0x10]; // (The joke that calls himself a crypto programmer doesnt even know what this key is for lmfao) // XeCryptRandom(*(PBYTE)0x90E0AC48, 0x10);
BYTE CPUKey[0x10];
BOOL IsType1KV;
DWORD Unk;
};
// XamExecuteAsyncChallenge:
// Notes: The call to PatchInJump has been nopped because I couldn't be bothered to reverse their shitty leeched XOSC, the chances are the stock XOSC is more correct than theirs lmfao
// .text:90DF5884 bl sub_90DF6D10 // nop PatchInJump 0x8169CD98
// Server response schema:
enum Responses
{
Authed = 0x5A00,
Freemode = 0x7A00,
Unk = 0x6400, // banned? time expires? idc.
ModuleUpdate = 0x9F00
};
// Schema:
// lis gpr, 0x5A00
DWORD gpr = (Response << 0x10); // (the response is the Low part of the HighLowKey, it has to be shifted by 0x10 to make it the High part of the HighLowKey)
