VBA-M

Announce new emulators, discuss which games run best under each emulator, and much much more.

Moderator: General Mods

Post Reply
Nach
ZSNES Developer
ZSNES Developer
Posts: 3904
Joined: Tue Jul 27, 2004 10:54 pm
Location: Solar powered park bench
Contact:

Post by Nach »

Okay mudlord, the app is ready. Meet me on IRC for it.

You include a .h file, link against a .c file, and call a function internally inside the app, which you use to make the app fail if it doesn't return success.

Once compiled, you now run my program to "sign" the binary. Once signed, they can't make any changes to the binary, even compressing it, otherwise it'll bomb out when trying to run.

For them to bypass my signing, they'd need to:
A) Figure out how it's signed, and replicate the signing, which odds are, not happening.
B) Hack the code in the binary to skip over the protection routines, possible, but these people don't seem up to that, we'll see. If they bypass it like this, we can toughen it up a bit.
C) Compile from source. As we all know, this is near impossible, and they'd never do that. Why if they do this, we'll just have to let them continue with their stupid hacks :roll:

Oh and BTW, the signatures written into the binary are also covered by signatures, and unless you have my algorithms, you won't be able to modify any of them and keep the others in sync, since they all cover each other. Man, I love reading up PhD thesis crypto papers that everyone ignores :D
May 9 2007 - NSRT 3.4, now with lots of hashing and even more accurate information! Go download it.
_____________
Insane Coding
mudlord
has wat u liek
Posts: 559
Joined: Tue Sep 11, 2007 2:54 pm
Location: Banland.

Post by mudlord »

Awesome, and I was hoping of getting a small MFC GUI build update out. Perfect opportunity to see what they do eh?
AamirM
Regen Developer
Regen Developer
Posts: 533
Joined: Sun Feb 17, 2008 8:01 am
Contact:

Post by AamirM »

Hi,

I implemented AES some time ago and if you guys need it in protecion I can put it up for you.

stay safe,

AamirM
mudlord
has wat u liek
Posts: 559
Joined: Tue Sep 11, 2007 2:54 pm
Location: Banland.

Post by mudlord »

Thanks for the offer Aamir but I think our current ideas are more than enough. I think though AES is for pros, and since we aren't dealing with warez groups here, we don't need that level of binary protection.

Still, its very nice of you to want to help :)
DEFIANT
Joystick Jedi
Posts: 228
Joined: Wed Jul 28, 2004 3:43 am
Location: Portland, Oregon - USA

Post by DEFIANT »

I am sorry to say it but it looks like they cracked it.

http://www.freewebs.com/laterza/index.htm
[img]http://img259.imageshack.us/img259/2365/pirateuserbartv2.jpg[/img]
E=mc²
"People should not be afraid of their governments, governments should be afraid of their people." -V
[url=http://sc2.sourceforge.net/]The Ur-Quan Masters[/url]
I.S.T.
Zealot
Posts: 1325
Joined: Tue Nov 27, 2007 7:03 am

Post by I.S.T. »

Quote from their change log:
-fixed Direct3D/DirectDraw sequences
*Ahem*

BULLSHIT

Directdraw was removed quite a while ago. They're lying out their ass.

Edit: Oh, and they deleted their forums again. :lol: :lol: :lol:
mudlord
has wat u liek
Posts: 559
Joined: Tue Sep 11, 2007 2:54 pm
Location: Banland.

Post by mudlord »

I am sorry to say it but it looks like they cracked it.
I beg to differ, they are re-reshacking old releases.

Shame.
neo_bahamut1985
-Burninated-
Posts: 871
Joined: Mon Sep 10, 2007 11:33 pm
Location: Unspecified

Post by neo_bahamut1985 »

Uh, can we say "moron"? What're they trying to do, ruin VBA-M!?
俺はテメエの倒す男だ! 宜しく! お前はもう死んでいる...
mudlord
has wat u liek
Posts: 559
Joined: Tue Sep 11, 2007 2:54 pm
Location: Banland.

Post by mudlord »

Seems like it, or they just want me to quit.

I know several people that hate my guts and would do such a thing, just to get to me...
Nach
ZSNES Developer
ZSNES Developer
Posts: 3904
Joined: Tue Jul 27, 2004 10:54 pm
Location: Solar powered park bench
Contact:

Post by Nach »

Well, it seems they don't even have the skill to bypass a protection.

Repackaging an old release, that's nice and original.

On the other hand, byuu did bypass the protection within 10 minutes, that's what real developers do.

On the bright side, we now know for any new builds we have with new features we add, they won't be able to put out a ripped off version.
May 9 2007 - NSRT 3.4, now with lots of hashing and even more accurate information! Go download it.
_____________
Insane Coding
I.S.T.
Zealot
Posts: 1325
Joined: Tue Nov 27, 2007 7:03 am

Post by I.S.T. »

Nach wrote:On the other hand, byuu did bypass the protection within 10 minutes, that's what real developers do.
Don't you know? byuu is the god of emulation.

>.>
Deathlike2
ZSNES Developer
ZSNES Developer
Posts: 6747
Joined: Tue Dec 28, 2004 6:47 am

Post by Deathlike2 »

The proof is in the pudding... as they say.
Continuing [url=http://slickproductions.org/forum/index.php?board=13.0]FF4[/url] Research...
mudlord
has wat u liek
Posts: 559
Joined: Tue Sep 11, 2007 2:54 pm
Location: Banland.

Post by mudlord »

On the other hand, byuu did bypass the protection within 10 minutes, that's what real developers do.
Not bad...though if you have some reversing skill, it shouldnt be hard at all.

I'm interested with what byuu can do with Starforce, could take 10 hours, 10 days, 10 months (Splinter Cell 3 with SF lasted a year uncracked)....
byuu

Post by byuu »

MIDIs on a webpage? Is it still 1997?

Yeah, Nach asked me to test his protection earlier today. I gave him some suggestions that I strongly recommend you try for hardening things up a bit, but it's always 100x harder to protect an EXE than it is for someone with reverse engineering skills to crack it. You really shouldn't waste your time with these people.
I'm interested with what byuu can do with Starforce, could take 10 hours, 10 days, 10 months (Splinter Cell 3 with SF lasted a year uncracked)....
Starforce 3 bested me.

I hijacked the program entry point with a LoadLibrary call, eg DLL injection. From here, I patched back over the entry point so the program would pass its own initial checksum test. I also patched out IsDebuggerPresent, and then hooked Advapi32 calls to block the SoftICE check.

After that, I wrote my own single stepping debugger to let the program decrypt the first payload, and then successfully dumped the process memory to reveal the decrypted program.

From here, it tested to see if two .sys kernel-level drivers were installed, and if not, it would spawn them from the EXE, install them, and then activate them. For Win9x, it'd install VXDs. Scary when you realize those two kernel drivers run 24/7 on your PC.

I had the ability to patch these kernel drivers before they were created, and I could disassemble the drivers, albeit with no heuristics (kernel function call names and such), but I couldn't actively debug them, even with SoftICE. I would basically need a kernel-level debugger to continue, and that requires two machines.

At that point, I realized I was pretty much in over my head, and I really didn't care that much to continue. Could I have cracked it if I kept at it? Probably not. Still, it was a fun learning experience.
DEFIANT
Joystick Jedi
Posts: 228
Joined: Wed Jul 28, 2004 3:43 am
Location: Portland, Oregon - USA

Post by DEFIANT »

mudlord wrote:
I am sorry to say it but it looks like they cracked it.
I beg to differ, they are re-reshacking old releases.

Shame.
So their release is not a cracked version of 515? My bad. I was just pointing out what they had said on their site. Good to know your protection works. Hopefully what their doing won't discourage you from working on VBA. WE all know who has put the real time and effort into it. Many thanks to the VBA-M Team, from me as well, I'm sure, most of the emulation community.
[img]http://img259.imageshack.us/img259/2365/pirateuserbartv2.jpg[/img]
E=mc²
"People should not be afraid of their governments, governments should be afraid of their people." -V
[url=http://sc2.sourceforge.net/]The Ur-Quan Masters[/url]
DancemasterGlenn
Veteran
Posts: 637
Joined: Sat Apr 21, 2007 8:05 pm

Post by DancemasterGlenn »

DEFIANT wrote:Hopefully what their doing won't discourage you from working on VBA. WE all know who has put the real time and effort into it. Many thanks to the VBA-M Team, from me as well, I'm sure, most of the emulation community.
Gladly seconded. We really appreciate your hard work.
I bring the trouble.
Tallgeese
Justice is Blind
Posts: 620
Joined: Wed Jul 28, 2004 3:33 pm
Location: Test
Contact:

Post by Tallgeese »

I doubt something like this would discourage him. He sure doesn't look like Nightwolve.
I.S.T.
Zealot
Posts: 1325
Joined: Tue Nov 27, 2007 7:03 am

Post by I.S.T. »

Nightwolve, the guy who did the hacking on a few Ys translations?
Tallgeese
Justice is Blind
Posts: 620
Joined: Wed Jul 28, 2004 3:33 pm
Location: Test
Contact:

Post by Tallgeese »

He threw a massive tantrum when his near-complete Ys 6 patch he was giving to donators was leaked.
I.S.T.
Zealot
Posts: 1325
Joined: Tue Nov 27, 2007 7:03 am

Post by I.S.T. »

He killed the translation? that sucks.

Then again, it is time honored tradition in the emulation world...
grinvader
ZSNES Shake Shake Prinny
Posts: 5632
Joined: Wed Jul 28, 2004 4:15 pm
Location: PAL50, dood !

Post by grinvader »

Wasn't that the one asking for the smashed original disk ?
皆黙って俺について来い!!

Code: Select all

<jmr> bsnes has the most accurate wiki page but it takes forever to load (or something)
Pantheon: Gideon Zhi | CaitSith2 | Nach | kode54
funkyass
"God"
Posts: 1128
Joined: Tue Jul 27, 2004 11:24 pm

Post by funkyass »

mudlord, you should give this cloud duds credit for exemplar specimens of internet stupidity
Does [Kevin] Smith masturbate with steel wool too?

- Yes, but don’t change the subject.
I.S.T.
Zealot
Posts: 1325
Joined: Tue Nov 27, 2007 7:03 am

Post by I.S.T. »

And it's down now. freewebs must have found out about the GPL violations...
neo_bahamut1985
-Burninated-
Posts: 871
Joined: Mon Sep 10, 2007 11:33 pm
Location: Unspecified

Post by neo_bahamut1985 »

I.S.T. wrote:And it's down now. freewebs must have found out about the GPL violations...
Serves them right for trying to screw the VBA-M users over!
俺はテメエの倒す男だ! 宜しく! お前はもう死んでいる...
Nach
ZSNES Developer
ZSNES Developer
Posts: 3904
Joined: Tue Jul 27, 2004 10:54 pm
Location: Solar powered park bench
Contact:

Post by Nach »

I'm still able to access this page just fine.
http://www.freewebs.com/laterza/index.htm
May 9 2007 - NSRT 3.4, now with lots of hashing and even more accurate information! Go download it.
_____________
Insane Coding
Post Reply