Asuna's Trainer: How it was made

1. Asuna compiled a custom Cheat Engine standalone executable. 2. Then she created a custom LUA library to make encryption more secure. 3. She created a Cheat Engine trainer, encrypted it with https://wiki.cheatengine.org/index.php?title=Lua:encodeFunction . 4. Asuna made a Google Docs-based login system and inserted it into trainer's code. 5. Compiled it as EXE Trainer. 6. Created a WinRAR Self-Extracting Archive, put all the files into it. Let's dive deeper into it! As I said, .exe you download from Asuna's server is NOT the trainer. It is a WinRAR Self-Extracting Archive that a) extracts it's content into [%temp%\cetrainers] folder and b) launches the trainer itself. If we go exactly into that folder, we will find all of the files that trainer is made of. The one we are most interested in is "CET_TRAINER.CETRAINER", which can be accessed by running the executable in the root of the generated folder. Upon examining the .cetrainer file, we can learn that it's been encrypted. Luckily, there's a tool to partially decrypt the table! https://www.unknowncheats.me/forum/general-programming-and-reversing/649970-cheat-engine-trainer-unpacker-decryptor.html However, the encryption is actually layered. After opening decrypted file we will see a lot of ASCII85 text (LUA:encodeFunction). I am not going to decrypt it today, there's simply no need to take that code apart to get a free trainer. Now we can launch a different executable, the one with a classic Cheat Engine icon. We MUST run it with Admin privileges, otherwise it won't work. If we use this specific version of Cheat Engine, we will be able to scan the memory of the launched trainer. Let's scan it in Text mode and try to find "docs.google.com/document/d" line. Now we have our desired URL with all the login data inside! Sadly, we can't just yoink the login data. You see, the trainer generates a Hardware-Unique Key (HUK)! In the next guide I'll teach you how to bypass the paid login system.