Jump to content
Tuts 4 You
Ronar22

Denuvo - In The News

Recommended Posts

XenocodeRCE

That dates you for sure

Share this post


Link to post
Share on other sites
Apuromafo

other new:
https://layer13.net/rls?id=7905532
 

RELEASE NAME ───────■   Constructor-CPY                                 
        RELEASE DATE ───────■   14/06/2017                                      
        SHOP RELEASE DATE ──■   26/05/2017                                      
        RELEASE TYPE ───────■   GAME                                            
        KIND ───────────────■   Simulator                                       
        FORMAT ─────────────■   ISO                                             
        PROTECTION ─────────■   Steam + Denuvo v4 x86                           
        FILES N ────────────■   41x100   

 

  • Like 5

Share this post


Link to post
Share on other sites
Blah
https://torrentfreak.com/the-evil-within-2-used-denuvo-then-dumped-it-before-launch-171013/

 

https://torrentfreak.com/deep-down-games-pirates-love-enemies-like-denuvo-171022/

 

Edited by Blah (see edit history)
  • Like 1

Share this post


Link to post
Share on other sites
Blah
https://torrentfreak.com/the-evil-within-2-used-denuvo-then-dumped-it-before-launch-171013/

https://torrentfreak.com/assassins-creed-origin-drm-hammers-gamers-cpus-171030/

Assassins Creed Origin DRM Hammers Gamers’ CPUs

Assassin's Creed Origins gamers are reporting massive CPU utilization. While the game is said to be quite resource-hungry already, game cracker Voksi informs TorrentFreak that anti-piracy efforts are to blame. With Denuvo in trouble, Ubisoft has called in reinforcements which are reportedly dragging down all but the most powerful machines. "It's anti-consumer and a disgusting move," he says.

denuvo.jpgThere’s a war taking place on the Internet. On one side: gaming companies, publishers, and anti-piracy outfits. On the other: people who varying reasons want to play and/or test games for free.

While these groups are free to battle it out in a manner of their choosing, innocent victims are getting caught up in the crossfire. People who pay for their games without question should be considered part of the solution, not the problem, but whether they like it or not, they’re becoming collateral damage in an increasingly desperate conflict.

For the past several days, some players of the recently-released Assassin’s Creed Origins have emerged as what appear to be examples of this phenomenon.

“What is the normal CPU usage for this game?” a user asked on Steam forums. “I randomly get between 60% to 90% and I’m wondering if this is too high or not.”

The individual reported running an i7 processor, which is no slouch. However, for those running a CPU with less oomph, matters are even worse. Another gamer, running an i5, reported a 100% load on all four cores of his processor, even when lower graphics settings were selected in an effort to free up resources.

“It really doesn’t seem to matter what kind of GPU you are using,” another complained. “The performance issues most people here are complaining about are tied to CPU getting maxed out 100 percent at all times. This results in FPS [frames per second] drops and stutter. As far as I know there is no workaround.”

So what could be causing these problems? Badly configured machines? Terrible coding on the part of the game maker?

According to Voksi, whose ‘Revolt’ team cracked Wolfenstein II: The New Colossus before its commercial release last week, it’s none of these. The entire problem is directly connected to desperate anti-piracy measures.

As widely reported (1,2), the infamous Denuvo anti-piracy technology has been taking a beating lately. Cracking groups are dismantling it in a matter of days, sometimes just hours, making the protection almost pointless. For Assassin’s Creed Origins, however, Ubisoft decided to double up, Voksi says.

“Basically, Ubisoft have implemented VMProtect on top of Denuvo, tanking the game’s performance by 30-40%, demanding that people have a more expensive CPU to play the game properly, only because of the DRM. It’s anti-consumer and a disgusting move,” he told TorrentFreak.

Voksi says he knows all of this because he got an opportunity to review the code after obtaining the binaries for the game. Here’s how it works.

While Denuvo sits underneath doing its thing, it’s clearly vulnerable to piracy, given recent advances in anti-anti-piracy technology. So, in a belt-and-braces approach, Ubisoft opted to deploy another technology – VMProtect – on top.

VMProtect is software that protects other software against reverse engineering and cracking. Although the technicalities are different, its aims appear to be somewhat similar to Denuvo, in that both seek to protect underlying systems from being subverted.

“VMProtect protects code by executing it on a virtual machine with non-standard architecture that makes it extremely difficult to analyze and crack the software. Besides that, VMProtect generates and verifies serial numbers, limits free upgrades and much more,” the company’s marketing reads.

VMProtect and Denuvo didn’t appear to be getting on all that well earlier this year but they later settled their differences. Now their systems are working together, to try and solve the anti-piracy puzzle.

“It seems that Ubisoft decided that Denuvo is not enough to stop pirates in the crucial first days [after release] anymore, so they have implemented an iteration of VMProtect over it,” Voksi explains.

“This is great if you are looking to save your game from those pirates, because this layer of VMProtect will make Denuvo a lot more harder to trace and keygen than without it. But if you are a legit customer, well, it’s not that great for you since this combo could tank your performance by a lot, especially if you are using a low-mid range CPU. That’s why we are seeing 100% CPU usage on 4 core CPUs right now for example.”

The situation is reportedly so bad that some users are getting the dreaded BSOD (blue screen of death) due to their machines overheating after just an hour or two’s play. It remains unclear whether these crashes are indeed due to the VMProtect/Denuvo combination but the perception is that these anti-piracy measures are at the root of users’ CPU utilization problems.

While gaming companies can’t be blamed for wanting to protect their products, there’s no sense in punishing legitimate consumers with an inferior experience. The great irony, of course, is that when Assassin’s Creed gets cracked (if that indeed happens anytime soon), pirates will be the only ones playing it without the hindrance of two lots of anti-piracy tech battling over resources.

The big question now, however, is whether the anti-piracy wall will stand firm. If it does, it raises the bizarre proposition that future gamers might need to buy better hardware in order to accommodate anti-piracy technology.

Share this post


Link to post
Share on other sites
evlncrn8

yeh i think denuvo's claims that they dont impact performance have now been proven to be bullshit... though ubi did go a wee bit over the top 

  • Like 2

Share this post


Link to post
Share on other sites
Blah
Quote

https://torrentfreak.com/denuvo-has-been-sold-to-global-anti-piracy-outfit-irdeto-180123/

Denuvo, the company behind the world's most famous video game anti-piracy system, has been sold. The buyer is global anti-piracy outfit Irdeto, which specializes in protecting all kinds of content, with an emphasis on the audio-visual sector. The news comes a day after Denuvo's latest protection was defeated by pirates after a couple of months in the wild

 

etc etc

 

 

  • Like 4

Share this post


Link to post
Share on other sites
JohnWho

Did Denuvo directly work with the VMProtect crew on implementing the dual protection or did Ubisoft themself apply the VMProtect layer ontop of the Denuvo protected game?

On a side note, game devs should have a "software protection" specialist on the team and implement anti hack/crack/piracy features directly into the game core.

Edited by JohnWho (see edit history)
  • Like 1

Share this post


Link to post
Share on other sites
atom0s

A while back Denuvo was being accused of stealing / using VMProtect's stuff without permission but it was debunked by VMProtect themselves stating that Denuvo had a valid license to use it and such. So it's probably part of Denuvo itself and not something done by Ubi. 

Share this post


Link to post
Share on other sites
Extreme Coders

 

  • Like 2
  • Thanks 3

Share this post


Link to post
Share on other sites
joker33337
On 2/7/2018 at 7:48 PM, Extreme Coders said:

 

Just so people know - a dump made this way will contain license information possibly tied to your PC and Steam account

By the way, attaching system .dll headers to your dump and manually patching CPUID without a good way to determine if they're actual instructions instead of data feels really wrong to me :unsure: never mind you can miss some if they are encrypted and only decrypted in place at runtime

  • Thanks 1

Share this post


Link to post
Share on other sites
deepzero

Yeah that seems like a mediocre crack, easily fooled by a few randomly triggered checks, he also leads on he cant devirtualize it properly... Anyways props for him for makeing this public, more than most others did so far...

  • Like 1
  • Thanks 1

Share this post


Link to post
Share on other sites
Blah

heres the story as of now

 

https://torrentfreak.com/voksi-releases-detailed-denuvo-cracking-video-tutorial-180210/

 

Quote

Voksi Releases Detailed Denuvo-Cracking Video Tutorial

  • on February 10, 2018
 

Over the past few years, the name Voksi has become synonymous with game cracking, in particular when it comes to anti-Denuvo activities. This week the talented Bulgarian released a 90-minute video in which he reveals how he cracked V4 of the infamous anti-tamper technology. TorrentFreak caught up with him for the lowdown.

etc etc etc

Quote

 

 

 

 

Edited by Blah (see edit history)
  • Thanks 1

Share this post


Link to post
Share on other sites
JustAGuy
Posted (edited)
On 09/02/2018 at 10:00 AM, joker33337 said:

Just so people know - a dump made this way will contain license information possibly tied to your PC and Steam account
 

 

I remember scene groups (PROPHET one of them)  embedding unique licence file into a main game executable , seems nobody bothers about  being identified....it was other known commercial game protection system .....not denuvo

Edited by JustAGuy (see edit history)
  • Like 1

Share this post


Link to post
Share on other sites
Blah

Latest Denuvo Anti-Piracy Protection Falls, Cracker ‘Voksi’ On Fire

July 6, 2018

 

https://torrentfreak.com/latest-denuvo-anti-piracy-protection-falls-cracker-voksi-on-fire-180706/

 

 

heres the story as of now

 

https://torrentfreak.com/voksi-releases-detailed-denuvo-cracking-video-tutorial-180210/

 

Quote

Voksi Releases Detailed Denuvo-Cracking Video Tutorial

  • on February 10, 2018
 

Over the past few years, the name Voksi has become synonymous with game cracking, in particular when it comes to anti-Denuvo activities. This week the talented Bulgarian released a 90-minute video in which he reveals how he cracked V4 of the infamous anti-tamper technology. TorrentFreak caught up with him for the lowdown.

etc etc etc

Quote

https://torrentfreak.com/denuvo-has-been-sold-to-global-anti-piracy-outfit-irdeto-180123/

Denuvo, the company behind the world's most famous video game anti-piracy system, has been sold. The buyer is global anti-piracy outfit Irdeto, which specializes in protecting all kinds of content, with an emphasis on the audio-visual sector. The news comes a day after Denuvo's latest protection was defeated by pirates after a couple of months in the wild

 

etc etc

 

 

Share this post


Link to post
Share on other sites
JohnWho
Quote

Denuvo's latest protection was defeated by pirates after a couple of months in the wild

 

Sounds like it did it's job

Share this post


Link to post
Share on other sites
chickenbutt
Posted (edited)

I'm one of a small hand full of people who find it extremely obnoxious that there is so much hype over yet another inline-VM protector

 

As someone who has an IDA database of VM handlers and stage-keys for a lot of the modern AAA game protectors I think the Ubisoft scheme of streaming-execution via VM proxy handlers is as advanced as you'll ever see without implementing something like hardware isolation.. Then you will just get hardware hackers involved because blackbox elements on x86 triggers rights activists(HDCP and TPM attacks)..

From what CPY members are saying Denuvo 5.0 has NOTHING new over Tages or SecuRom they just needed to build tools and databases for a different scheme..

 

EDIT: Also.. Engine API for protection checks in virgin code has been common for decades.. Well.. Maybe 1.5 decades..

Edited by chickenbutt (see edit history)
  • Like 1

Share this post


Link to post
Share on other sites
joker33337
1 hour ago, chickenbutt said:

I'm one of a small hand full of people who find it extremely obnoxious that there is so much hype over yet another inline-VM protector

 

As someone who has an IDA database of VM handlers and stage-keys for a lot of the modern AAA game protectors I think the Ubisoft scheme of streaming-execution via VM proxy handlers is as advanced as you'll ever see without implementing something like hardware isolation.. Then you will just get hardware hackers involved because blackbox elements on x86 triggers rights activists(HDCP and TPM attacks)..

From what CPY members are saying Denuvo 5.0 has NOTHING new over Tages or SecuRom they just needed to build tools and databases for a different scheme..

 

EDIT: Also.. Engine API for protection checks in virgin code has been common for decades.. Well.. Maybe 1.5 decades..

CPY never stated anything about how it compares to earlier protections in their NFO. Unless you have contacts in the scene to know? Why are they MIA since the FC5 crack then?

I think Denuvo achieved a small success, the protection takes time when cracking scene-proper way (unlike the latest buggy cracks that resort to using a driver to spoof hardware), it's not online besides the activation (unlike the Ubisoft protection which pissed gamers off) and it doesn't install any shit like drivers. But it's also probably because nobody really gives a fornication about game cracking anymore.

Next gen protections are probably going to be SGX or hypervisor isolation based.

  • Like 1

Share this post


Link to post
Share on other sites
deepzero
Quote

just needed to build tools and databases for a different scheme..

I dont think they are shooting for more than that...

Share this post


Link to post
Share on other sites
chickenbutt
On 7/19/2018 at 1:25 PM, joker33337 said:

CPY never stated anything about how it compares to earlier protections in their NFO. Unless you have contacts in the scene to know? Why are they MIA since the FC5 crack then?

I think Denuvo achieved a small success, the protection takes time when cracking scene-proper way (unlike the latest buggy cracks that resort to using a driver to spoof hardware), it's not online besides the activation (unlike the Ubisoft protection which pissed gamers off) and it doesn't install any shit like drivers. But it's also probably because nobody really gives a fornication about game cracking anymore.

Next gen protections are probably going to be SGX or hypervisor isolation based.

IRC and also what 3DM said about "64bit encryption machine".. In addition to what I've seen through light static analysis and network monitoring. Remember that Securom and Starforce and Tages were layer-encrypted VM too. Denuvo just copied Ubisoft a little a schedules streaming VM stack frames and encryption data..

On 7/19/2018 at 3:49 PM, deepzero said:

I dont think they are shooting for more than that...

I don't know. I just think all the !!!!DENUVO FOUND A NEW WAY OBFUSCATE INSIDE A PE!!! hype is retarded

Share this post


Link to post
Share on other sites
chickenbutt
Posted (edited)

If it's true it's confusing.. How can you reverse complex binaries without first learning basic network security? I can see it with those people who make headlines for using Kali and SQLmap to break in to stuff, or .NET or PowerShell to write malware, but RE people are suppose to be superior.

 

I actually suspect a lot of people get busted using OS and AV telemetry which is still a laziness issue. Most people know better than to trust VPN or TOR or SOCKS5 exit nodes and implement PSK with SSH or a decent key-exchange, and strong protection on remote attack vectors(full stack protection, ASLR, KASLR, NX, CET, AuthentiCode, PatchGuard etc..)

 

EDIT: I'd actually love to see a case where shareware teams and people outside of warez were forced to defeat decent protectors or live in a DRM abused hell. I think the public would be better for it; more intelligence and appreciation etc..

Edited by chickenbutt (see edit history)

Share this post


Link to post
Share on other sites
chickenbutt
Posted (edited)

I mention this in another thread, but: x64dbg snapshot and skyllahide having no issues with Yakuza 0 which is the latest Denuvo iteration..

EDIT: Anyone else think VMProtect hype is because SnD members were devirtualizing Oreans years ago and documented it, and nobody documented VMProtect but was actually considered easier and defeated by more people?

Edited by chickenbutt (see edit history)

Share this post


Link to post
Share on other sites
Blah

saw this earlier..makes no sense to me but im sure some of ya know what it all means..

cheers :)

Injustice 2 Legendary Edition-CODEX

Quote

Release Date :  08/2018              Protection : Steam+Denuvo                  
         Discs        :  1                    Genre      : Fighting       

 

Notes: 
	  
      This release contains the latest update from August 21st and all
      additional content of the Legendary Edition.	  
	  
      For the reason explained below, we noticed that two of the 38
      included fighters (Gorilla and Robin) can have some small  
      delays/micro freezes when executing certain attacks. The slower 
      your cpu, the more noticeable the lags are on these two. 
      Even though the game isnt exactly new anymore, there are still a 
      lot of bugs left in the legit version. 
	  
      	  
	  
      Some Denuvo Techtalk :
	  
      For example when Robin does one of his special attacks, throwing a
      smoke bomb on the ground, Denuvo starts writing a private key to the
      memory from 000000014C113692:
	  
      000000014C113692  | 44 88 07                  | mov byte ptr ds:[rdi],r8b
      000000014C113695  | 5F                        | pop rdi
      000000014C113696  | 50                        | push rax
      000000014C113697  | 21 C0                     | and eax,eax
      000000014C113699  | 9C                        | pushfq
      000000014C11369A  | 44 01 C1                  | add ecx,r8d
      000000014C11369D  | 4C 89 F0                  | mov rax,r14
      000000014C1136A0  | 48 89 C1                  | mov rcx,rax
      000000014C1136A3  | 48 C7 C0 00 00 00 00      | mov rax,0
      000000014C1136AA  | 48 09 D0                  | or rax,rdx
      000000014C1136AD  | 48 83 C1 01               | add rcx,1
      000000014C1136B1  | 49 89 CE                  | mov r14,rcx
      000000014C1136B4  | C1 C1 08                  | rol ecx,8
      000000014C1136B7  | 9D                        | popfq
      000000014C1136B8  | 58                        | pop rax
	  
      Then it fills the buffer at: 000000014779F593.
	  
      When everything is filled and the key is obtained by Denuvo itself,
      it starts executing anti-tamper checks from 000000014774C37E:
	  
      000000014774C37E  | 41 89 7D 00               | mov dword ptr ds:[r13],edi
      000000014774C382  | 48 29 F3                  | sub rbx,rsi
      000000014774C385  | 41 54                     | push r12
      000000014774C387  | C1 CB 0D                  | ror ebx,D
      000000014774C38A  | BE D4 72 4D 3E            | mov esi,3E4D72D4
      000000014774C38F  | 4C 8D 25 4F B5 06 FE      | lea r12,qword ptr ds:[1457B78E5]
      000000014774C396  | 4C 33 24 24               | xor r12,qword ptr ss:[rsp]
      000000014774C39A  | 48 8B 1C 24               | mov rbx,qword ptr ss:[rsp]
      000000014774C39E  | 4C 21 E3                  | and rbx,r12
      000000014774C3A1  | 4C 09 24 24               | or qword ptr ss:[rsp],r12
      000000014774C3A5  | 0F BA F8 06               | btc eax,6
      000000014774C3A9  | 0F BA F6 0D               | btr esi,D
      000000014774C3AD  | 48 29 1C 24               | sub qword ptr ss:[rsp],rbx
      000000014774C3B1  | 4C 89 E3                  | mov rbx,r12
      000000014774C3B4  | 48 23 1C 24               | and rbx,qword ptr ss:[rsp]
      000000014774C3B8  | 4C 0B 24 24               | or r12,qword ptr ss:[rsp]
      000000014774C3BC  | 49 29 DC                  | sub r12,rbx
      000000014774C3BF  | C3                        | ret
	  
      Here it gets the addresses of the various functions inside the Denuvo code
      from r13 register and forces the original bytes, a single DWORD per cycle,
      essentially overwriting any potential patches that were applied to these
      functions before.
	  
      The way our crack works is that it reads a huge amount of encrypted code,
      (including the code that the anti-tamper tries to overwrite) and therefore
      patching the required place causes some slowdowns thanks to Denuvo and
      the devs.
  • Like 1
  • Thanks 2

Share this post


Link to post
Share on other sites
evlncrn8

essentially its saying that theres spotchecks, but also anti tamper

like when a specific trigger happens (like the smokebomb they mention)

denuvo then builds a key (private im not sure about there)...

anyway, then in another function their anti tamper writes back original instructions to functions, to stop anyone patching them

this could also be their anti cheat crap too however

so one small thing in the game, done repeatedly can then cause lots of memory writes (lets hope the mem was read/write/execute to begin with)..

typical denuvo half baked crap though.. no checksumming that could be faster, just 'we are teh best' mentality and do what they want so they'll

just checksum this, overwrite that, and do what they want cos they are 'the best in the field' (some of their devs have huge ego's, and that gets boosted from the shit managment tell the customers)....

so this sort of also throws a little 'bollocks' towards the claims of not being responsible for performance hits...

but of course, they could argue that the devs implemented the checks wrongly.. but then didnt denuvo also claim they profiled the games ? ... ho hum

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×