DevFaded · Sep 3, 2024
diff --git a/‎roblox_decryptor.sln
+31 b/‎roblox_decryptor.sln
+31
diff --git a/‎roblox_decryptor/decryptor/decryptor.cpp
+107 b/‎roblox_decryptor/decryptor/decryptor.cpp
+107
diff --git a/‎roblox_decryptor/decryptor/decryptor.hpp
+32 b/‎roblox_decryptor/decryptor/decryptor.hpp
+32
diff --git a/‎roblox_decryptor/roblox_decryptor.cpp
+27 b/‎roblox_decryptor/roblox_decryptor.cpp
+27
diff --git a/‎roblox_decryptor/roblox_decryptor.vcxproj
+165 b/‎roblox_decryptor/roblox_decryptor.vcxproj
+165
@@ -0,0 +1,31 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.34601.136
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "roblox_decryptor", "roblox_decryptor\roblox_decryptor.vcxproj", "{95843837-C21A-4CDC-BC04-28271ABD09A6}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|x64 = Debug|x64
+		Debug|x86 = Debug|x86
+		Release|x64 = Release|x64
+		Release|x86 = Release|x86
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{95843837-C21A-4CDC-BC04-28271ABD09A6}.Debug|x64.ActiveCfg = Debug|x64
+		{95843837-C21A-4CDC-BC04-28271ABD09A6}.Debug|x64.Build.0 = Debug|x64
+		{95843837-C21A-4CDC-BC04-28271ABD09A6}.Debug|x86.ActiveCfg = Debug|Win32
+		{95843837-C21A-4CDC-BC04-28271ABD09A6}.Debug|x86.Build.0 = Debug|Win32
+		{95843837-C21A-4CDC-BC04-28271ABD09A6}.Release|x64.ActiveCfg = Release|x64
+		{95843837-C21A-4CDC-BC04-28271ABD09A6}.Release|x64.Build.0 = Release|x64
+		{95843837-C21A-4CDC-BC04-28271ABD09A6}.Release|x86.ActiveCfg = Release|Win32
+		{95843837-C21A-4CDC-BC04-28271ABD09A6}.Release|x86.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {FF4F996F-CFDD-4C90-9869-5A658DD12C93}
+	EndGlobalSection
+EndGlobal
@@ -0,0 +1,107 @@
+#include "decryptor.hpp"
+
+#include "utils/memory.hpp"
+#include "utils/pe.hpp"
+
+#include <Windows.h>
+
+#include <vendor/chacha20/chacha20.hpp>
+
+namespace decryptor
+{
+	code_decryptor::code_decryptor(const std::filesystem::path& hyperion, const std::filesystem::path& roblox, const std::string& out_filename) : page_info_base{ 0 }
+	{
+		// Loading the module directly so we can work with memory mapped offsets
+		hyperion_handle = LoadLibraryExA(hyperion.string().c_str(), NULL, DONT_RESOLVE_DLL_REFERENCES);
+		roblox_handle = LoadLibraryExA(roblox.string().c_str(), NULL, DONT_RESOLVE_DLL_REFERENCES);
+
+		if (!roblox_handle || !hyperion_handle)
+			return;
+
+		utils::pe roblox_image{ get_base_from_handle(roblox_handle) };
+		utils::pe hyperion_image{ get_base_from_handle(hyperion_handle) };
+
+		const auto roblox_code = roblox_image.get_section(".text");
+		const auto hyperion_code = hyperion_image.get_section(".byfron");
+
+		DWORD old;
+		VirtualProtect(reinterpret_cast<LPVOID>(roblox_code.base), roblox_code.size, PAGE_READWRITE, &old);
+
+		// Attempt to automatically locate the page info array
+		constexpr std::array<std::uint8_t, 6> constant_sig = { 0x10, 0x27, 0x00, 0x00, 0xCC, 0x29 };
+		constexpr std::array<std::uint8_t, 3> lea_sig = { 0x04, 0xCC, 0x8D };
+
+		const auto constant_mov = utils::signature_scan(hyperion_code.base, hyperion_code.size, constant_sig);
+
+		if (!constant_mov)
+			return;
+
+		auto page_info_lea = utils::signature_scan(constant_mov, 0x100, lea_sig);
+
+		if (!page_info_lea)
+			return;
+
+		// Plus one because we include the end of the shl reg, 4 instruction
+		page_info_lea += 1;
+			
+		const auto dest = page_info_lea + *reinterpret_cast<std::int32_t*>(page_info_lea + 3) + 7;
+
+		page_info_base = dest;
+
+		std::ifstream src{ roblox, std::ios::binary };
+
+		out_file = std::ofstream{ out_filename, std::ios::binary };
+		out_file << src.rdbuf();
+
+		src.close();
+	}
+
+	code_decryptor::~code_decryptor()
+	{
+		if (hyperion_handle)
+			FreeLibrary(static_cast<HMODULE>(hyperion_handle));
+
+		if (roblox_handle)
+			FreeLibrary(static_cast<HMODULE>(roblox_handle));
+	}
+
+	bool code_decryptor::is_initialized() const
+	{
+		return page_info_base != 0;
+	}
+
+	void code_decryptor::decrypt()
+	{
+		utils::pe roblox_image{ get_base_from_handle(roblox_handle) };
+		utils::pe hyperion_image{ get_base_from_handle(hyperion_handle) };
+
+		const auto roblox_code = roblox_image.get_section(".text");
+		const auto hyperion_code = hyperion_image.get_section(".byfron");
+
+		for (auto target_page = roblox_code.base; target_page < roblox_code.base + roblox_code.size; target_page += 0x1000)
+		{
+			const auto target_page_number = (target_page - roblox_image.get_image_base()) / 0x1000;
+			const auto target_page_info_base = page_info_base + (target_page_number % 10000) * 0x10;
+
+			const auto page_info = *reinterpret_cast<std::uintptr_t*>(target_page_info_base);
+			const auto page_size = *reinterpret_cast<std::uint32_t*>(target_page_info_base + 0x8);
+
+			std::array<std::uint8_t, 32> key{};
+			std::memcpy(key.data(), reinterpret_cast<void*>(page_info), page_size);
+
+			chacha20_context ctx;
+			chacha20_init_context(&ctx, key.data(), 0);
+			chacha20_xor(&ctx, reinterpret_cast<uint8_t*>(target_page), 0x1000);
+		}
+
+		// Seek to the first section after the PE headers, assuming it should be code
+		out_file.seekp(0x600);
+		out_file.write(reinterpret_cast<char*>(roblox_code.base), roblox_code.size);
+		out_file.flush();
+	}
+
+	std::uintptr_t code_decryptor::get_base_from_handle(void* handle) const
+	{
+		return reinterpret_cast<std::uintptr_t>(handle);
+	}
+}
@@ -0,0 +1,32 @@
+#pragma once
+
+#include <cstdint>
+#include <string>
+#include <filesystem>
+#include <fstream>
+#include <array>
+
+namespace decryptor
+{
+	class code_decryptor
+	{
+	public:
+		code_decryptor(const std::filesystem::path& hyperion, const std::filesystem::path& roblox, const std::string& out_filename);
+		~code_decryptor();
+
+		void decrypt();
+
+		bool is_initialized() const;
+
+	private:
+		std::uintptr_t get_base_from_handle(void* handle) const;
+		
+	private:
+		void* hyperion_handle;
+		void* roblox_handle;
+
+		std::uintptr_t page_info_base;
+
+		std::ofstream out_file;
+	};
+}
@@ -0,0 +1,27 @@
+#include <iostream>
+
+#include "decryptor/decryptor.hpp"
+
+using namespace decryptor;
+
+int main()
+{
+	std::printf("Starting decryptor\n");
+
+	code_decryptor static_decryptor{ "RobloxPlayerBeta.dll", "RobloxPlayerBeta.exe", "decrypted.bin" };
+
+	if (!static_decryptor.is_initialized())
+	{
+		std::printf("Decryptor failed to initialize\n");
+
+		std::cin.get();
+
+		return 1;
+	}
+
+	static_decryptor.decrypt();
+
+	std::printf("Decryptor successfully finished\n");
+
+	std::cin.get();
+}
@@ -0,0 +1,165 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <VCProjectVersion>16.0</VCProjectVersion>
+    <Keyword>Win32Proj</Keyword>
+    <ProjectGuid>{95843837-c21a-4cdc-bc04-28271abd09a6}</ProjectGuid>
+    <RootNamespace>robloxdecryptor</RootNamespace>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="Shared">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+    <IncludePath>./;$(IncludePath)</IncludePath>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+    <IncludePath>./;$(IncludePath)</IncludePath>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LinkIncremental>true</LinkIncremental>
+    <IncludePath>./;$(IncludePath)</IncludePath>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+    <IncludePath>./;$(IncludePath)</IncludePath>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <LanguageStandard>stdcpp17</LanguageStandard>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <LanguageStandard>stdcpp17</LanguageStandard>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <LanguageStandard>stdcpp17</LanguageStandard>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <LanguageStandard>stdcpp17</LanguageStandard>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <ClCompile Include="decryptor\decryptor.cpp" />
+    <ClCompile Include="roblox_decryptor.cpp" />
+    <ClCompile Include="utils\memory.cpp" />
+    <ClCompile Include="utils\pe.cpp" />
+    <ClCompile Include="vendor\chacha20\chacha20.cpp" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="decryptor\decryptor.hpp" />
+    <ClInclude Include="utils\memory.hpp" />
+    <ClInclude Include="utils\pe.hpp" />
+    <ClInclude Include="vendor\chacha20\chacha20.hpp" />
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>