StalkerUKCG
Banned
TorrentfreakBird sister said:
Interesting stuff if true. Time will tell. I don't think anything will ever be truly uncrackable.
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
3DM claim to have cracked Denuvo
- Thread starter StalkerUKCG
- Start date
Interesting stuff if true. Time will tell. I don't think anything will ever be truly uncrackable.
Linkstrikesback
Member
A shame, but expected.
StalkerUKCG
Banned
The article and official quote seems to say they will be releasing proof in some form or another.
BakkaGames
Member
It's sad because of piracy, but kinda good when we think about long-term games preservation.
For people wondering by Denuvo is hard to crack:
tl;dr: There isn't a good 64bit debugger to crack denuvo.
https://www.reddit.com/r/denuvo/comments/4307at/denuvo_hows_it_coming_along/
The most important thing: contrary to popular belief, DENUVO is NOT a newly developed and modern super-protection! In fact, behind DENUVO hides the ordinary VMProtect, from Russian roots, with minor differences (like a kind of fork). The mythical "strength" of this protection is the lack of a good debugger for debugging x64 (64-bit executable PE files). The beloved OllyDbg debugger/disassembler works only with x86 (32-bit) executables, and it's x64 version has not yet been released. The only suitable debugger is x64dbg, but at the moment it is still not fully developed and could use additional optimizations. Ironically, DENUVO's popularity and the need for a robust x64 debugger will probably help x64dbg attract more contributors.
Now, a little more detail:
DENUVO = VMProtect
It is perfectly evident, if we compare the virtual machines of both products. From Lords of Fallen to Just Cause ™ 3 - we find VMProtect 2.X. It's traits are identified by the presence of an encrypted dispatch-table. Starting with Just Cause ™ 3, DENUVO developers realized this epic fuck-up and discarded the dispatch-table from the virtual machine, changing the structure of the delta offset p-code instructions, thus we can consider this a new iteration of teh latest VMProtect 3.x. In addition to the virtual machine, everything in DENUVO uses VMProtect code obfuscation. Also should be mentioned the fact that the known tool ProtectionID initially determined executables protected with DENUVO as being protected by VMProtect 2.x, that should also mean something. Also something noteworthy happened with Assassin's Creed Syndicate - it uses... VMProtect! Why not DENUVO?! Obviously, someone at Ubisoft knew it was essentially the same thing and decided not to overpay for a sensational brand. However, their game was cracked fairly quickly so maybe they were not so lucky after all.
Who developed DENUVO?
Denuvo Software Solutions GmbH., Mr. Salzburg, Austria. Officially, Reinhard Blaukovich (Reinhard Blaukovitsch) and Robert Fendandez (Robert Hernandez). The first, is none other than the former developer of SecuROM (Sony DADC Austria AG - Austria, too). However, official information is highly questionable - it is very likely that the development of DENUVO attracted employees from VMProtect Software. The programming styles between SecuROM and DENUVO are very different. In addition, here's an interesting fact: the virtual machine implementation in the latest version of SecuROM 8 (8.10.008) had the dispatch-table discarded from it by the developers. But then in the first version of DENUVO it suddenly pops up again! Would the same developers have repeated the same mistake twice?!
DENUVO - DRM?
DENUVO is not DRM. It cannot check the disk or perform online activation, as did SecuROM. And there is nothing - neither disk check nor online activation, that SecuROM and StarForce emplyed, that was not successfully reversed and/or bypassed. DENUVO (VMProtect) simply protects files from modification. DENUVO is more focused on being a protective layer over DRM mechanisms like Steam/Origin.
Can DENUVO (VMProtect) be cracked?
As with any other defense mechanism - YES! Of course! It is merely a question of time and effort. Until now cracks consisted of emulating Steam/Origin, which are now protected by DENUVO. But it can still be done be keeping the emulation as is + manipulating the CPUID for DENUVO. But, most likely, the trend will shift to un-virtualize the virtual machine. Yes, it certainly isn't going to be as easy as with SecuROM virtual machine, which was the definition of "easy to crack" - nevertheless, it's still VMProtect's first year and I am sure that this problem will be solved.
DENUVO (VMProtect) had a devastating effect on the performance and optimization of games?
Think about it - even without DENUVO (VMProtect) many modern games require powerful processors and faster memory, the presence of this kind of protection just makes it worse! The problem arises when code is run inside a virtual machine - vitualized primitive code runs much slower that it would if it ran in it's non-virtualized form. Even if you have the most powerful i7 - even then it can't physically cope with rapidly processing a virtual machine, this new level of abstraction, and by having a huge cache and clock speed processor won't help either. If, for example, one assembly instruction takes one clock cycle, then its execution under the virtual machine number of cycles increases by several million (yes, with an 'm'). And then there is an additional penalty in this whole operation, which is aggravated by the plaform itself (x64/64-bit):
The length of the assembly instructions almost double when compared to x86/32-bit;
The virtual machine takes more than twice as long to store and process CPU registers (from RAX to R15);
Primitives breed hundreds of virtual machine;
p-code instructions (bytecode) now occuppy more space than the assembly code of the game itself!
As a result, files protected by DENUVO (VMProtect) may "weigh" an additional 100MB. However, if you discard several entities of the virtual machine primitives and bytecode, you end up with no more than 15-30MB.
DENUVO (VMProtect) even keeps dead silent about simple errors, finding out what is going on can only be achieved by using a debugger. For example, when the first games protected by DENUVO got "cracked" some people reported that, a couple of seconds after opening the game executable, the game process would hang and not start at all. The "crack" developers did not even bother to inform the public that DENUVO (specifically in Steam version of games) even went as far as checking the existence of a simple branch in the Windows registry: HKEY_CURRENT_USER\Software\Valve. There are two ways to solve this minor trouble: Just install Steam yourself or create that registry branch manually.
Here's some interesting facts and information directly from VMProtect:
Protected files are run on almost any version of Windows, even old Windows 95! However, licensing feature requires at least Windows 2000.
VMProtect doesn’t support .NET executables and has a limited support of VB executables.
This last one is just funny. VMSoft say they don't support .NET, but the fact is that this would be a pointless exercise since the executable would have to be restored to it's original form in order for it to be interpreted by Microsoft Common Object Runtime Execution Engine (MSCOREE), defeating the whole purpose of the protection scheme
"Mutation" protection method
Mutation is a replacing the source code instructions with their analog (or a certain instruction sequence), that give the same result as the source code. It is the fastest yet simplest way of software protection. Quite useful when you need to hide the signatures of third-party libraries used in your code. For example if hacker knows that you use a well-known SHA-1 implementation, he may attack it, instead of your code. Mutation allows to hide the presence of the library.
"Virtualization" protection method
Virtualization is the process of translating executable code into instructions of a virtual machine with the different architecture, that is unknown to a potential cracker. Virtualized parts of the code are executed by the interpreter (virtual machine) without being converted into native machine code. Generally, the reengineering of virtualized code requires the study of virtual machine architecture first, then it requires the creation of a disassembler that understands that architecture. Both processes are quite time-consuming and stops a great deal of crackers. Each time you protect the application, VMProtect generates a completely different set of virtual machines, so even if a cracker finally understand an architecture of the particular virtual machine, he has to start from the very beginning for the second protected procedure of the same file.
"Ultra" protection method
Ultra combines virtualization and mutation methods to make the protection even better. The protected code is being mutated first and then the result is virtualized.
tl;dr: There isn't a good 64bit debugger to crack denuvo.
https://www.reddit.com/r/denuvo/comments/4307at/denuvo_hows_it_coming_along/
Alcoholikaust
Member
Crack team hard at work to stop them
this sucks-
digitalrelic
Banned
wtf is "Tomb Raider: The Rise"?
Rise of the Tomb Raider.
entremet
Member
Pirate groups said that.
These folks are super smart but the use all that brainpower for free video games.
That's a bit unfortunate.
Leafhopper
Banned
Oh joy more bullshit and more restrictive DRM in the future. :|
A double entendre in the making.
The Janitor
Member
Corpsepyre
Banned
I don't think this will be a regular crack, but more of a SOLUTION, as the link says itself. Could very well be some sorta family-sharing technique that has been going around already.
LostDonkey
Member
Great. So now companies are going to try even harder to make games uncrackable, resulting in more and more DRM for the general end user.
It's a never ending vicious circle.
It's a never ending vicious circle.
NeoRaider
Member
digitalrelic
Banned
No, "Rise of the Tomb Raider" is "Rise of the Tomb Raider".
Agreed. I have no faith that denuvo won't detect Windows 15 as a "tamper". One of the huge reason I buy many games on PC is that I will with only minor effort get my games working on my PC 10 years from now.
Corpsepyre
Banned
It's also pretty stupid to announce the damn thing beforehand. If I'm planning to kill someone, I'm not going to tell everyone that it's what I'm planning. Denuvo will be laughing their asses off and working on V4 of their technology by now.
zephervack
Member
Wait a second, Denuvo doesnt check for online activation??
So whats exactly stopping all the pirates from buying the game on Steam, opening the game for 10 minutes, make Steam offline and never online again and just asking for a refund in another computer???
Thats why we cant have nice things
So whats exactly stopping all the pirates from buying the game on Steam, opening the game for 10 minutes, make Steam offline and never online again and just asking for a refund in another computer???
Thats why we cant have nice things
madstarr12
Member
Lol@ Tomb Raider, more like Tomb Raider: The Fallen
plagiarize
Banned
More like Windows 10 Store only confirmed.
Wait a second, Denuvo doesnt check for online activation??
So whats exactly stopping all the pirates from buying the game on Steam, opening the game for 10 minutes, make Steam offline and never online again and just asking for a refund in another computer???
Thats why we cant have nice things
Denuvo protects whatever DRM the game is using from being tampered with and side stepped. if the DRM in place checks for online activation, Denuvo will protect that check.
darkinstinct
...lacks reading comprehension.
Watch the solution be BUY THE GAMES.
Garrett Hawke
Member
Did that post say that the Steam and Origin exes are now protected by Denuvo?
Thanks, super interesting stuff.
When I hear people say that it sounds so disingenuous, to me it's like a historian fleecing a library, it just doesn't sit right with me
What are you even talking about?
It does though. I blocked the MGSV executable in my firewall so I don't have to deal with FOB shit and I had to get an activation code from a Denuvo-affiliated website after every patch.Wait a second, Denuvo doesnt check for online activation??
So whats exactly stopping all the pirates from buying the game on Steam, opening the game for 10 minutes, make Steam offline and never online again and just asking for a refund in another computer???
Thats why we cant have nice things
The Janitor
Member
This is pretty damning if true. The creator of 3Dmigoto also mentioned that it affects performance in Just Casue 3, so I don't trust Denuvo...
It may, but look at the console problem. We already have games that are long gone, and you're either left to being lucky enough to have it, or you have to not play by social rule of law to get it.
Is After Burner Climax preserved? What of the Games for Windows Live problem?
VolticArchangel
Member
Well, this was inevitable. Next iteration of Denuvo most probably in the works as we speak. The solution for a longer timeframe of preventing piracy than the last run is to have more players like Denuvo in the space and tighten up tbh. More competition, more mindfuckery for thieves, of course, with improved mod support (anything faster than the current scene with the JC3 MP mod is progressive actually, and not baby steps) for the paying consumer.
Publicity probably they have been oddly very talkative the last month or so.
Denuvo is a hell of a drug. DRM will just get stronger and hackers will have to step up their game. It's the nature of the beast. A forever tale of cat and mouse.
Honestly though, PC gaming is so cheap, I don't understand why any one would fuck with cracks and sketchy websites that have been known to install malicious software.
Honestly though, PC gaming is so cheap, I don't understand why any one would fuck with cracks and sketchy websites that have been known to install malicious software.
Especially odd since they claim in the same article they don't want credit for the crack (if it comes) because it would draw too much attention. I wonder if their behaviour can be considered trolling at this point?
Agreed. I don't condone piracy at all, but fuck DRM.
Just consider this: the day GFWL goes down, you can't play your legally bought copy anymore. If GFWL wasn't cracked, you couldnt ever play it again. Preservation is pretty damn important, yes.
I'm just saying alot of people probably use that reason in a conceited fashion
That's what Steam did. Make it more convenient and drive people away from piracy.
Im in the same boat I don't want any DRM on games.