| Page 10 of 10 |
DaLexy
Posts: 3063
Location: Germany
|
 Posted: Sun, 1st Mar 2026 22:38 Post subject: |
|
 |
Assassins.Creed.Mirage.Valley.of.Memory-voices38
| Quote: | I heard that many of you don't like it in the hypervisor jail. voices38 to the rescue!
I thought the expansion of Assassin's Creed Mirage is good target to mature the tools. Next one will be 2025 denuvo. Thank you also to all who donated since last time. The goal is now above 50%.
Have fun & enjoy. |
NFO link
voices38.acm.the.valley.of.memory.iso - 59.61 GB
My SysProfile ッ
I ΓУPΞ LIҜΞ Д БФSS, УФЦЯ ДЯGЦMΞИΓ I$ IИVДLłD
|
|
| Back to top |
|
|
demde
Posts: 6556
Location: Lake Karachay
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
demde
Posts: 6556
Location: Lake Karachay
|
|
| Back to top |
|
|
DaLexy
Posts: 3063
Location: Germany
|
| Posted: Mon, 2nd Mar 2026 16:50 Post subject: |
|
|
Do you got some more than "Trust me Bro" cause i havent seen him cracking BF4, Requiem etc.
He grinded his way through the iterations of denuvo through the years - i dont see anything you described. When he made his poists in reddit they all were with not much text in it and sounded humble rather than aggressive, so not sure where you got the impression from.
And his first sentence is aimed at reddit, just look for HV topics who claim its a crack, those are the heated threads with informations for the average joe that this is not a crack at all and its a security risk to use them. Cause there are to many people who claim its a save thing with easy to revert changes and display lots of half assed knowledge to sell something they dont even know themselves how it works.
Im not aware that any of these releases has a HV bypass.
My SysProfile ッ
I ΓУPΞ LIҜΞ Д БФSS, УФЦЯ ДЯGЦMΞИΓ I$ IИVДLłD
Last edited by DaLexy on Mon, 2nd Mar 2026 16:55; edited 1 time in total
|
|
| Back to top |
|
|
harry_theone
Posts: 11366
Location: The Land of Thread Reports
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
DaLexy
Posts: 3063
Location: Germany
|
| Posted: Mon, 2nd Mar 2026 17:39 Post subject: |
|
|
And he isnt wrong, not sure what you interpret from that but cracking Denuvo involves skill in comparsion to a cheap wrapper/loader like HV is.
I did my fair share of research on HV cracks, HV sources and voices38 proper stuff and its night and day to see what has been accomplished by voices38. Its far more than just NOP some functions or fake a driver.
My SysProfile ッ
I ΓУPΞ LIҜΞ Д БФSS, УФЦЯ ДЯGЦMΞИΓ I$ IИVДLłD
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
DaLexy
Posts: 3063
Location: Germany
|
| Posted: Mon, 2nd Mar 2026 19:18 Post subject: |
|
|
True, so this is now the one for you - easy crackl and no ring -1 mumbo jumbo.
My SysProfile ッ
I ΓУPΞ LIҜΞ Д БФSS, УФЦЯ ДЯGЦMΞИΓ I$ IИVДLłD
|
|
| Back to top |
|
|
|
|
| Posted: Mon, 2nd Mar 2026 21:23 Post subject: |
|
|
Isn't he forgetting atomic heart?
|
|
| Back to top |
|
|
demde
Posts: 6556
Location: Lake Karachay
|
|
| Back to top |
|
|
DaLexy
Posts: 3063
Location: Germany
|
| Posted: Tue, 3rd Mar 2026 08:02 Post subject: |
|
|
Give me details, those are his releases and making a proper crack is nothing wrong - scene does it all the time.
I did some more research on his Mirage crack and its impressive work, his voices38.dll with all the fancy stuff is a proper framework as it hasnt changed since 6 months. I did some reversing and denuvo is gone like it should, no bogus stuff or misplaced stuff that would make you worry.
That doesnt mean the hard work is now simple, it isnt as you still need to find all the denuvo pointers to intercept. But its looking like we are nearing the time were 0day denuvo cracks can be a reality.
But you gave me an idea for some more comparsions i can make to see if this is Empress/Voksi as you claim (and i doubt).
//EDIT
Checked the old Anno 1800 crack from Empress and voices38 new one.
Technically, the two are completely different. EMP.dll dates from July 2020, has its own sections named .EMP, .emp0, and .emp1, and a hardcoded Base64 token blob as a string directly in the DLL - Empress has statically embedded the Denuvo token.
Voices38 generates the key dynamically at runtime: it's even stated in the voices38.ini file as "this_key_is_auto_generated_by_the_crack_do_not_modify".
This is a fundamentally different approach.
Furthermore, Empress was still using the old Ubisoft Connect R1 API, while voices38 uses R2, which alone demonstrates that these are different eras: 2020 vs. 2026. Not 100% sure if Anno switched completly to R2 with a certain Update.
I only found 0xZeOn Crackfix of Empress (v2!?). The dbgcore.dll contains an extra section called .ZeOn, which includes self-modifying code and is labeled CS.RIN.RU 0xZeOn. So, 0xZeOn took Empress's EMP.dll, repackaged it, and added its name. Just a sidenote.
In short, different toolchains and completely different techniques. This theory doesn't hold up technically that Empress/Voksi are voices38.
Also fun sidenote: Empress uses the username EMPRESS, the email PIRATEQUEEN@irdeto.com, and a TicketId "YOUCANNOTTAKEFREEDOMAWAY" - classic Empress style, theatrical and political. Irdeto is the parent company of Denuvo, so it's a direct jab. You dont find anything like that anywhere in voices38 files.
My SysProfile ッ
I ΓУPΞ LIҜΞ Д БФSS, УФЦЯ ДЯGЦMΞИΓ I$ IИVДLłD
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
demde
Posts: 6556
Location: Lake Karachay
|
| Posted: Tue, 3rd Mar 2026 11:09 Post subject: |
|
|
| DaLexy wrote: | | Give me details, those are his releases and making a proper crack is nothing wrong - scene does it all the time. |
I never said its wrong, only thing I said is that he was clearly triggered by the HV releases and by anyone else sharing some attempt at cracking a game with Denuvo, goes to prove himself when there is no need to do so.
This is entirely my opinion I don't need nor do i care to convince anyone.
AMD Ryzen 7 7800X3D / MSI Gaming X Slim GeForce RTX 4080 SUPER / ASRock B650 PRO RS / Arctic Liquid Freezer III 360 / G.Skill Trident Z5 Neo 2x16GB DDR5-6000 CL30 / Samsung 980 Pro 2 TB / SeaSonic VERTEX GX-850 850W Gold / Lian Li LANCOOL 216
|
|
| Back to top |
|
|
DaLexy
Posts: 3063
Location: Germany
|
| Posted: Tue, 3rd Mar 2026 15:23 Post subject: |
|
|
| demde wrote: | | DaLexy wrote: | | Give me details, those are his releases and making a proper crack is nothing wrong - scene does it all the time. |
I never said its wrong, only thing I said is that he was clearly triggered by the HV releases and by anyone else sharing some attempt at cracking a game with Denuvo, goes to prove himself when there is no need to do so.
This is entirely my opinion I don't need nor do i care to convince anyone. |
I think you are kinda snowflakey here and see things that arent real, starting with him being Empress or Voksi or that he got triggered bei HV stuff.
| Immunity wrote: | Whoever he is, it's good to hear that not all the talent has dried up, retired, or moved on. Whether it's fresh blood or some old-school guy from an age long past, he's keeping the spirit alive and that's all that matters.
 |
Yes, absolutly - In these times its good to see that he has the tools, skills and is fast in releasetimes. The only good thing with the HV stuff is that Denuvo has now a barrier they cant really break as rootkits are a nogo like weve seen before on Starforce and Sony ADAC, and they need a lowlevel access if they want to keep the pace.
Next steps Denuvo could take (and probably are already on it).
1. RDTSC-based timing detection
HV introspection adds measurable latency to ring-0 transitions. Denuvo could embed tight timing loops that statistically trip when running under a hypervisor. Downside: experienced bypass authors can calibrate or spoof timing deltas relatively easily.
2. Increased VM pass count
Not about hurting legitimate users - but about making HV-based emulation impractical. If each launch requires N VM iterations and Denuvo cranks N up significantly, any bypass that has to faithfully emulate every pass becomes too slow to be usable. The overhead only truly bites the emulator, not native hardware.
3. Larger/more complex vtables
More methods in the COM interface means more intercept points a bypass must fully cover. Any gap in coverage - a method returning an unexpected value - becomes a detection vector. Completeness gets exponentially harder to maintain as the interface grows.
4. TPM 2.0 attestation
The strongest approach and the only one that's fundamentally HV-resistant. TPM operations run below the hypervisor layer - a HV can't transparently spoof TPM responses without compromising firmware. Intel TDX and AMD SEV-SNP push this further by creating trusted execution environments that remain opaque even to a privileged hypervisor. If Denuvo tied token validation to a hardware attestation quote, no software-only bypass could satisfy it.
5. Polymorphic functional watermarks (separate topic)
Not for HV prevention, but for post-crack attribution - embed game-logic-level watermarks that survive any bypass and identify which copy was cracked.
The last option is more of a brainstorm i had in regards to what a next DRM could be in line. Remember Ubersoldier where the crack was almost as big as the game - something like that but on a codebasis rather than filebased watermarking. Its not save from cracking but the work included is much higher in comparsion.
Point 4 has the downside that you have to be online at all times to work properly, no internet = no games.
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Tue, 3rd Mar 2026 17:11 Post subject: |
|
|
Everything points to TPM 2.0 as next step for Denuvo. They don't care anymore if some hardware gets locked out and always online is seen as a feature by the stupid shortsighted publishers anyway.
And after that, its gonna be AI vs. AI
|
|
| Back to top |
|
|
DaLexy
Posts: 3063
Location: Germany
|
|
| Back to top |
|
|
|
|
| Posted: Wed, 4th Mar 2026 00:18 Post subject: |
|
|
| Shocktrooper wrote: | Everything points to TPM 2.0 as next step for Denuvo. They don't care anymore if some hardware gets locked out and always online is seen as a feature by the stupid shortsighted publishers anyway.
And after that, its gonna be AI vs. AI |
And as always, money will win.
|
|
| Back to top |
|
|
| Page 10 of 10 |
All times are GMT + 1 Hour |
