[Kaali]

How about catching the packets before SSL? I have no knowledge about modern Windows debugging, or how Simcity might block a debugger. But I guess you could pinpoint the location of the messages just before SSL encryption, and just dump them out?

[ekimekim]

That sounds plausible. Again, I'm not a windows guy, but unless they've statically linked the SSL libraries, you should just be able to inject your own dll and capture the data on the way into the library.

[Kaali]

I would think that they have statically linked it, which is why I thought about using a debugger to catch the data. With dynamically linked library, such as OpenSSL, it would be quite easy to capture the data.

[tirant]

You could just search for the certificates in the code, and update them with your own.

[fnordfnordfnord]

But haven't they been rushing updates out the door? They may have been careless given the situation.