I cracked a $200 software protection with xcopy

Is it not more "VST author just does the bare minimum to keep honest people honest, because more invasive DRM risks ruining a live performance"? I'm not understanding why TFA author has such an attitude about this. Is the VST author a horrible person or running a toxic business model or something?

This is definitely just me, but the diagram with "motivation to buy" was amusing to me. I (try to) refuse to be manipulated by these tactics - if I think the software is worth buying, I will purchase and use it, otherwise I will look elsewhere! Nothing sets my "motivation to buy" to zero quicker than aggressive, "uncrackable" DRM. In fact, it usually skyrockets my "motivation to reverse", whether or not I actually need the thing (though usually this is overruled by having better things to do with my time).

Personally, I would change the article to anonymize the actual plugin that was cracked. The plugin author seems to be a solo dev/musician, actually more a musician than a developer, which might explain the poorly implemented copy protection*. But they're good at crafting sounds, and that's what they're selling. Or trying to sell. Or taking donations for, by the way: https://ko-fi.com/bassbullyvst

* I highly doubt it was deliberate as some others are suggesting.

> I cracked a $200 software protection

No, not really. You "cracked" some random guy's $20 VST plugin. You never actually cracked Enigma Protector. The article started talking about cracking it then pivoted at the end to "I wrote a Python script to copy files from the installer" and said "the protection itself works fine"

author here. the irony is enigma protector's documentation literally explains how to add runtime checks to your payload. they just... didn't read it

Hi, I am the developer of Bass Bully Premium and I wanted to clarify a few things from my perspective.

I chose to protect only the installer with a simple lock-door method because my priority has always been stability and performance, especially at runtime. In the VST and plugin world, heavy or aggressive DRM can cause glitches or failures during a live performance. That risk felt far more harmful to my paying customers than the risk of casual piracy.

I understand that reverse engineering is part of how some people learn, and I am not here to criticize that. But when a post becomes a look-at-how-I-cracked-this thread, especially one that singles out a small independent developer, it starts to feel like a hit piece rather than a technical discussion.

The protection was minimal. It could be cracked. Maybe I should have done more. But this was not about being stingy with security. It was about delivering a stable and reliable plugin to real users without introducing bugs, system conflicts, or performance issues that can come from heavier protection systems.

I appreciate honest technical discussion and feedback. I also hope people understand that not every developer has a large team or a big budget. Many of us have to balance protection with usability, and for me, making music was more important than building an unbreakable DRM wall.

For some context, the original Bass Bully plugin started as a free release. It unexpectedly went viral, and users reached out asking for a more premium version with more sounds and features. I created Bass Bully Premium because the demand was there. It ended up being used in the production of Playboi Carti’s music, which later led to a collaboration VST with his producer wakeupf1lthy. The plugin also made its way onto Lil Wayne’s Carter album through producer Keyboard Kid.

If you like the plugin and it helps your workflow, supporting it by buying a legitimate license goes much further than any crack-test ever will.

Thanks for taking the time to read this.

Josh, Director Bass Bully VST https://www.bassbullyvst.com/

For VST performance and timing is important so you can't protect the actual plugin

> no winhttp.dll, wininet.dll, or ws2_32.dll. offline validation only. all crypto is local, so theoretically extractable.

You can't possibly know that by the mere lack of these DLLs from the import directory.

For $200 how many casual pirates does it have to dissuade to pay for itself. Not many. At that price it doesn’t need to be very good.

Is this LLM slop? One cannot truncate RSA signatures and still check them. The sample hook code is nonsense, it lacks an address to hook (and would break Enigma‘s self-checks). The sentence structure and all lower-case looks like a bad prompt attempt to hide LLM usage.

  #include <windows.h>
  #include <detours.h>
  
  static int (WINAPI *Real_EP_RegCheckKey)(LPCSTR, LPCSTR) = NULL;
  
  int WINAPI Hooked_EP_RegCheckKey(LPCSTR name, LPCSTR key) {
      return 1;
  }
  
  BOOL APIENTRY DllMain(HMODULE hModule, DWORD reason, LPVOID lpReserved) {
      if (reason == DLL_PROCESS_ATTACH) {
          Sleep(2000);
          DetourTransactionBegin();
          DetourUpdateThread(GetCurrentThread());
          DetourAttach(&(PVOID&)Real_EP_RegCheckKey, Hooked_EP_RegCheckKey);
          DetourTransactionCommit();
      }
      return TRUE;
  }

Nice going Jean, after you've scammed people out of thousands of dollars, associated with known furry pedophiles, your membership in a skid gang, leeching off your parents money in France to remove your dox and steal even more money from them so you can make a new startup every month while larping about living lavishly. We know what you did.