Skip to content
/ BrawlStars-SPK Public
forked from HuluHulu56/BrawlStars-SPK

A tiny tool written in zig suited for extracting the obfuscated SPK from the BrawlStars main library and deobfuscating it.

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DENAZWHO/BrawlStars-SPK

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
README.md
README.md
 
 
deobfuscate.zig
deobfuscate.zig
 
 

Repository files navigation

BS-SPK

Intro

BS-SPK is a lightweight tool written in Zig that extracts and deobfuscates the Server Public Key (PepperKey) from Brawl Stars binaries (libg.so for Android or the main executable for iOS).

This tool automates the entire process—no manual hex searching or external scripts required. Just point it at the binary and get the key.

Theory

How the Obfuscation Works

Supercell stores the server public key in an obfuscated form within the game binary. The obfuscated key is 128 bytes and is always followed by a specific marker pattern:

1A D5 00 00 00 00 00 00

Deobfuscation Algorithm

The 128-byte blob is treated as an array of 64 unsigned 16-bit integers (little-endian). The algorithm then performs the following for each of the 16 iterations:

  1. Extract values from specific indices in the array
  2. XOR and OR operations to compute an intermediate value
  3. Bitwise rotation using shift amounts derived from the loop index
  4. Final XOR with another array element to produce 2 bytes of the key

The shift amounts follow a predictable pattern:

  • Left shift: 11 - (i & 7) → cycles through 11, 10, 9, 8, 7, 6, 5, 4
  • Right shift: ((i & 7) - 11) & 0xF → cycles through 5, 6, 7, 8, 9, 10, 11, 12

The result is a 32-byte deobfuscated server public key.

Pattern Matching

The tool searches for the last occurrence of the marker pattern 1A D5 00 00 00 00 00 00 in the binary, as earlier occurrences may be false positives. The 128 bytes immediately preceding this pattern contain the obfuscated key.

Building

Requirements

  • Zig compiler (0.12+ recommended, or recent dev builds with -lc support)
zig build-exe deobfuscate.zig -lc

This produces a deobfuscate executable (or deobfuscate.exe on Windows).

Usage

./deobfuscate <path_to_binary>

Examples

Android (libg.so):

./deobfuscate /path/to/libg.so

iOS (main executable):

./deobfuscate /path/to/laser

Output

The tool prints the 32-byte deobfuscated server public key as a 64-character hex string:

ae0b932ff04e0e84c45409ba9e6b349bd0a3f28262c3722f59bd997b7652d82b

Credits

This tool is based on the research documented by:

Original research repository: Key-Deobfuscator

Disclaimer

This project is intended for educational and research purposes only. I do not endorse, encourage, or take responsibility for any misuse or violation of laws or terms of service.

Use this software responsibly and ethically.

About

A tiny tool written in zig suited for extracting the obfuscated SPK from the BrawlStars main library and deobfuscating it.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Zig 100.0%