| Page 2 of 3 |
|
|
 Posted: Fri, 31st Aug 2007 21:56 Post subject: |
|
 |
if you can deactivate an activation then an ghost hd image restores the activation you don't need to stay connected to play the game once its activated right?. thats why I said after you restore the ghost image block bioshock.exe , cause perhaps some info is shared and it will detect that the game activation was uninstalled/deactivated. so to bypas the activation limit this way should work. handing out the image won't work ,cause of the hardware check.
|
|
| Back to top |
|
|
|
|
| Posted: Fri, 31st Aug 2007 23:03 Post subject: |
|
|
...your really thinking too much into this lmao *grabs head from spinning*
|
|
| Back to top |
|
|
LeoNatan
☢ NFOHump Despot ☢
Posts: 73194
Location: Ramat Gan, Israel 🇮🇱
|
| Posted: Fri, 31st Aug 2007 23:49 Post subject: |
|
|
Hold on, say I have it installed, right? And I change a mobo, CPU, GPU, sound card and whatever else. Windows installation is the same. Is the activation revoked or does it stay activated?
If I have to uninstall in order to upgrade hardware then install again, lulz at the stupidity.
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 1st Sep 2007 02:37 Post subject: |
|
|
| Ignitionnet wrote: | | It's certainly the future of protections, the online activation element, and as the game is not cracked yet it's done its' job. |
the future of protections has been cracked. back to the drawing board.
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 1st Sep 2007 11:00 Post subject: |
|
|
This version perhaps but I'm sure we'll see more online activation in the future.
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 1st Sep 2007 17:11 Post subject: |
|
|
it hasn't been cracked it has been bypassed.
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Thu, 4th Oct 2007 08:40 Post subject: |
|
|
Yes there will probably a lot more of those "You either deinstall Daemon Tools or you have to activate your copy Online" Type of Protections. This will not only go for Securom, but also the Tages/Solidshield combinaton with Online Activation seems to be a strong sheme.
I guess DT will try to mask itself in future versions by renaming the driver etc. which will sooner or later lead to Online or Phone Activation Only Games, at least for the big publishers who can provide big call centers just for the heck of it.
Activation Only with no disc check will have alot advantages for the publisher/developer such as:
- No Leaks. Noone will care if an ISO of a popular Game will leak, as it wont run anyway with the activation servers being off. Not even a cracked copy might arise early, as it will possibly require the game to run to crack it.
- No Shop Advantages by early selling. The game will not run until the Activation Servers are up.
- P2P Clones and Scene Clone Groups will disappear on major titles, as they wont be able to emulate the Protection anymore
- Crackers, besides their ability to understand the protection, will possibly need a legit serial to fully unpack the protection. A simple Clone is not enough anymore.
It won´t look that good on the buyers side though. Activation Servers tend to be down or laggy once every while, and phone support might be busy.
Hence ... as much as i understand it from a developers point of view, i still cannot support it as a Buyer and i will continue to refuse buying games protected that way.
Still i can´t resist to share my gleeful feeling with you: The same ppl who were sayin that Cracking Groups are Useless cause there are Clones are now begging for a Settlers Crack because DT is being rendered useless by the 1.1 update.  Heck, they are even begging on the DT official Forums. Damn those leechers, haha.
All in all i guess that these new protections will make the Scene stronger in the long term. The wheat will seperate itself from the caff, clone groups will disappear. Good cracks will be honored again.
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
LeoNatan
☢ NFOHump Despot ☢
Posts: 73194
Location: Ramat Gan, Israel 🇮🇱
|
| Posted: Sun, 7th Oct 2007 01:10 Post subject: |
|
|
| Ignitionnet wrote: | Even now Bioshock is causing problems I see.
Release from FLT with a bad crack, crackfix from FLTDOX which has been nuked at group request, probably because it doesn't work.
It's quite entertaining watching the crackers trying to work their way through the protections when things like this happen.
As with everything badly implemented protection means an easy crack, protection well integrated into the code means a real biatch to break 
See if FLT have a permanent fix waiting in the wings, race is probably still on in a big way for first fully working Bioshock. |
Dude, a crack for BShock has been out for a long long time. The stupid scene and its crappy crackers are still fighting to properly crack it. Check out the ScenePwnd crack. |
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Sun, 7th Oct 2007 13:37 Post subject: |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Sun, 7th Oct 2007 13:52 Post subject: |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Mon, 8th Oct 2007 16:54 Post subject: |
|
|
is that on the securom site, or?
piracy isn't a hobby, it's a way of life
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
yoyoxp
Posts: 567
Location: Dublin
|
| Posted: Tue, 9th Oct 2007 19:15 Post subject: |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 21st Jun 2008 13:10 Post subject: |
|
|
I've done some poking around with this and I believe I have managed to reduce this down to a keygen problem by bypassing and spoofing the server. Unfortunately, I know very little outside of theory when it comes to this particular field. How it basically functions is that the game contacts the servers with two input codes, an apparently arbitrary code and your serial, and returns an "unlock code". This unlock code must somehow be mathematically validated by the client program. By spoofing the servers, you can bypass all the validity checking, but I don't have sufficient background in taking apart a SecuROM-encapsulated executable and ripping the authorization information out of it. If someone can extract the algorithm used, we are in business. Mass Defect and Spore are both likely to be susceptible. This method should remove the need to actually alter any core executables at all, leaving cracking as a mostly academic exercise performed for amusement.
Last edited by FloatyPenDude on Sat, 21st Jun 2008 13:14; edited 1 time in total
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 21st Jun 2008 13:14 Post subject: |
|
|
| FloatyPenDude wrote: | | I've done some poking around with this and I believe I have managed to reduce this down to a keygen problem by bypassing and spoofing the server. Unfortunately, I know very little outside of theory when it comes to this particular field. |
No kidding Sherlok. If you can emulate the securom servers, calculate the correct hw-key and make it return it, you can activate offline.
But who has the skills to do it ?
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 21st Jun 2008 13:17 Post subject: |
|
|
| VGAdeadcafe wrote: | | No kidding Sherlok. If you can emulate the securom servers, calculate the correct hw-key and make it return it, you can activate offline. |
Well, emulating the SecuROM servers is surprisingly easy. I've already managed to get it to accept arbitrary responses of my choosing, although so far, the only thing I can make is convincing rejections and messages which crash the game.
| VGAdeadcafe wrote: | | But who has the skills to do it ? |
Presumably, anyone who can write a keygen. I would think this is not quite as high a bar as trying to rip every last bit of SecuROM and its boobytraps from the executables itself for each and every edition of the each and every game. This is the hard part. The actual emulation is trivial. In my mind, this strikes me as a weaker protection than previous SecuROMs, given that it comes down to a simple keygen puzzle. All the information of what a valid returned key given a serial and a supplied hwid, which the program itself will supply, constitutes, is local to the client.
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 21st Jun 2008 13:27 Post subject: |
|
|
@ FloatyPenDude
How would someone make a keygen ? How to calculate the hardware-based key ? Brute-forcing is surely out of the question. And the actual calculation is being made at securom's servers.
I still think conventional unwrapping is the most successful way to go.
If you want to emulate something it should be the hardware info that securom gathers from the PC it runs on. So you can fake that and use the emulated server to return a key that you know it's correct (from the pc that the hw info actually is correct)
| Quote: |
All the information of what a valid returned key given a serial and a supplied hwid, which the program itself will supply, constitutes, is local to the client. |
Why ? Securom doesn't NEED to CHECK and COMPARE values. It just uses them for a decryption key ... if they are wrong ...
P.S.: All the above are my guesswork !
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 21st Jun 2008 13:31 Post subject: |
|
|
erm, the keygen puzzle as you call it is only the first part, to crack it properly you'd also then have to remove the securom protection which is there after the key stuff is done... i doubt a generic keygen for every single game protected with securom pa is possible, simply because the skill levels of the current crackers are well below what they used to be in the scene...
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 21st Jun 2008 13:41 Post subject: |
|
|
| evlncrn8 wrote: | | erm, the keygen puzzle as you call it is only the first part, to crack it properly you'd also then have to remove the securom protection which is there after the key stuff is done... |
Removal of SecuROM itself is a purely academic exercise if it can be simply undermined with a keygen based on a spoof activation server. I've been prodding this thing for a few days now. I already got it to activate cleanly on an MITM server, the only problem was that I had to feed an actual key seperately to the real server to get back the valid input because I haven't reversed the keygen process. History suggests that this approach has merit, given that Steam is also broken the same way.
| VGAdeadcafe wrote: | @ FloatyPenDude
How would someone make a keygen ? How to calculate the hardware-based key ? Brute-forcing is surely out of the question. And the actual calculation is being made at securom's servers. |
Well, hardware-key is calculated by the game and transmitted over the network, so it was easy to pick up. Same story with the serial. Given these two inputs, the server returns a valid "unlock code" which somehow must be understood by the game. In theory, the code that produces this validation is therefore buried in the game's guts much like any other serial validation. Unfortunately, failed codes simply terminate silently, which falls outside my limited experience in this field.
| VGAdeadcafe wrote: | | I still think conventional unwrapping is the most successful way to go. |
Not disparaging that as a possibility.
| VGAdeadcafe wrote: | Why ? Securom doesn't NEED to CHECK and COMPARE values. It just uses them for a decryption key ... if they are wrong ...
P.S.: All the above are my guesswork ! |
That is also a possibility. But as a pure decryption key, I am a little skeptical: First, the format is a bit too human-readable. In theory, the system could have been made much less invasive as a result, since the codes are in a format which COULD be transferred by email. Second, they're non-idempotent. I submitted the same HWID and key combination a dozen times, and every time I got back a different response. If it was a decryption key, then given the same inputs, wouldn't the results come back the same?
|
|
| Back to top |
|
|
| Page 2 of 3 |
All times are GMT + 1 Hour |
are still protected by the old securom CP ...)
