top | item 46852620

(no title)

sedatk | 28 days ago

Of course it used to be simple in the earlier days. It got way better and fast with HASP and alike in the mid 90’s. I specifically remember software that kept a portion of its data in the dongle memory with good anti-debugging techniques too. But even the hardest protection would take a week to break at most.

discuss

unnouinceput|28 days ago

Tell that to the crackers who worked for over a year to simulate a social network in order to finally crack the game Red Dead Redemption 2, which had a very custom game protection implemented by Rockstar. Also to this day there is no crack to Diablo 3, famous for being single player but with online verification. You can create very hard to crack protections quite easy if you employ self-modifying code techniques. Do you have any idea how hard is to debug code that overwrites itself in memory and that cannot be patched by modifying the existing code from disk? The reason why this is not more common is because the more iterations you do, the harder is to create those iterations, which means you add a lot of time to create the protection which means that you need to have a finished code, and code is always modified by production team, so managers see this overtime unnecessary.

sedatk|27 days ago

> Do you have any idea how hard is to debug code that overwrites itself in memory and that cannot be patched by modifying the existing code from disk?

Even the protection code in the 90’s had self-modifying code. It’s not novel or specifically hard to work with when you’re used to it, especially with modern tooling.

What makes some games harder to crack is that testing that they work okay throughout. That might mean playing all the game from the beginning to the end, and trying all the scenarios, and fixing all the issues found. Assuming that RDR2 takes at least 20 hours to finish, and close to 100 hours to fully complete, that’s a huge undertaking of course. It’s no surprise that it took that long.

self_awareness|27 days ago

> The reason why this is not more common

The real reason is that executable modifying its own code is often flagged by AV, or the OS itself, as an "insecure" activity. Since self-modification is used in attacks and exploits, good protections rarely use it now. It's impossible to use codesigns with self-modified code.

71bw|28 days ago

>Also to this day there is no crack to Diablo 3

Look into Blizzless :-)

sintax|27 days ago

Out of curiosity googled for Sentinel (which was one of the other dongles back then), seems somebody is now providing a bypass/emulation service: https://sentineldongle.com/ (not affiliated with this, just googled Sentinel like 5 minutes ago and this showed up).