Juice the carrots from ウマ娘プリティーダービー (Umamusume Pretty Derby) - Windows implementation



Hooks the decryption function in libnative.dll of ウマ娘プリティーダービー (Umamusume Pretty Derby), to allow inspecting the packets (and provide some useful information during the game).

For Android, refer to Riru-CarrotJuicer.


Theoretically this should support "modern" versions of Windows, as long as it is x64. But this is only tested with Windows 10 v2004.

Please make sure that you have installed the latest Visual C++ 2019 Redistributable, otherwise the game would crash at start up time with no message at all.

If the precompiled binary from Releases page does not work, try build it yourself. I have seen at least 2 machines where it works only when building locally. I have no idea why, probably the VS build process (or even installing VS?) changes some state in the system.

  1. Copy version.dll to the same directory with umamusume.exe. This should be %USERPROFILE%\Umamusume unless you did some magic yourself.
  2. Start the game as usual (i.e., with DMM launcher). The captured packets will be saved into CarrotJuicer folder in the game directory.
  3. You can investigate the responses with msgpack tools like msgpack2json -di 123456789R.msgpack.

Hakuraku has a UI for investigating the captured packets here.

cjedb.json and master.mdb

Starting from v1.2, EXNOA-CarrotJuicer would print extra info that may help users to make strategic decisions. Some features depend on an optional external data file cjedb.json. If this file is missing, some features will be disabled.

The Releases in this repo would bundle the latest file as of that time, but you may wish to check for updates here from time to time, especially after a new charactor or support card is added.

In addition, EXNOA-CarrotJuicer will attempt to read master.mdb directly from the game's data directory (in %USERPROFILE%\AppData\LocalLow\Cygames\umamusume\master) with a bundled SQLite engine. (Sorry for the bloating file size, but the game itself takes 4GB anyway, so we are as trivial as some rounding error.) If you somehow moved it, please at least make sure a link is available.


In packets containing races, there is a base64-encoded field, often named race_scenario. This includes per-frame and per-chara information in the race.

More details can be found in README of Hakuraku. Its web UI is able to parse this field for you.


Requests (files ending with Q.msgpack) are not actually msgpack. The current observation is:

  • The first 4 bytes likely represent a little-endian int. We name it offset, currently always observed to be 0xA6 (166).
  • The following 52 bytes [+0x04, +0x38) never change for a single client, even across sessions. We did not test whether this is per-account or per-client.
  • The following 114 bytes [+0x38, +0xB0) are different for each request.
  • All remaining is a standard msgpack message. This starts at +0xB0 which is exactly offset + 4.

To investigate the content, remove the first 170 bytes and use msgpack tools, like tail -c+171 123456789Q.msgpack | msgpack2json -d.


  1. Install vcpkg, and make sure to enable VS integration by running vcpkg integrate install.
  2. git clone
  3. Spin up Visual Studio 2019, and press "Build".


This module is largely copied from inspired by umamusume-localify.

  • Responses of `load/index` cannot be parsed

    Responses of `load/index` cannot be parsed

    It's complaining about C0 so I think it's basically same issue with #2. We load master.mdb only when we see this RPC so anything depending on it is currently broken.

    There are actually a bunch of other places where similar problems exist :( A proper fix probably is to change how nlohmann/json handles "null": 1.

    opened by CNA-Bld 1
  • No OSS License

    No OSS License

    opened by wx257osn2 0
  • Handle team stadium opponents with empty team members

    Handle team stadium opponents with empty team members

    team_data_array would still contain 15 members, but they might look like

      "distance_type": 1,
      "member_id": 3,
      "trained_chara_id": 0,
      "running_style": 0
    opened by CNA-Bld 0
  • Responses of `team_stadium/opponent_list` cannot be parsed

    Responses of `team_stadium/opponent_list` cannot be parsed

    In .data.opponent_info_array, each dict starts with 88 C0 01, where 88 is the header of a fixmap. C0 01 is thus a KV pair nil -> 1.

    Strictly speaking this is not violating msgpack spec, but it breaks the parser.

    We can probably hardcode a fix by replacing 88 C0 01 with 87.

    Signature for detecting this packet can potentially be:

    • Includes 81B36F70 706F6E65 6E745F69 6E666F5F 61727261 7993
    • Contains 3 88 C0 01, and the first one comes immediately after the snippet above.
    opened by CNA-Bld 0
  • Don't lock master.mdb when it needs to be updated

    Don't lock master.mdb when it needs to be updated

    Currently when the game attempts to update master.mdb, it fails because we would have already opened the DB (although in r/o) so it can't get a lock.

    We should:

    • Open the DB only when (and whenever) we see https://api-umamusume.cygames.jp/umamusume/load/index
    • Close it when we see https://api-umamusume.cygames.jp/umamusume/tool/start_session
      • So if there is an update during game play, we don't have to manually restart the game.


    • Disable EXNOA-CarrotJuicer before starting the game.
    • After it updates the DB, reenable it.
    opened by CNA-Bld 0
Huang Yue
git push --force
Huang Yue
A header-only library for C++(0x) that allows automagic pretty-printing of any container.

cxx-prettyprint =============== A pretty printing library for C++ containers. Synopsis: Simply by including this header-only library in your sourc

Louis Delacroix 535 Nov 26, 2022
Pretty Printer for Modern C++

Highlights Single header file Requires C++17 MIT License Quick Start Simply include pprint.hpp and you're good to go. #include <pprint.hpp> To start p

Pranav 879 Dec 22, 2022
Pretty much the repo name sums it up.

?? Console_Calculator Version Supported Date Ended Support v.1.0 ✔️ ?? Features The ?? Console_Calculator can do basic arithmatic, and yes there is no

Angelo Petrai 3 Dec 31, 2021
its a pretty dodo 0.1% os

Dodo OS why did i make this os? idk im bored and i wanted to learn alot of new stuff. so i decided to make dodo os. i will see for how far i will go i

Voidy Devleoper 5 Jan 4, 2022
Generate code for pretty-printing C++ enums

enums Generate code for pretty-printing C++ enums. Supported platforms Only Linux x86/x86_64 systems are supported. For the missing platforms, the too

Andrei Burdulescu 0 Jan 31, 2022
Implements a Windows service (in a DLL) that removes the rounded corners for windows in Windows 11

ep_dwm Implements a Windows service that removes the rounded corners for windows in Windows 11. Tested on Windows 11 build 22000.434. Pre-compiled bin

Valentin-Gabriel Radu 24 Dec 29, 2022
Windows 2000 styled installer for Panther based distributions of Microsoft Windows (WIM files).

An advanced installer for Microsoft Windows that mimics the looks of the Windows XP and older installers. Takes any modern (Vista and newer) Windows ISO or WIM file and creates a old styled Windows Setup experience on the go.

null 5 Dec 17, 2022
Windows kernel information leakage POCs on Windows 10 RS1+

This repository covers various techniques and methods I write while conducting research into infoleaks, these are for leaking various Windows kernel a

null 2 Dec 18, 2022
Some extensions for windows explorer, tested on windows 10+

WindowsExplorerExtension Extensions for windows explorer, tested on windows 10 & windows 11. New Folder Extension What's This A Gnome nautilus inspire

anpho 4 Jan 13, 2022
Defender-control - An open-source windows defender manager. Now you can disable windows defender permanently.

Defender Control Open source windows defender disabler. Now you can disable windows defender permanently! Tested from Windows 10 20H2. Also working on

null 583 Dec 28, 2022
Demonstrates implementation of the Windows 10 Acrylic Effect on C++ Win32 Apps using DWM Private APIs and Direct Composition

Win32 Acrylic Effect A Demonstration of Acrylic Effect on C++ Win32 applications using Direct Composition and DWM private APIs. Table of Contents Over

Selastin 132 Dec 21, 2022
Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process

Custom HellsGate Implementation Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe pr

Bobby Cooke 90 Oct 18, 2022
An implementation of a Windows loader that can load dynamic-linked libraries (DLLs) directly from memory

memory-module-loader memory-module-loader is an implementation of a Windows loader that can load dynamic-link libraries (DLLs) directly from memory. T

SCYTHE 118 Nov 21, 2022
A desktop (supports macOS and Windows) implementation of uni_links plugin.

uni_links_desktop A desktop (supports macOS and Windows) implementation of uni_links plugin. uni_links_desktop Platform Support Quick Start Installati

LeanFlutter 18 Dec 2, 2022
In DFS-BFS Implementation In One Program Using Switch Case I am Using an Simple And Efficient Code of DFS-BFS Implementation.

DFS-BFS Implementation-In-One-Program-Using-Switch-Case-in-C Keywords : Depth First Search(DFS), Breadth First Search(BFS) In Depth First Search(DFS),

Rudra_deep 1 Nov 17, 2021
Windows 7/2008 R2 EoP

Windows RpcEptMapper Service EoP exploit Clément Labro (@itm4n) released in November 12, 2020 all the details for a vulnerability on Windows 7 and Win

neosysforensics 13 Mar 29, 2021
Gaming Input Peripherals Device Firewall for Windows.

HidHide ⚠️ Compiling a signed BETA release is in the works, please be patient! ⚠️ Introduction Microsoft Windows offers support for a wide range of hu

Virtual Gamepad Emulation Framework 392 Jan 2, 2023
Asteroids Clone for Windows

Asteroids Clone for Windows This game is a simple Asteroids clone primarily intended to demonstrate the capabilities and flexibility of w64devkit. It

Christopher Wellons 24 Dec 25, 2022
A program that allows you to hide certain windows when sharing your full screen

Invisiwind Invisiwind (short for Invisible Window) is an application that allows you to hide certain windows when sharing your full screen.

Joshua T. 75 Dec 20, 2022