Hi all,
finally, here is the Laserlock Reverse Engineering Technical Paper.

English: https://www.lucadamico.dev/papers/drms/laserlock/Evolva.pdf
Italian: https://www.lucadamico.dev/papers/drms/laserlock/Evolva_ITA.pdf

If you are enjoying reading the english version, please remember to thanks @m00k00 as he helped me A LOT with many spelling, grammar and layout corrections!! THANK YOU MATE, looking forward to read YOUR reverse engineering stories

Please note that you need the original game disc to follow this paper
Please let me know if something isn't clear.
Have fun and as usual, please share your binary aventures

If you like this paper, you probaly will also like my Safedisc Reverse Engineering Technical Paper here: https://gbatemp.net/threads/safedisc-1-06-1-11-reverse-engineering-technical-paper.611118/

 

[Luca91]

Quick update (even if not laserlock related): I’ve finally got two games protected with SecuROM, so maybe the next technical paper will be about this protection scheme.

 

[KleinesSinchen]

Quick update (even if not laserlock related): I’ve finally got two games protected with SecuROM, so maybe the next technical paper will be about this protection scheme.

SecuROM… that had many iterations if I remember that correctly.

Later versions clearly violated the CD/DVD standard and should never have been labeled with "PC CD" like they did on the games. Surprising that those discs are within the tolerances. Still got no Plextor Premium writer.
==========

Now to LaserLock. Didn't come across that protection back then (never had been much of a PC gamer and stopped buying PC games due to DRM). When trying to get an old version of CD-COPS on a Hugo game (embarrassing these "games"), Medimops – big surprise – sent me something different instead: I was pleased to find clear indications of LaserLock when just opening this package:

Spoiler: A visible ring!

Spoiler: And the iconic hidden folder

So… now with all that preface: The CD protection scanners (of course) just shout "LaserLock" when seeing that hidden folder. But for some reasons, I'm not convinced the executable is actually protected (the disc unsuprisingly has the read errors problem): ProtectionID doesn't report anything when scanning the installation directory… and I can't create a bad copy of the disc that is not accepted (some CD-Check is done – doesn't start without a CD).
Now having looked at the beginning of your paper, I'll have to verify if there is something like hugo32lib.dll – I don't remember it.

The whole topic is so interesting – and I'm so unable to learn stuff. Anyway: Please continue this series. That might be helpful for people being able to concentrate to get started with the world of assembly an RE.

 

[Jayro]

Since LaserLock is defunct, maybe just ask the devs for the sourcecode?

 

[KleinesSinchen]

Since LaserLock is defunct, maybe just ask the devs for the sourcecode?

Do they even have the right to release such information? They sold DRM for third-parties (game developers).

 

[Jayro]

Do they even have the right to release such information? They sold DRM for third-parties (game developers).

They'd have to make sure the license has expired, probably. From a legal standpoint, anyway.

 

[Luca91]

Now having looked at the beginning of your paper, I'll have to verify if there is something like hugo32lib.dll – I don't remember it.

Even if the dll is in the game directory, you have to check if it is actually loaded by the executable. You can use CFF Explorer and look for it in the Import Directory tab.

and I'm so unable to learn stuff.

Why? I'm very open to suggestions, so if you tell me what you don't understand, maybe I can explain it better

Since LaserLock is defunct, maybe just ask the devs for the sourcecode?

Well, I can't find any reason why the source code would be useful honestly.

 

[Jayro]

Even if the dll is in the game directory, you have to check if it is actually loaded by the executable. You can use CFF Explorer and look for it in the Import Directory tab.


Why? I'm very open to suggestions, so if you tell me what you don't understand, maybe I can explain it better


Well, I can't find any reason why the source code would be useful honestly.

To know how it functions, and how to defeat it? I don't know what else could be had from it either, honestly.

 

[Luca91]

To know how it functions, and how to defeat it? I don't know what else could be had from it either, honestly.

You can read my technical paper to learn how it works and how to defeat it. You don’t really need source code to learn how stuff works

Edit: you can also go deeper in CallDLL function to find the code that do the crc checks and retrieve the correct api address from the table.

 

[Deleted member 388531]

nice paper man, thumbs up from me

 

[SylverReZ]

Thanks for the well written documentation.