[billconan]

I think I can hook the opengl driver and get the shader source code and the encryption key. and redo the decryption on cpu.

[datenwolf]

You don't have to go so far. Just inject a little bit of code into the game process that calls a dumper function just before (or after, it doesn't really matter) calls to `glDraw…` to dump out all the data of the currently bound buffer objects and textures. glGetTexImage, glGetBufferData are your friends.

[billconan]

ya. this article doesn't make too much sense to me.

[datenwolf]

I think the people behind this come from a OpenGL-ES / WebGL background. Coaxing data back out of OpenGL-ES / WebGL is a bit tricker compared to original OpenGL. But only a little bit (you need a proxy FBO to retrieve texture data; you can't write to buffer objects with shaders in ES/WebGL so hooking glBufferData suffices).

[billconan]

I don't think it will be difficult. after all chromium and Angle are opensource, you can hack chromium source code to get everything. plus, javascript is already kinda open to steal. same to android. it is open.

on ios, it's harder. but shouldn't ios already encrypt all its apps?

[microcolonel]

Wouldn't matter, pretty sure you could just take the assets in the simulator.

[balls2you]

You're assuming the application that wants to protect its assets and other IP will let you run it in a simulator which is not going to be the case.