View Full Version : Nice Securom trick
aurora
October 9th, 2001, 10:34
If you ever debugged a Securom protected game,you probably
know this neat little trick: If you p ret from a securom call
your 'trace bar' is locked.ie F10 does nothing.if you manually
set eip ,you can go on. Does anyone know how this works?
exit_2
October 11th, 2001, 09:51
Yes we know this trick
It is very old trick, which EliCZ published maybe 2-3 years ago. I don't know If Sony found it, but I think they stole it from EliCZ. It work very simple, they set debug breakpoint. It isn't very clear and I think it is dangerous on Win9x.
Exit
aurora
October 12th, 2001, 11:13
Quote:
Originally posted by exit_2
Yes we know this trick It is very old trick, which EliCZ published maybe 2-3 years ago. I don't know If Sony found it, but I think they stole it from EliCZ. It work very simple, they set debug breakpoint. It isn't very clear and I think it is dangerous on Win9x.
Exit |
what did he publish? a crackme? i don't understand your explanation.they et a hardware bp on the return address and
then? or does a hardware bp that is not set by softice 'halt' the
code bar ?
btw it works fine on 9x
exit_2
October 17th, 2001, 04:57
I think EliCZ never publish any crackme. Do You know EliCZ's work ? He publish this trick in one of his prog (now I don't remember name).
Trick is simple. They set hardware breakpoint. I think they use SEH like EliCZ but it can be done via RING0 too. They set it to instruction and if You trace, SICE stop on it. You can't trace more.
Simple, but it work.
Exit
Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.