Wednesday, August 27, 2014

Everybody trying to discourage me.

I've noticed that lately a lot of people are trying to discourage me from trying to crack SecuROM. One of the securom developers himself told me to give up. And a bunch of other people.

It's definitely a confidence breaker, but I will get over it. Meanwhile, give up on trying to make me give up ;)

Tuesday, August 19, 2014

Changing times.

Initially this blog was more about compiling various stuff under Windows that would give you a headache, hence the compile-tips in the name(and my two first blog posts which highlight this), but as time passed I gained a passion for reverse engineering, and instead of making a new blog, I decided to reuse this one.

I do plan to write about compilation and all that, but for the time being my focus is on reverse engineering.

Saturday, August 16, 2014

Found the input code in Crysis 3

Because there are things I needed to do, I decided to search for the input loop, that fetches input from the mouse, I found it through a lot of effort, it was hard because the DirectInput class exposes an interface, which as you know would be virtual methods implementing the interface, so there would be a vtable with pointers, and there was no way to know for sure which function was CreateDevice,GetDeviceState, so I had to code my own DirectInput samples to find this out.

After quite a lot of while

[Image Deleted].

Obviously, a lot is left to explore, as there is something I want to achieve by finding this piece of code.

Friday, August 15, 2014

Spotcheck/Triggers in SecuROM.

Spotcheck/Triggers are what the developer of SecuROM, Robert Yates, calls the piece of code which is responsible for altering the game if tampering of any kind is detected.

Altering like making the final boss in Crysis 3 invincible, or making the ball in Fifa 14 unusually large. These are not bugs/glitches, they are intentional. They are, however not always caused by tampering with the game, but sometimes because of an installation gone wrong with the game, and usually a reinstall should resolve this. Worst case scenario, it's because of some piece of malware running on the system.

Once I was able to run the game under a debugger, it would suddenly get terminated after a while. I identified two threads that were responsible for this and brutally killed them, this didn't affect the game and it was no longer being terminated.

CarpVM, a Virtual Machine in C

Finally, somebody went and wrote it. Link to GitHub. This VM can be used as an obfuscation technique. I was building my own, but things got sidetracked. But this one is on another level.