transcribedText.txt

Recently, I have been hearing a lot of people are claiming that if you use Hypervisor Crack, disabling the security settings to play the games, then if you don't revert the settings back immediately via the VBS script and restart, you would get hacked immediately if you just as simple as visiting a web page. That is not true at all, while not entirely. Let me dive deeper a bit to explain what are you really sacrificing by using the Hypervisor. But before we can get to that, let me explain this first. What even is Hypervisor? Okay, now, normally, when you're OS. In this case, Windows has the highest level of control over your computer. It manages all your software, your RAM, your SSD, your CPU, your GPU, and everything. We call this running at ring zero, aka the kernel level. This is where the anti-cheat drivers etc. live. However, a Hypervisor is special here. It is a software that actually sits beneath the OS, actually on the hardware itself. And we call this ring minus one, but wait a second. Why do we need this to play De Nouveau games? Well here, why do we even need this? For semantic reasons, let me just clear this out of the way. De Nouveau is actually not a DRM. It is an anti-tamper software that wraps around the actual DRM, like Steam Slash Epic. So why this distinction? Simple because the job of De Nouveau is not to protect the game. It is to wrap around the actual DRM and make sure it doesn't get altered through runtime rendering. For example, here, if I try to modify the game's codes, in this case, removing the license check, De Nouveau would detect this and terminate the game. It does this in many ways, through checks, such as CPU ID, Cuser underscore shared underscore data, P E B, process environment block, etc., etc., we won't dive deep these checks this time, because that's a topic for another day. Just know this. De Nouveau is like a super duper paranoid security guard deeply embedded in system. The check's a lot of things and a lot of times when running the game. Hence why it makes the traditional cracking method super difficult, because this security guard is super diligent at doing its jobs. It checks for too many things and too many times, and to bypass it, we need to patch these checks manually one by one. There are some tools privately held by the crackers to do make things easier, but the fundamental doesn't change. Think of it this way. The game, let's say stellar blade is premium strip club, which kind of is already L-Mail. And you want to go into the strip club, but the entry fee is $70, pretty cheap for a club, but you get the idea, you don't want to pay for that. Of course, so you sneaked in, which is already difficult enough, since you need to bypass the first pre-OEP special checks. This is the thing runs just before handing control to original entry point. It also manages token. Validation, expiration, etc., for people who use offline activations, let's just assume you bypassed it. You are now in the club, you see, but immediately you see the security guard denuvo getting to you, and say, hey, where is your ticket? You reply with awe, ticket, and you get kicked out the game closes. Even if you bypass that, the security guard would immediately return and say, why are you wearing blue? We don't allow blue clothes in here, and you are like, I wear blue. You get kicked out, and let's say you bypass all of those, and have fun for a couple minutes. Going to another room now, loading screen, then the security guard comes again, asking you, I want to see your signature, write it down on this paper, right now. You try to fake a signature of your pretended identity as best as you can, but the security guard suddenly yells, you took too much time writing this. You are a fake. Get out now, and you get kicked out again, rip. How hypervisor actually bypasses this, let's say, with hypervisor, because you are like a mind controller, freaking the loose or Jedi here. You walk into the club, the security guard asks you. Where is your ticket? You raise your hand, and you say, I have the ticket. You control his mind, making him think you do have the ticket the security guard immediately says, oh, sorry, sir, my bad. Please enjoy, but then he returns, looks at you, and say, wait, why are you wearing blue? We don't allow. I am not wearing blue. You raise your hand, and mind control him again. And he lets you pass, because he's mind controlled by you. Same goes for the signature check, write the signature down right now. I wrote it down. Oh, of course, sorry for the interruption. So yeah, that's how hypervisor works. I kind of digress a lot here, but it is kind of necessary so you can understand how hypervisor is actually needed how it works. Now let's get back to what we were saying, what does the hypervisor actually need you to disable? Currently with the curajiri method. These are the things that you need to disable before you can use the hypervisor crack. Memory integrity, HVCI, credential guard, Windows Hello, Hyper-V, driver signature enforcement, DSE. However, what is not disabled are secure boot and FIGARD. Let me explain what are these things being disabled one by one. Memory integrity, HVCI. This is a security feature introduced by Microsoft in 2016 as part of Windows 10. It debuted in 2015, but officially launched with Windows 10. This is kind of like a secure room on your Windows, so before you can install slash user a driver, anything really, your GPU driver, your printer, etc., etc., Windows sends it to a secure room. To vet it, it checks for its digital signature. If it's not trustworthy or tampered with, it gets sent to the shadow realm or just blocked LOL. It also makes sure the drivers are read only to prevent kernel hijacking. So here's the thing we need to load our own drivers, and we can't have it being dragged to the secure room. Because once in there, we can't pass and our crack driver got beaten up and thrown away. So we gotta go. 2. Credential guard this is essentially big safe container for all of your important credentials, such as your Kerberos tickets, your biometrics, and your authentication data. Let's not dive deep into this. Let me just summarize here. All of your very important network secrets are stored in this big secure box. If you disable it, a hacker can just dump your credential or impersonate you through the network. Technically speaking, this is more of a collateral damage. Because the hypervisor crack doesn't do anything in this department, but having it on causes virtualization conflicts with our hypervisor. So it's disabled 3. Windows hello, this stores your pins, facial recognition, and fingerprint scans, etc., it's disabled because it relies on credential guard. 4. Hyper-V the official Windows hypervisor. This is the main thing for us to disable in order to load our hypervisor, but we can't disable this and load our hypervisor. So everything above have to be disabled first, which are the VDS features. And additionally, we must add boot option to prevent the hyper-V from loading up. 5. Driver signature enforcement, DSE. This is the pretty much the most important thing for us to disable. As with it, Windows makes sure every driver that it loads have the Microsoft approved certificate, and we don't have any of that. But hey, if you are some high level Microsoft insider who want to risk your job and potentially land yourself in jail for this community and internet points, feel free to contact Carajiri. Also this is when you load the script and restart the computer, you see a blue screen, and you have to press F7. So what are the consequences then? This is first of all, let me say this. With all of these stuffs off, your Windows firewall and Windows Defender will still function. Your firewall will continue to work just fine. It will still monitor your internet traffic, block unauthorized incoming connections, and stop basic network attacks. It doesn't rely on hyper-V or DSE to function at all. And your Windows Defender will continue to do its job too. Obviously scanning the files you download, monitoring your PC for known viruses, and deleting basic malware, for instance, like standard Trojan or a key logger you accidentally downloaded off some shady sites. However, there's just one caveat, because now you have disabled DSE and hyper-V, Windows is now willing to accept any underlying driver file without a signature. This opens the door to a very very particular type of malware, root kits, or driver malware, and it can do big damages. Since it can load its own and signed, malicious driver directly into your system's kernel, it gets access of everything. It can turn the Windows Defender off, add exception to the firewall, so hackers can remotely access your PC, embed itself below the OSN, aka rootkit. Would I get hacked if I don't revert the settings back just by visiting a web page? No. As it a website, the browser runs the site's codes, such as HTML, CSS, and JS, etc. Inside a highly restricted environment called a sandbox. For a hacker to compromise your PC, just by you visiting a web page, they need a chain of exploits. A remote code execution, RCE, vulnerability to run malicious code inside the browser in the first place. Sandbox escape vulnerability to break out of the browser and interact with the OS. Huge escalation vulnerability to gain deep administrative or kernel level control over your PC. This is how some console actually get hacked. The only thing that we compromised with the hypervisor crack is the third step, but the first and second remain strong at deterring these types of attacks. Assuming you update your browser regularly, a hacker would need what is called a zero-day exploit in order to control your PC, but here's the thing. A fully working, chain browser zero-day is worth millions of dollars. Nobody is going to waste their multi-million dollar zero days on some random ass gamers who want to play denuvo games. But how would I actually get hacked simple? You actually download something that Windows Defender screams at being malicious, and you run it. Like a traditional virus. The perfect attack here would actually come from, crackers and repackers themselves, like Kira Jiri, Fick Gal, and Dodie for instance. Fits suddenly goes through a mid-life crisis or whatever and decided to wreak absolute havocs on the piracy community. Since you trust her, and she tells you it doesn't matter if Windows Defender thinks my HV repack is a virus because it's a false positive. You install it, and you get hacked. However, that doesn't really happen. They have a reputation to manage, and I highly doubt someone would just suddenly do that. The other attack vector is also you running some EXE. Could something from some untrusted sites, etc., but that's not very different from how people usually get hacked by using untrusted sites. Should I revert the settings back after each play session? Technically speaking, no, this may come as a surprise. But if you know what you are doing, you keep your browser updated, and you don't download things from any untrusted sites, then it's fine. Unless you want to play slop online competitive games. Since anti-cheat won't work with these settings off, and those games won't launch, there's no harm. But if you do download random stuff from the internet, then let's be frank here, you shouldn't even be attempting to do this in the first place.