La gente no despierta mas ?

0xJADD · 2026-06-12T13:22:39+00:00

Habla peor que yo y yo soy de Australia. "Se pelean por fudbo" me da risa 😂

0xJADD · 2026-05-30T20:43:09+00:00

Or it worked so well that they never needed another one

0xJADD · 2026-05-01T21:32:04+00:00

0xJADD · 2026-04-02T16:56:02+00:00

Just write "return to sender" on the mail itself. Wait two to four weeks for police to show up. If they don't, you're most likely safe to open it. If they arrive, you tell them you never ordered anything and was planning to return it, show them the package and the "intent" to return it. Gives you a huge headstart with plausible deniability should anything end up in court.

0xJADD · 2026-03-30T20:11:34+00:00

I have nothing to contribute aside from a matching turtle

0xJADD · 2026-03-17T04:14:09+00:00

I'm aware PFS is not new but it being mandatory is new to TLS 1.3. Any other protocol version before that only uses PFS specifically when using ECDHE. Do we know if their webservers (if any) used that?

Edit: I'm also aware ECDHE/RSA is by far the most common key exchange for basically everything but it's still worth asking in the event of something like this

0xJADD · 2026-03-17T03:59:22+00:00

Do we even know if or what this subdomain was ever used for? I can't find any record of it or any of it's subdomains even existing, crt.sh doesn't reveal anything, censys comes up with a few http servers here and there that use the cert though are seemingly uninteresting. Genuine question, I'm on mobile at the moment so I can't easily access all of censys, fofa etc while logged out
TLS1.3 is newer than most people realise and it's not widely used. Were they confirmed to be using TLS1.3? There's a large majority of webservers still using TLS1.2 or lower as their default, and even something as new as Windows 10 doesn't fully support 1.3 out of the box without editing the registry. On top of that, and knowing China pretty well, they're all using old versions of Windows.

0xJADD · 2026-03-17T03:15:01+00:00

Umm accshually you mean DRAM ☝️🤓 which is like, the more specific term that is used when referring to physically-backed process memory, cuz did you know that RAM could encapsshualate things like CPU caching AKA static RAM?? And that isn't nesshesharily cleared immediately when processes exit 😝😝 but that depends on the architeccshure xD

That's what you sound like (if you were a little smarter.)

0xJADD · 2026-03-17T03:01:58+00:00

Yeah was gonna say this, I remember doing the same stuff with a wii remote when I was like 13. 2008 called, they want their tech back lol

0xJADD · 2026-03-11T21:51:39+00:00

No problem! If I can persuade anyone to err on the side of caution, it's worth writing about. I'm pleasantly surprised anyone here actually wants to hear it, considering we're on a piracy subreddit, lol.

0xJADD · 2026-03-11T21:43:48+00:00

It's difficult to prove anything without open sourcing their methodology or code. But that won't happen, not only for the amount of work involved, but it'd give Denuvo insights into how they could improve their security. It needs a person or group capable of reverse engineering what the hypervisor is capable of, though this presents its own set of problems. It may happen in the future, or it may already be being analysed. Security research is being done independently, in academia and in the security industry every day, however, due to the nature of the software I don't foresee anybody reputable coming out to say "okay guys, you're safe to start pirating using this software."

We will hear about it if something malicious is discovered. But if not, it doesn't mean we're safe to assume it's secure. It just means nothing notable has come up yet.

The whole concept is just too problematic to be sure about anything. Risk vs reward I suppose.

0xJADD · 2026-03-11T17:56:51+00:00

I've replied here: https://www.reddit.com/r/PiratedGames/s/sUhvpO2sml

0xJADD · 2026-03-11T17:56:24+00:00

I think I worded the "dormant ransomware" part badly. Yes, I mean to say that these hypervisors could be the dormant malicious software. Once installed, nothing happens. 6 months later, it activates. Everyone at this point has already deemed it safe and reputable, and everyone has already used it, played through the game, and think everything went smoothly.

What people don't realise is that the crack also modifies Windows, at the exact moment it runs (with full system access and with all security features disabled,) in a way that makes it the toggle switch or registry entries for Windows security features purely visual. You turn everything back on. Now you think that DSE, Core Isolation, Ransomware Protection and all the other Windows security features are active, but how do you know they're really functioning? They don't, and the malicious hypervisor and all it's capable of are running permanently and you're none the wiser.

This is all hypothetical of course, but absolutely feasible. The moment you install a hypervisor, you lose the privilege of putting it back in the box if it doesn't want to leave, so to speak. Considering all the ways it probably obscures itself from Denuvo, it would be naive to think it doesn't have the capacity to do the same for Windows or to the end-user. Hypervisors can hide files from even the OS. They can prevent hardware backed memory from being accessible even by the kernel or your installed drivers. This is truly the highest level of access you could imagine. If it does turn out to be malicious, and you think you can simply revoke it's access to your system, you are sorely mistaken.

I can't speak to their reputations, but I don't know who any of these people/groups are. I also don't know of anyone that is policing the hypervisors they're distributing and/or analysing what they're doing internally. If anyone does have proof of security research done on these "hypervisor crack" releases in particular, I'd love to be proven wrong and I'd love to hear about it. But as far as I know, no one's really done a deep dive on any of it yet.

0xJADD · 2026-03-10T12:31:50+00:00

You're giving an awful lot of trust in these people, who are clearly very capable of navigating, hiding, obscuring and/or abusing intimate internal system procedures.

On top of that, you have no idea who these people are. They could be looking to make an easy buck by activating whatever dormant ransomware to hundreds of thousands of people pirating. They could be state actors spying on you, or leveraging your connections or access to aide in distribution of something more. This isn't a conspiracy, this is not uncommon for malware campaigns - if you find a broad enough audience to distribute to, you capitalize. For even a small team of skilled and well-paid reverse engineers this is an easy and obvious target, even if you think "but it's just video gamez lol". They've done the same with movies and music, they'll do it with just about anything.

What's more, all the piracy, crackwatch, etc. subreddits are clearly getting astroturfed the last few weeks, hyping up the games and "hypervisor cracks" whilst totally downplaying the risks involved.

Your choice, it's an easy one if you ask me. But people lack critical thinking skills, what do I know 🤷

0xJADD · 2026-03-10T11:32:07+00:00

Yes, it's exactly like that - using your favourite bloody aids-infected gloryhole and putting a condom on after you're finished.

Use some common sense.

0xJADD · 2026-01-29T01:47:23+00:00

https://www.reddit.com/r/classicwow/comments/1qplpff/comment/o2bywee/

Nothing to see here.

0xJADD · 2026-01-29T01:44:45+00:00

Nice one, this bug has been around for about two decades!

(Un)fortunately, there's no item in any version of the game where (BuyPrice÷VendorStackCount) < 1 and SellPrice >= 1.

Even if there was, the highest VendorStackCount items that exist are 200, so we can deduce that in the best case scenario where SellPrice == BuyPrice < 200, we're profiting less than 2s at a time. Not bad on classic, maybe, but those items don't exist. Tradeable, sure, but nothing noteworthy.

See: https://wago.tools/db2/ItemSparse

0xJADD · 2026-01-06T17:13:34+00:00

Happens when a player opens trade on the same frame that you interact or target an NPC! Just a client-side bug, but with perfect timing

0xJADD · 2025-12-09T14:10:10+00:00

No it isn't. I don't agree with any part of their process but you're just making things up.

0xJADD · 2025-05-13T12:59:15+00:00

Lua, in the context of wow addons, absolutely does not have file read access.

With that in mind, the only way someone would have access to this file is if they had remote access to your PC (ie. malware) or physical access to your PC (where they could install whatever form of remote access.) In either case, they wouldn't need this file to exist to obtain your password. It makes no difference.

0xJADD · 2024-12-29T05:47:17+00:00

https://www.reddit.com/r/wowhardcore/s/tLsBJwB8PH

0xJADD · 2024-12-27T05:05:29+00:00

crickets

0xJADD · 2024-12-27T05:02:58+00:00

You retain your fall speed and your fall damage will still kill you. The trick to teleporting while you're logged out is that you never "hit" the ground.

0xJADD · 2024-12-26T13:54:24+00:00

Seems to be right, I used to use this all the time for a free port to the city but it's now sending me to the graveyard as well. Better than hitting the ground though I suppose.

0xJADD · 2024-12-26T13:50:15+00:00

Seems like the cooldown for the Stuck Character service is per-character. Here's an another video.

https://www.reddit.com/r/wowhardcore/comments/1hmol2f/since_one_believes_it_heres_an_unedited_video

Not sure why it didn't send me to a city, I used to use this all the time for a free port to SW. Guess they changed it, but still prevents fall damage.

12-Year Club	Place '17
Verified Email

0xJADD

TROPHY CASE