Listen up, buster.
When I came up with the EAC patching solution for Far Cry 5 and put that into the game's DLL (which was 200MB big, the .DLL), what did CH say? Let me remind you:
The fact that you modify the game .exe (thus the EXE not being original) represents a crack
. The code is not in its original form, hence what you do is the opposite of what you preach. If you think the above bullshit is not your creed, then dissociate from PWizard. But no, you're an associate now, so Caliber or PWizard, I'm speaking to CH.
"1) clearly you have an account at our site, and are looking at our work far more than I am looking at yours here"
Seems like I have to repeat this shit. Back in 2008 we had a dispute, people in my RE team were massively distributing "DRM-free" trainers from CH to the public (DRM-free = removing the user name and patterns you used to detect who "leaked" the trainer). You bitched. Started acting cocky like you always do. Then started banning people stupidly in your database. Then people got pissed, because they didn't leak shit. 1,2,3 - how many did you ban? That's right. Then you stopped. Why? Because you would have to ban too many. Where I'm going with this - - I don't fucking need an account at CH to get a trainer. I can get it in various ways, whenever interested, like now (funny how your bypass surfaced 4 days after the public already had one). One of the ways - repeating this - is to impersonate one Premium CH user and download the trainer just like that. You seem to forget that.
Then.. I don't need an account cuz you retards act all communist and shit, banning anyone that doesn't fit the "all hail CH" profile. In short, why bother make an account, when anything I'd post (even when trying to help your faggy asses) gets deleted. You seem to forget this part as well. FRF hasn't done shit against you, in the same fashion you did (@people: if you constantly get Error 404 when trying to post @ CH know you've been silenced/banned), till you started taking advantage of the opportunity and flaunted CH all over the place here. That's when I decided to act and silence
you. Taste of your own medicine, eh?
"far more" my ass. I don't give a fuck about your trainers till some situation like this surfaces and I feel compelled to check and demonstrate you USE PUBLIC knowledge without crediting shit. And I will continue to do this dance.
"2) I guess it's just not possible that anyone else can come up with a solution to these games other than you"
That's screaming "we won't use SunBeam method cuz it contradicts our creed.." (but mostly cuz it's SunBeam). So fuck off with the attitude. You did it slightly "differently" (it's not the method, but the effect) cuz you knew this would happen. And it did happen. 2 nice posts of comparisons. Eat up.
It's not about what YOU CAN do; it's about what YOU HAVE THE TIME TO DO. All the shit you flaunt around - you do this and that, 2387192 games a week/month/year - I'm sure that leaves no time for - yet again - CRACKING an anti-cheating protection. Yes, modifying original game code and storing those modifications in the game's physical file constitutes a CRACK. So while you "don't touch the DRM", you cracked the game
Fucking idiots trying to teach the mass the shit they do is right while others' is wrong. And while at it, you dicked into the DLL I made public (I can see the IPs of the people who downloaded it), then, just so it doesn't raise suspicions, you chose different patching spots. Right, I wouldn't see it
"4) BTW, the scanner (you are calling CRC32 scanner) has that timing function so that the game modifies it's speed internally to match any slowdown the stupid scanning threads are causing. I am not sure why you chose the spot you chose or whatever, as it seems random, or you probably have no clue what that function is/was doing, you just noticed that (your original method) cancelling it out caused some speed issues."
One at a time. I'm sure you're not stranger to quick and dirty methods, whereas you NOP some shit and see the effect. Usually, when some checking mechanism is part of a function and you can't see some jump outside of it that would skip calling said function, you go with a RET at the function's epilogue. Simple. Doing that the first time showed an increase in game's speed. So, that's when I started delving into what the function does
. "I am not sure why you chose the spot you chose or whatever, as it seems random, or you probably have no clue what that function is/was doing" - - that's where you're fucking wrong. I called this on you first, bitch. You chose that JUMP because you noticed that doing it would bypass the checks. Not cuz you knew what it jumps over and why.
But then again, I have that TIME you don't and studied the difference between the same function in v1.0 and v1.2 of the game .exe. That's how I knew exactly what's extra and where to patch the way I patched stuff T_T I'm guessing your retarded functionality doesn't conceive CODE COMPARISONS. Tim supplied 1.0, as I didn't have it anymore.
So, before you go "yeah, you need that to figure out simple stuff" - fuck you. I document my shit and my posts kinda demonstrate that. Yours, not that often (cuz you don't have time, as you do 28937219837 titles in 1 second, minute, hour) and not that detailed. The era when you talked in private messages to people and tried to keep stuff private is long gone.
"I've been down this path before, where I take the time to post, rebut shit, and otherwise defend myself, only to have you or your ballsack holder Tim:
1) ban me
2) block me
3) change my posts
4) manipulate what I am saying"
You were silenced in the same way CH did with me. The decision was not unilateral, it came after studying your behavior, that you come to FRF only when it benefits CH and advertising. Pretty much like you did with your next post, advertising the "new" loader. Which I took down. Here, something for you:
"I actually have arrived at the time where I don't care."
It's funny. You complain not having time to do this and that, yet you took YOUR TIME to create an account and write-up a long-ass post. This shows oh-so much how you do not care. That's what people do when it comes to EGO.
"using directx old .dll method"
Are you fucking retarded? What "directx method"? This has nothing to do with D3D (not directx, learn the difference between them). Do you know what a PROXY DLL is? Google it. I could've used any fucking system DLL mimic (I even have a "version.dll" proxy). Do you know you can mimic exports and have Windows load a DLL into a game WITHOUT A FUCKING LAUNCHER? No. You obviously don't, you fucking stone-age prick. I'd say the method I used is quite ingenious (notice how I almost never say "my method"? yeah, that's right; "my DLL, my trainer, my shit" - where's the crediting to all those you've got the inspiration from? if you can't do it, at least avoid the fucking "my"). Stick to your "high-level programming" crap and preach it someplace else.
"Congratulations, you discovered that we had to edit the game file so that it could run, as attempts to do things live in memory are not fast enough and it takes a moment for Denuvo to do 'it's thing'. I did not modify or create a workaround using directx old .dll method, but the result is the same. The file is being modified either on disk or in memory to cancel out the three things that prevent CE and .text modifications of the trainer."
You really are a fucking retard. Why? Simple. First-up, there's no "old method". There's the method of proxying a system DLL, as Windows looks for any system DLLs the game uses (check the IAT) in THE GAME FOLDER FIRST
. If the game uses say version.dll
, it will first check if this DLL is in the location where the .exe is. If found, it loads-it up via LoadLibrary. The reason you'd reference the exports and fix them in your lib (via loading the original system32 .dll yourself) is so then the game uses your DLL, you do your thing, and whenever some exported function from the original is required to be run, this happens: call [my_version_dll_export] -> jmp [my_version_dll_export] -> jmp [original_version_dll_export] -> run original_version_dll_export. Hence the need to fix exports.
Then what timing issues? And what "Denuvo has to do its
('it's' means 'it is' - legit illiteracy) own thing"? You are retarded in that sense as well. The proxy DLL is "run" the moment you run the .exe. Since you can easily patch the physical file, you don't need any "timing"-related crap, as there's no Denuvo unpacking
involved. The .exe is not packed. So be it my DLL or your "launcher" (patcher), yes, the result is the same. Stop trying to belittle another's methods, when you know there are NO DENUVO TIMING ISSUES. Bottom line here was YOU PREACHED NOT TO TOUCH GAME FILES in the past. You just ADMITTED YOU DO. Suck it.
Lastly, you want to lie to the public about "Denuvo timing issues", when your major problem - which explains why you made a FILE PATCHER - is you don't know how to handle in-memory patches in MULTIPLE spawned processes. That's right. Steam launches the game twice: first time
to create the handshake with Steam (then kills the process), then the second time
to actually log in and let the game run normally. And since you can't catch the 2nd process to properly "attach" and patch it in memory, you did the only thing you're capable of: a mere file patcher. What happens when Nether decides to use packing? Will you write a "launcher" (patcher) again? Let's wait and see T_T.
As far as pompously claiming "No DRM was harmed at all in the process", you fucks know how to pull this marketing stunt as well. My major concern is people give a rat's ass on detailed explanations, but do raise an eye-brow if they hear "DRM was modified". My other major concern is you're preaching stupid content to create a trend
here. And that is: whenever you see ASM you can't fathom the normal purpose of, in terms of looks, you instantly go "this is DRM, this is Denuvo code". Tell you what, go to vmpsoft.com, download the VMProtect demo, write a simple MessageBox app and use VMProtect on it. Use just MUTATION on the single function you got there. Then look at the original and protected in x64dbg, see how the ASM looks like. Spaghetti code in your protected one, right? Intelligible, but not quite fast, as opposed to your original code. Well.. that's mutation. That is NOT DRM! So.. me patching the thread creation in MK11, as in modifying what you gathered to be "Denuvo code, so you're modifying DRM" is not what it is. But you seem to enjoy lying to the public. That's Nether code, mutate via Denuvo (like I said, they use mutation markers to denote the functions the protection should envelope).
So once and for all.. stop with the idiotic "no DRM was harmed". None of us here is CRACKING games (that's what DRM represents; read up on that as well). We're doing trainers.
Yet another lesson from SunBeam T_T Am getting tired of teaching you stuff through these disputes... How about you properly get documented on the shit you say next time around? It's either that or.. "I am not sure why you chose the spot you chose or whatever, as it seems random". And you seem to say a lot of that when you just wanna act smart, pompous, but without a proper explanation on what's going on. Thanks!
"I am screenshotting that you are once again taking our work and disassembling it and then posting things about it here."
That's PWizard right there. It's common knowledge by now he collects dirt on people to blackmail or threaten them later. Nothing new. Do your best. Screenshot this as well.
"I have no interest in going further on this, as it won't matter anyways, and I honestly have given up trying to be cordial or have a relationship with people here. It's bash me or CH all the time, every time."
Behind all that nice wording, your ATTITUDE didn't change. You can't be cordial in just the text part. So eat up once more.
"I DO have a ton of work, and while you are still dinking with this one game, I've been doing 100 other things" - - OK, OK, fuck off now and stop posting, since you're busy and, like you said, you don't care anymore? Peace.
Bottom line, after all this shit:
- you never said "thank you kind community for allowing me to monitor shit without the need for an account" - that's right, you don't need an account here at FRF to read or download stuff
- you're proving you don't know what you patched in the checksum function; and using a subterfuge to point out I'm the one not knowing, while at the same time saying "I don't know why you did what you did" - - proving a second time and enforcing YOU DON'T KNOW; here, a bone to learn how I did it and WHY, most importantly
I jumped from function's prologue to that area like this:
Code: Select all
00000001409D8810 | 48:8BC4 | MOV RAX,RSP | // prologue
00000001409D8813 | 48:8948 08 | MOV QWORD PTR DS:[RAX+8],RCX |
00000001409D8817 | 55 | PUSH RBP |
00000001409D8818 | 53 | PUSH RBX |
00000001409D8819 | 56 | PUSH RSI |
00000001409D881A | 57 | PUSH RDI |
00000001409D885A | FF15 70CE9F01 | CALL QWORD PTR DS:[1423D56D0] |
00000001409D8860 | 45:0F57C9 | XORPS XMM9,XMM9 | // JMP here, right after the API call
00000001409D8864 | F24C:0F2A8D 08010000 | CVTSI2SD XMM9,QWORD PTR SS:[RBP+108] |
00000001409DA826 | 0F57C0 | XORPS XMM0,XMM0 | // to here, skipping all CRC32 checks
00000001409DA829 | F248:0F2A85 00010000 | CVTSI2SD XMM0,QWORD PTR SS:[RBP+100] |
00000001409DA832 | F2:0F5905 2ECB8B02 | MULSD XMM0,QWORD PTR DS: |
00000001409DA83A | F2:0F1105 D6098002 | MOVSD QWORD PTR DS:[1431DB218],XMM0 |
00000001409DA842 | 0FB605 E8CB9002 | MOVZX EAX,BYTE PTR DS:[1432E7431] |
00000001409DA849 | 84DB | TEST BL,BL |
00000001409DA84B | B9 01000000 | MOV ECX,1 |
00000001409DA850 | 0F44C1 | CMOVE EAX,ECX |
00000001409DA853 | 8805 D8CB9002 | MOV BYTE PTR DS:[1432E7431],AL |
00000001409DA859 | 48:8B9D 20040000 | MOV RBX,QWORD PTR SS:[RBP+420] |
00000001409DA860 | 8B53 08 | MOV EDX,DWORD PTR DS:[RBX+8] |
00000001409DA863 | 83FA 0A | CMP EDX,A | A:'\n'
00000001409DA866 | 7D 10 | JGE mk11_v1.2.1409DA878 |
00000001409DA868 | B9 0A000000 | MOV ECX,A | A:'\n'
Since the API adjusts the timing, no need for any crap. Plus now the function is running as its 1.0 equivalent did, without any extra checks and shit. Get it now why I did what I did? Fuck off, thanks.
- you've not changed your attitude and take advantage every single time telling the world what you do, how much you do of it and how we suck, CH is king; what you don't get is marketing is also about QUALITY and ATTITUDE; all those people who've been silenced, banned or left CH on their own would tell you that, given each of them have been hurt in an area you seem not to be interested in (customer satisfaction is a commodity when it comes to customer support)
- when you do get the time to, read-up on proxy DLLs; it's a fast and convenient way to get your shit into a game without the need to write separate launchers/patchers; Windows loads standard OS libraries from game folder first, then, if DLL fails loading, loads the system32 originals; if your DLL succeeds in loading the original, then Windows doesn't need to do it for you and all's dandy; that's why it's called a fucking PROXY (yet another teaching lesson from Sun); old method, my ass - - methods know no age, you fucking retard; read the bullet above, yet another way of you saying I use old shit, while you're in 2019; yet the old shit I used got the job done way before your "launcher", so suck it again
- if the proxy dll method is so old, the moment I see you use it, I'll be on your fucking ass; you're free to use whichever crap you want, but for the love of God, stop bitching when others do before you, belittling you or anything, OK? It makes you look like a fucking asshole saying "this method is old", then using it later on...
- and lastly, CH is using public shit without proper crediting and "stealing" stuff (if not direct portions of code or hook spots, then inspiration); I never heard you once admit it (no, shit like "we all do it every now and them" is not "I do it"; so hiding behind the public is no admission of own practices), yet you seem to imply that by mentioning others doing it from the shit you post; it's always others stealing from you, never "I do it too"; it's like you're struggling not to get caught red-handed, cuz then.. well.. screenshots, right?
"Have a nice day irregardless,
Who said I can't be cordial? "Have a fucking not-nice day as well, Sun"