TrioxX

File Download - ZygorGuides-6.0.14916.zip

Works as designed. Premium members receive updates after release while free users have to wait 72 hours. See https://www.getfirehawk.com/productInfo

Any updated version of Dugi? Latest is 8.120. Thank you.

Not the information, but the data.

They took the data from Firehawk, when they had their online generator. After shutting it down, steamtags also stopped providing the files.

You need additional files, which are refreshed approx every 72 hours. Without this data (or with extremely old data), you can't use the auction house feature of Zygor.

Application Name: Velocity Application Description: Velocity gives your Windows desktop offline access to over 150 API documentation sets (provided by Dash for OS X) Application Download Link: https://az699247.vo.msecnd.net/downloads/VelocitySetup-1.1.5.msi Official Webpage: http://velocity.silverlakesoftware.com/

Maybe, cracking Firehawk isn't an option because it's (not completely impossible but) too complicated. Maybe, we should ask the Firehawk devs how they do it or maybe, we should focus again on generating the data by ourselves by finding out how it's done. I don't think, that it would be a good idea to get the data from Zygor directly. Or maybe, we should just ignore this Zygor feature and use TSM.

They also have a Mac client Virustotal says, it's clean. Even when using a Crypter, it should sooner or later be detected, if there's something suspicious in it. The latest version has been released 5 months ago. So i guess, they are just trying to protect their implementation. > Additionally, a virus scan doesn't come back completely clean I think, these are false positives. Maybe because UPX is used? For reference: https://www.virustotal.com/en/file/725a064d4877a04d30dbdced55fcd8da0e8314b9b8265df8f790ee8b43c2bdc0/analysis/ https://www.virustotal.com/en/file/3275b53a5f3a39aa9348accd4b5f488a243f69c739a63fe34e947ce321be903d/analysis/ Regarding secure connections: What i know is, that they implemented a fallback for users who are unable to connect to their servers using SSL for some reason (e.g. blocked via Firewall). So when starting the client, it first checks if it's able to connect via SSL and if not, use the fallback (which might be a plain HTTP connection).

Zygor is written in Java, that's easy to decompile. Dunno exactly, what Firehawk uses. I'm not that expert.

That's what i am talking about. The whole functionality must be inside the executable already, regardless of your account status. That should be enough to "analyze". And since we know that there's not much interesting within the Zygor client, we may have more luck in the Firehawk client.

What about decompiling the executable which you can download from their website? I mean... The way of "how" and "where" it downloads the data should be inside of it, shouldn't it? I don't think, that it does much more or is any better than the Zygor client.

Another alternative would be to download the data using Firehawk, wouldn't it? I don't know, if they are monitoring their API, but it's worth a try.

I've heard, that they started generating the data by themselves using the battle.net API. You cannot simply take the TSM data and convert it into a compatible format because it doesn't use the same informations as Zygor. You just have two choices: Take the data from Zygor which may result in an account suspension or generate the data by yourself using the battle.net API. However, this may take a few days because historical data is recorded for like 14 days.

The client is written in Java, easy to decompile. However, it doesn't contain anything useful, because everything is processed serverside. As mentioned by yuckfoux, they don't care about security. They don't use SSL for connections and they simple base64 encode your password (prefixed wit Qö for some reason...).