Jump to content
Tuts 4 You

CPU "Features"


ixiodor

Recommended Posts

Hi guys,
I heared about DENUVO that uses a CPU bound code to make it harder to crack, some code that run only on your CPU. So i was looking for some nice trick and testings tring to emulate that.
I started using CPUD changing values in EAX, my curiosity was on:
 

MOV EAX, 0Bh
CPUID

This give me some values, including in EDX wich core is executing that CPUID. (core1 - core2 etc)

BUT
i found this "feature" , if you do:
 

MOV ECX, 100h
MOV EAX, 0Bh
CPUID

You reset all your registers and you get only a value in EDX, where is showed your current core...
Is that normal??
I have a i7-2600, can someone with different CPU try if have same results?

Link to post
mrexodia

The Denuvo thing is probably utter horseshit (especially if you read this on reddit).

Anyways, you can find the documentation of the CPUID here: http://x86.renejeschke.de/html/file_module_x86_id_45.html

On my PC, it clears EAX, EBX, ECX, EDX (which are registers that CPUID puts results in according to the documentation). It doesn't clear any other registers:

3tfvpj4.png

Greetings

  • Like 2
Link to post
mrexodia

CPY didn't unpack denuvo, they hooked some stuff to bypass license and integrity protections :D

  • Like 1
Link to post
arlequim

Wow, they did even better. Thanks for info Mr.eXoDia ;)  Although i dont know at all this protector, i think they chose the most intelligent tactic and cracking approach, i mean no unpack and secured result :)

Link to post
evlncrn8

uses a fair bit more than just cpuid information like hdd info (boot drive serial number, and videocard data enum) to name a few

Link to post
  • 2 weeks later...
On 3/19/2016 at 8:48 AM, evlncrn8 said:

uses a fair bit more than just cpuid information like hdd info (boot drive serial number, and videocard data enum) to name a few

Anyone confirmed what info is actually used in denuvo(VMProtect) ?

Link to post
  • 2 months later...
evlncrn8

well for the ea stuff, its the same thing in denuvo - hdd serial, video card enum, computer name etc, all built up into a hash.. for the steam stuff, steam user id etc along with he usual cpuid stuff securom used..

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...