Archives

All posts by mudlord

Not much news this week:

  • Updated main site to use SSL. This includes this blog.
  • Looked at Dxtory. The DRM is nicely done, using both Dotfuscator and .NET Reactor in the same software, managed to deobfuscate those to some degree. There is a serial file based on RSA signatures as well as some elaborate checks. Its pretty nicely done. I need to delve deeper to see if a proper job is done. Its been a long time since I touched .NET stuff.
  • Had a brief glance at Cemu again. Just need to sit down and do some coding this time. I wasn’t sure of how useful the source code is on GitHub, so I removed it. Most likely will upload it somewhere else, if people desire.
  • Watched Doctor Strange, loved its fractal usage. For instance..And….And….Visually looked very nice. Looks nice how the fractals have textures mapped on them and in very high res. The image design for the rest of the movie is quite nice too, especially in the Dark Dimension and other places.
  • Spent some work on: (for those that get the reference 😉 )

Not much news this week:

  • Did some messing around with irukandji. Mainly getting it to run in a thread. Still lots of work to go. Rewriting graphics to use OGL4.3 mainly because of gl_load_image_store.
  • Did some basic work with Cemu. Reverse engineered some slabs of code and worked out some things. Seems the serial algorithm has been updated or I may be wrong in that regard. Some attempts at obfuscation have been made, but once the tricks are worked out, it really isn’t too hard. The core DRM related functions are sometimes “obfuscated” like this:

    Many of the traps and triggers are obfuscated like this, but its pretty easy to fix them. And here is a prelim. analysis using fuzzing of the main settings file:

    Reason its taking so long since I am coding very sporadically just like on my other things.

  • Managed to finally convert foo_dsp_effect’s dialogs into CreateWindow calls for the UI element rewrite:

     

Not much news this week:

  • Did small updates to mupack. Mostly finded out where the most brittle code is. Found that compiler optimizations in some spots can break generated code so #pragma use is more carefully done.
  • Started work on foo_dsp_effect to rewrite things. People wanted UI elements so might as well work on that.
  • Cemu 1.7.1 introduced some changes which broke the keygen for the time being. There was some attempt at obfuscating some code, might warrant a further look. Its saddening to think no one else is looking at the DRM, which is a shame.

 

In continuing the series, here’s what I seen and done so far.

  • Finished my documentation of the Cemu Patreon DRM system in its current form. This was done in the hope of showing weaknesses and thus showing potential improvements that can be made in future. However, it seemed none of the advice was taken, so I took the next logical step and reversed engineered the serial number scheme, while doing no modifications of the executable at all. This culminated in a keyfile generator+loader which works on past and present versions of Cemu. The results of the research are on my Github as well as documented in a blog post here.
  • Finalized my Odroid+Android development setup. The Odroid XU4 looks nice in its case, I find it quite cute.
  • AVs are proven to be snakeoil. I knew this for ages from false positives with what I program, glad that its now been made public by other people that AVs can be in most cases pointless.
  • Dirt 4 is coming out. Looks rather nice, cannot wait. Absolutely loved Dirt 2, though the GFWL DRM was a pain, so a xlive.dll proxy took care of that, such as for Bulletstorm too. Questioning whether to get Bulletstorm’s remaster too.

In continuing the series, here’s what I seen and done so far.

  • Wrote a detailed documentation of the Cemu Patreon DRM system. This was done in the hope of showing weaknesses and thus showing potential improvements that can be made in future. It seems that these sort of articles seem quite popular. I might do more of these reversing articles in future, as time and motivation permits.
  • Wrote documentation on Matsu Player: an emulator package on Android that violates multiple software licenses with copies of several open source emulators being sold without the source code being released. Also, non commercial licensing agreements have also been violated.
  • Wrote documentation on JohnSNES: an emulator which violates the license on Snes9x.
  • Wrote documentation on SuperRetro16 AKA SuperGNES. I knew for a long time this emulator violated Snes9x’s license but waited before making said notes public.

In the interests of being concise, I figured I post the following, because a certain reddit moderator did want precise proof of what I know:

SuperRetro16 violates Snes9x’s non-commercial license. I know this because of slight obscuring of functions as well as the number of matches of code compared to the various Android libretro ports of Snes9x. The following forensic pictures illustrate this:

In the interests of being concise, I figured I post the following, because a certain reddit moderator did want precise proof of what I know:

JohnSNES violates Snes9x’s non-commercial license. I know this because of slight obscuring of functions as well as the number of matches of code compared to the Android libretro port of Snes9x. The following forensic pictures illustrate this: