Developers Club geek daily blog

Steam CEG from Valve and what it is eaten with. All difficult — is simple

2 years, 10 months ago

Kind hour, % %USERNAME! In my previous article "Steam CEG from Valve and what it is eaten with. Introduction" was given only abstract understanding and the principles of work of the CEG technology. In this article there will be on an absolute minimum of the theory also a prevailing majority of practice. Today and now we will consider whether it is possible "to disaccustom" to this protection the treasured performed file.

Read more »

Steam CEG from Valve and what it is eaten with. Introduction

2 years, 10 months ago

It is a little determinations

CEG (Custom Executable Generation, Russian. Generation of the Unique Performed File) — a security feature from piracy (it is as if paradoxical did not sound), developed by the great and awful company Valve in 2009. It was initially planned that the new security feature will be used nearly at each game released in Steam. However, having reviewed the priorities, the Valve company understood that if the potential developer wants to use such 'happiness' in newly made game, then it would be desirable to pay also not the cheap price. Therefore, historically it developed that CEG is used only by the large companies which are able to afford it.
The essence of this protection consists in the following: as soon as the downloading game from service of digital distribution Steam comes to an end, on the personal computer of the client the "naked", not signed yet performed file is loaded. Then, on the same client computer, the digital certificate and by means of special library SteamServices.dll (which loading, is by the way, made in TEMP) is loaded and a special key with AES the mentioned performed file is signed by enciphering above.

Actually, fast review of protection

"And what then practical value of such 'protection' if it only also does what just signs the performed file?" — you ask. And here I will answer — not everything so simply as it seems at first sight. The matter is that when drawing the digital signature on the file, information on folders and files which are present at client system, and also some iron gathers. In an effect, collected information, also finds the place in the performed file. And this information will be really unique as the following components are considered: a time stamp of files and folders in unix style (date of creation, last modification date), unique keys of the register (and also check whether the client of Steam is installed on the PC, by means of the same orthodox register), the number of files in the set directory, the ID processor, serial number of the hard drive. It should be noted that the last two — are used only in the latest CEG versions (for example, such games as: XCOM: Enemy Within, Grid Autosport, DiRT Rally).


So, what we have — a such binding of the 'unique' performed file to iron and files of the client PC. Well it or is bad? In general — good idea and implementation. Minus in all this if, let us assume, you went to the dacha to friends and took with themselves a complete backup of favourite game with this CEG, having reset it on the portable carrier and hoping that you will be able quietly to play. But there was unexpected — the Internet does not work for the friend! But on the notebook Steam is set. It does not matter, you do recovery of a backup embroider games in the offline Steam mode, you click "to Play", but nothing occurs! And all because iron and other components about which it was written above do not match iron of your friend. And without access to a wide area network, at you just it will not turn out to start in any way game as for obvious reasons it is impossible to generate the new performed file. Or it is possible to start the performed file after all?
In the following part of article the speech about whether it is possible to disaccustom completely to CEG the performed file will go, having near at hand a debugger and software development environment (A Visual Studio, for example).
Whether it was interesting to you to learn about the CEG technology?

132 persons voted. 33 persons refrained.

The users only registered can participate in poll. Enter, please.

Read more »

We neutralize a bomb with Radare2

2 years, 10 months ago

Hello, % %username! Today we will go to study uncountable opportunities of a framework for a reverser — radare2. In the form of experimental I took the first got bomb, it appeared from the website of University Carnegie Mellon.

Read more »

The narration about the compressor which it is possible to call, but I do not remember how

2 years, 10 months ago
Not absolutely New Year's history in which there is a tie, an intrigue, detective investigation, a pursuit, insidiousness, wisdom ancient and the happy final is provided to your attention. Under a cat you are expected by archeological excavations of Habr of an era of reorganization and a pinch of the x86 assembler to taste.

Read more »

As we again wrote ourselves or how to lose source codes and not to give a sign

2 years, 11 months ago

There was a fine May day. My look accidentally fell to a chat of children from the extreme server. They had not such May day fine: during the relayout of minor service authorization service, related so far as fell. Situation tsimmes that nobody supports the falling part of service of authorization it devolved to us and never especially failed. I was carried away by reading the detective of search of the reasons, and till a certain moment I was a passive reader — yet did not see the phrase of our administrator filled with the purchased gray hair of his hair: "For an hour 800+ flows accumulate".

Read more »

The Bastion LINTER DBMS is successfully tested on ReactOS

3 years ago
Kind Friday evening, dear readers of Habr!

The group of the ReactOS developers presents to yours the first joint press release with the ZAO NPP "RELEKS" company.

Specialists of ZAO NPP "RELEKS" successfully completed works on testing of the Bastion LINTER DBMS on the ReactOS operating system.

Measurements showed that Linter under control of ReactOS gives performance gain for 10-15% in comparison with the Windows XP on an identical hardware configuration. In work flow shortcomings of OS which were quickly eliminated with community of developers with direct and active participation of the Russian fund ReactOS were revealed.

Read more »

About … to incense ReactOS-Hakfest or one more option the last month of summer

3 years, 2 months ago
We present Habr's audiences the report on in what the collective of the ReactOS project in the last month of summer of 2015 was engaged. Hakfest became the main event of this month naturally.

Put minus the first (on August 5)

Alexey arrived well in advance Hakfesta and not to waste time in vain, Colin showed round the city of Aachen in all beauty in hot summer day: a cathedral, mineral sources, restaurants, cafe and, of course, the buildings of the Rhine and Westphalian Technical University (RWTU) scattered on all city.
Not the building of university clinic (in which all engineering communications are made outside of the building), but the temporary building for holding seminars in which the big room for our Hakfest's carrying out was selected was the most important of them for us at all. Inside this building was very pure and equipped modern equipment. But it is actually temporary: it will be born as soon as the permanent building is completed. So to use hakikostyl and props it is not alien also to Germans :)

Read more »

As we held the competition hardware hack on Chaos Constructions 2015

3 years, 2 months ago
Hi everyone!

On these days off in St. Petersburg has passed the next Chaos Constructions festival on which fans, programmers and developers have gathered to compete in skill of creation of demo.

About that such demo, it is possible to esteem on the site of organizers. And if in brief, to participants the task to make something impressive on spectrum'e or similar retroiron is given, and thus restrictions on the size of programs and duration of demo are put. For example, I was very much impressed by these on Spectrum'e which has gone in in only 256 bytes! Yes, the demo is brought to the big screen with excellent sound therefore the show impresses!

Our company has sponsored for festival, and we with colleagues have organized and have held the competition hardware hack by which purpose began to determine processor arkhitekutura, having minimum of knowledge of it and modest tool kit.

How passed competition as well as that we prepared for it and there will be my article. To whom it is interesting, I ask under kat.

Read more »

Attack on archivers. We disappear in one archive from three programs

3 years, 3 months ago
Article shows how it is possible to outwit the attentive user familiar with elements of social engineering monitoring even expansions of files and does not call for use of this information in the illegal purposes at all. The purpose – to start executable file, having given out it for the text document in zip-archive and if to start it will hardly turn out, not to allow to unpack or hide the file.

Read more »

Raskovyrivayem compression of resources in Might and Magic III

3 years, 3 months ago
Not really well I remember how I have appeared in debagger of DOSBox and why I was picked the 16-bit assembler, recovering function of unpacking of the resource MM3.CC files – but it was healthy. Game at me has appeared on humble bundle, some of the last sales, and then in network I have come across Jeff Ludvig's page where the problems with game modification connected with compression in MM3.CC were described. In particular, the following has been written there:
It has appeared that it is quite difficult to crack this algorithm, and for the present nobody has learned to unpack these data.

The call has been accepted. In its article it is painted as he tried to struggle with algorithm. I will paint as it was done by me, and at the end I will give the reference to the utility with the open code which is able not only to unpack, but also to pack the MM3.CC file file.

DOS Packer

Having looked at MM3.EXE, I have found out that it is compressed executable file of DOS, with certain uncompressed overlay at the beginning of which costs FBOV. I knew nothing about Dosovsky compressors, but I have spotted at Jeff Ludvig that he uses thing under the name "Universal Program Cracker" v1.11. I have found version 1.10 (issued on June 25, 1997) and have unpacked to ekha. And I managed even to process data of overlay correctly. And all the same I wanted to learn the name of pakovshchik. Have prompted to me that it is necessary to use the Detect It Easy program, and it is valid – it has given out:

EXECUTRIX-COMPRESSOR(-)[by Knowledge Dynamics Corp]
Borland TLINK(2.0)[-]

For fans of history I can recommend old branches of the discussions concerning this software – from 1991 and 1995:


Read more »