What I know about darkfall so far:
- Uses Java, JNI, C++.
- .jar/.class files are stored in Darkfalls proprietary archive format, hence they are not readily available.
- Java is obfuscated except for a small number of classes, you get crap names like fhr, ghi, brl.
- Has a custom ClassLoader.
- Has functions in sfmiddleware.dll to handle JNI class loading and some other things.
- JVM heap dumps don’t appear to contain player data, these might be handled allocated Java objects managed by C++ code.
Java utilities are pretty extensive. Here are the possible tools I will use to attack the game.
My next steps are to use some of the above tools/APIs to write something that will dump all the classes from the JVM as they are loaded. From there I should have a complete class dump of the entire game code =). Currently my bet is on JVMTI and ClassFileLoadHook.