Published in Gaming

DRM developer cracks Hogwarts Legacy's Denuvo protection

by on05 April 2024

Turns out it might not have been the Voldemort of the story

DRM developer Maurice Heumann has successfully cracked Hogwarts Legacy's Denuvo DRM protection system to delve deeper into the technology.

According to Toms Hardware, he's kept many of the nitty-gritty details of his work under wraps to prevent muggle developers from illegally cracking it.

In his blog post, Heumann spills the beans that Denuvo employs various methods to ensure that Hogwarts Legacy is being run under kosher (legal) conditions.

First, the DRM creates a "fingerprint" of the game owner's system, and a Steam Ticket is whipped out to prove game ownership. This Steam ticket is then sent to the Steam servers to ensure the game was bought relatively and squarely. Heumann admits that he's not entirely clued up on what the Steam servers are up to but reckons this assumption should be bang on the money to understand how Denuvo ticks.

Once the Steam ticket gets the green light, a Denuovo Token is created that only works on a PC with the exact fingerprint. This token decrypts specific values when the game is running, enabling the system to run the game. Moreover, the game will use the fingerprint to periodically verify security while running, making Denuvo a tough nut to crack.

After a dedicated effort spanning half a year, Heumann managed to decipher Hogwarts Legacy's Denuvo fingerprint and use it to run the game on another machine. He used the Qiling reverse engineering framework to identify most of the fingerprint triggers, which consumed two months of his time. There was a third trigger that he stumbled upon by sheer luck. Ultimately, he bypassed most of the Denuvo DRM with around 2,000 patches and hooks and successfully ran the game on his laptop using the token generated from his desktop PC.

Heumann ran many tests to determine if performance was impacted, but he couldn't get a definitive answer.

He discovered that the Denuvo code executed in-game is relatively infrequent, with calls occurring once every few seconds or during a level. This suggests that contrary to popular belief, Denuvo is not a Death eater of performance.

Last modified on 05 April 2024
Rate this item
(3 votes)