[P4F] Anti-Cheat System, analysis of crack from 16.01.2014

Good day. I am – one of the developers [P4F] Anti-cheat System and I want to clarify the situation without hollywars and other abuse. This text primarily written for our customers and those who are going to use the cracked version of our protection.

First of all I want to say thank’s to the “Белый”, the man who initiated the hack our software, but more on that later.

For clients

I want to note that for you will no changes happen. Protection attached to specific servers and there is no possibility to run files from one server in another server. In any case, we do not exclude the possible risks and therefore soon be releasing a minor update, affecting the basic security mechanisms in order to minimize the chance to use a hacked version.

For users who use hacked version or simply “free riders”

As for the people who want to use the cracked version, just warning you – no responsibility for the behavior of cracked version command [P4F] does not bear. We will not provide any technical support. Use the product at your own risk. Moreover, the stable operation of crack this is not possible. Why? Read the next paragraph.

Crack analysis

I spent some time for analysis of crack, about which we will talk. If I’m not mistaken, the changes only affects modules UpdSrv.exe, LC.exe and ConnectServer.exe. Fortunately there are no viruses from hackers. They removed only binding to hardware, nothing more! Though, rather we can call it as configuring PC to bypass hardware binding (look at the reg2.reg). This is due to the fact that hacker couldn’t bypass protection and decided to crack it “anyhow” to bypass the license.

To start anti-cheat you need run two reg files. I strongly recommend not to do this in server machine. The fact that file reg1.reg disables protection mechanism called ASLR, which is necessary to fight against malicious exploits. Turning it off, you are exposing your system at risk of viruses and other mischief. I don’t know why it was necessary to do. Possibly because hacker does not understand PE format and maybe for destructive purposes.

For folks who already run reg1.reg file, below you can find code which will restore your ASLR settings to original state (you need to create txt file and put there below code and save file with .reg extension. After that you need to start this file):

Moreover, anti-cheat client library isn’t modificated and it will not work on most clients. It can be worked only on specific clients. If by some miracle you managed to run it on your client, be prepared for trouble. Removing protector from anti-cheat isn’t satisfied, and it certainly didn’t work with other client.

Server software, such as LC.exe, cracked very bad. When you’ll try to create a config you’ll get app crash error. I don’t have a clue how users will create configuration file…

So, to run this crack on the server, you’ll need askew (ignoring all the safety rules) to configure your server, for example roll back time and etc. In addition you can’t configure your client side. Experienced administrators will not engage in such nonsense and “novices” haven’t enough experience and knowledge to configure the system at the server.

Gratitude to “Белый”

Without a single drop of sarcasm, I thank you. This man not only paid for the license, he paid cracker to crack our product. I am very grateful for the fact that in this release were found weaknesses of our product. However, crackers did his job very “dirty”.

Thanks, that’s all…

Regards,
[P4F] Team.

Leave a Reply

Your email address will not be published. Required fields are marked *

*