Techly NewsGet the app

Get the latest tech news

TSforge: Reverse Engineering the Windows Software Protection Platform


By WitherOrNot

After wasting even more time trying to add Windows support to GDB through its Python API, I ended up biting the bullet and choosing the devil I knew, the IDA Pro debugger. This probably prevents some kind of side-channel attack, but more importantly, it means that I can "decrypt" the physical store by simply skipping this call in the debugger and letting spsys write the un-encrypted contents to the disk. Since we had few options to debug or fix this port, asdcorp decided to create an HWID value that would apply to all hardware, and yet again, it worked perfectly, even allowing transfer of activation between machines.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of reverse

reverse

Photo of tsforge

tsforge

Related news:

News photo

Interesting BiCMOS circuits in the Pentium, reverse-engineered

News photo

Reverse engineering my #1 Hacker News article

News photo

Reverse Engineering a VanMoof E-Shifter – Part 2 – Decoding the Signals

« Pairwise TOTP Authentication of Humans
TikTok Is Back in US App Stores »