这是Acustica Audio插件所需的运行时库。
这些只是合法文件,里面有一些指示!
!!! 警告!!!
Acustica Audio明确表示,他们会在其Aquairus工具中检测到盗版版本。
如果你是合法用户并希望进入R2R-Acustica-World,请卸载这些插件并转售它们。
否则,我们不建议安装R2R(以及其他)版本。
没有人能够避免检测,因为开发者可以在版本发布后更新算法。
好了,让我们开始这份长长的NFO!
在我们开始详细的技术说明之前,我们应该写一些更加通用的内容,关于人们应该更加关注的事情。
[1] R2R版本的优势
这一次,R2R并没有破解软件。我们做得远远超出了这一点。我们已经
重建了整个库,使其可以在没有任何保护的情况下运行。
- 库没有经过加密(RC4/Scorpion)。
- 库没有被压缩,但它比正版版本更小。
- 库的加载时间比正版版本快,原因如上所述。
在一些有很多文件的产品中,我们的版本比正版版本小90%。这是因为每个库文件都包含DLL文件用于自我解密。即使是10KB的小文件,也有大约3MB的解密代码。这些都在我们的重建库中被完全删除了,因为你再也不需要它们了 :)
简单而足够好!
[2] Acustica Audio插件有强大的保护吗?
是的,对于初学者破解者。
不,对于经验丰富的破解者。
最低要求技能:
- 了解DLL(如果你能手动从UPX中解包DLL,那就足够了)
- 加密技术:RC4/RSA
- 熟悉Win32API的编程经验
需要合法许可证才能制作keygen(或像R2R一样进行解密)。
[3] 破解需要多久?
从一个女巫让一个产品运行开始,只用了几个小时。
重建库这样的版本则花了一周时间!
总之,产品A和产品B之间的保护差异很小。做完所有这些工作花费了很长时间,但这正是女巫们的乐趣所在 :)
[4] 上一版本的R2R(keygen)是2014年发布的。为什么这么久才发布?
- 我们不想公开我们的破解版本,直到我们几乎能破解所有产品。
- 我们懒得做所有产品。Acustica Audio的产品数量不断增加。这使得女巫们变得更加懒散。
如果我们没记错的话,我们在2015年已经做出了第一个有效的破解(它配有合法许可证)。我们知道Acustica Audio非常担心被破解。我们确信如果我们再发布另一个“艺术作品”,他们会再次更改保护措施。这就是为什么我们一直保持内部版本很长时间,自2014年以来没有发布1或2个产品。
今天,我们终于决定发布它们了。总共有100多个产品。不后悔。我们也认为这个版本可能会改变开发者的想法,避免他们采取“更加保护!”的措施 :)
[5] Mac!!!!!
我们的解密库兼容macOS,只要你懂怎么做!我们是懒惰的女巫,没时间为macOS发布100多个产品,太费时了。
[6] 亲爱的开发者!
最后,你需要改变看法,毕竟你发现当前的保护方案对R2R不起作用。你完全误解了这一点。
- 我们已经展示了如何逆向Virtual DLL技巧,并为RC4加密制作有效的keygen。
- 我们已经证明了我们可以解密/解包并模拟昂贵的商业保护措施,而这些保护显然比你们自制的保护更先进。
我们不明白为什么你们还相信你们那些超级臃肿的多层保护。根据以上两点,毫无疑问我们可以轻松地去除你们的保护(至少应该比收费的保护要容易得多)。就像我们在前一部分所说的,这对我们来说甚至不到一天的时间。
客户(包括潜在客户)并非盲目。请考虑他们的感受,一旦我们证明这些保护措施让你们的产品变得臃肿并降低了性能,而R2R版本则表现得更好。我们看到你们说“正版版本更好,因为你可以获得更新!”但这些更新的表现远不如R2R版本,除非你改变看法。
与其威胁你们的客户,不如做出正确的决定。宣布你将移除这些垃圾,并专注于性能和质量。
我们——R2R,客户,潜在客户,都在看着你。
不要让你们的客户转售你们的产品,最终变成R2Red。
技术说明给狂热者
除了主许可证文件方案(包含解密库的密钥)外,我们还将讨论它们独特的糟糕保护。
[1] 理解Nebula Image
Acustica Audio产品中有N2S、N2P、N2V文件。我们称它们为Nebula Image。它们是文件容器,类似于ISO和ZIP。它支持文件压缩(算法:Google Snappy)和加密(RC4 / Scorpion)。Scorpion是Acustica自制的DLL文件,执行另外一层解密。
[2] Nebula Image的工作原理
使用一个Nebula Image文件时,程序按以下方式工作:
- 加载Image文件。
- 使用RC4解密TOC(文件列表)。
- 获取文件列表。
- 获取FileA的偏移量和RC4加密密钥。
- 加载FileA到内存。
- 使用(4)中获取的密钥对FileA进行RC4解密。
- 使用Google Snappy解压FileA。
一些文件在(7)之后还会受到额外保护。
- 在文件列表中找到SCORPIONX64n.dll。
- 加载SCORPIONX64n.dll到内存,进行DeRC4和DeSnappy。
- 将SCORPIONX64n.dll虚拟加载到内存。
- 通过运行SCORPIONX64n.dll中的代码来解密FileA。
在此过程中,许可证文件会被SCORPION检查。
- 在Image中还有第二个SCORPION,执行与第一个相同的操作。
- 最终FileA在内存中被解密!
为了使事情更复杂,SCORPION还会虚拟加载嵌入在SCORPION中的额外DLL。
[3] 臃肿
如你所见,每个Image文件中都可能包含SCORPION。由于Acustica Audio的产品支持Win32、Win64、Mac32、Mac64、MacARM,因此在一个Nebula Image中可能有10个DLL文件(因为每个平台有2个SCORPION)。当然,Nebula Image中也可能包含另一个Nebula Image。
这就是它们的库变得臃肿的方式。
[4] R2R“优化”
在R2R重建的库中,所有RC4和SCORPION都已经预解密并从Google Snappy解压。因此,我们还可以从Nebula Image中删除SCORPION DLL文件(每个Image节省约3MB)。如果有1000个文件,就节省大约3GB。一些大型产品实际上包含的文件远不止1000个。
在R2R版之后,Nebula Image的工作方式如下:
- 加载Image文件。
- 获取TOC(文件列表)。
- 获取FileA的偏移量。
- 将FileA加载到内存中。
仅仅4个步骤!我们还可以进一步优化吗?这就像普通的ISO文件 :)
因为我们发布的Image文件已经解密并解压,你可以通过你最喜欢的十六进制编辑器直接查看Image中包含了哪些文件。
由于R2Red版本的Image文件是普通的,你最终阶段的格式压缩会获得额外的良好压缩效果。
[5] Acustica使用的技巧
- 虚拟DLL —— 基本上,DLL是通过Win32API的LoadLibrary/Ex加载的。但是可以在不使用该API的情况下手动加载DLL。初学者破解者只知道DLL和调试器的基础。通过加密DLL并虚拟加载,初学者破解者无法像分析其他普通DLL文件那样静态分析和修改文件。拥有扎实知识的破解者可以从内存中提取(dump)DLL,或编写代码来修补虚拟化的DLL。Cherry Audio也使用了相同的方法。
- SYSCALL —— Acustica Audio扫描系统目录中的ntdll.dll,并在不使用Win32API的情况下调用系统函数。这样可以避免被黑客使用API挂钩(API-Hooking)。API挂钩可以用来更改某些值来识别机器(用于生成挑战代码)。Acustica Audio试图避免这种情况。一些商业保护器也采用了这种附加技巧。
EOF
This is runtime library required by Acustica Audio plugins.
They are just legit files with few insructions!
—————————————–
!!! CAUTION !!!
Acustica Audio clearly states that they detect warez version in their Aquairus tool.
If you are legit user who wants to dive into the R2R-Acustica-World, uninstall them and sell them.
Otherwise, we don’t recommend you to install R2R (and other) release.
No one can avoid the detection because developer can update the algorithm after the release appeared.
——————————————-
OK, let’s start the long NFO!
Before we start long technical notes, we should write about more
generic things about what people should have more interests.
[1] Advantage of R2R release.
This time, R2R didn’t crack the software. We did far beyond that. We’ve
rebuilt the whole library which works without any protection.
* Library is not encrypted (RC4/Scorpion) at all.
* Library is not compressed, but it’s still smaller than legit one.
* Library loading time is faster than legit version because of the
reasons above.
In some products with many files, our release is 90% smaller than legit
version This happens because every single library files have DLL file to
decrypt themselves. Even small 10KB file have about 3MB of decryption code
inside. These are completely removed in our rebuild library, because you
don’t need it anymore :)
Simple and good enough!
[2] Does Acustica Audio plugins have strong protection?
Yes, for beginner crackers.
No, for experienced crackers.
Minimum required skill set:
* Know about DLL (if you can manually unpack DLL from UPX, that’s enough)
* Crypto RC4/RSA
* Coding experience with Win32API
Legit license is required to make keygen (or perform decryption like R2R).
[3] How long did it take to crack?
It just took few hours from one witch to make one product working.
It took 1 week to realize the library rebuilding like these releases!
Anyway, there are many small differences in the protection between product A
and B. It took long time to do them all, but that’s a fun part for witches :)
[4] Last R2R release (keygen) was in 2014. Why did it take so long?
* We didn’t want to expose our crack to public until we can do them (almost)
* We were lazy to do all products. The amount of Acustica Audio products
had been increasing. That fact made witches more sloppy.
If we remember correctly, we already made 1st working crack in 2015 (it was
supplied with legit license). We know Acustica Audio is freaky worrying about
being cracked. We were sure that they will change the protection again if we
release another “art”. That’s why we have kept it internal for long time, and
never released 1 or 2 products since 2014.
Today, we finally decided to release them. There are over 100 products. No
regrets. We also think this release may change developer’s mind and avoid
“protect more!” action from them :)
[5] Mac!!!!!
Our decrypted library is macOS compatible if you know how to! We are lazy
witches and we don’t release 100+ products for macOS. Too time consuming.
[6] Hi developer!
Finally you need to change the mind, after you found that current protection
scheme does not work for R2R. You have serious misunderstanding about it.
* We showed we can reverse Virtual DLL trick and make valid keygen for RC4
Crypt for your products in 2014.
* We have shown that we can decrypt / unpack and emulate expensive
commercial protections, which should be obviously more advanced than your
homemade one.
We can’t understand why you can believe in your super bloated multilayered
protection. With the 2 facts above, there are no doubt that we can easily
(at least should be much easier than paid protections) remove yours. As we
stated in the previous section, it didn’t even take 1 day for us.
Customer (incl. potential customer) are not blind. Please think about how
they feel, once after we proved these protections are making your products
really fat and decreasing the performance – and R2R ones are far better. We
saw you are saying that “legit version is better because you can get updates!”
but these updates perform much worse than R2R release unless you change your
mind.
Instead of threatening your customer, do the right thing. Make a statement
that you will remove the shit and focus on the performance and quality.
We – R2R, customer, potential customer are watching you.
Don’t let your customer selling your products and going to be R2Red.
——————————————————————————
TECHNiCAL NOTE FOR MANiACS
Apart from the main license file scheme (contains key to decrypt library), we
will write about their unique bad protection.
[1] Understand Nebula Image
There are N2S, N2P, N2V files in Acustica Audio products. We call them Nebula
Image. They are file container like ISO and ZIP. It has file compression
support (algo : Google Snappy) and cryptography (RC4 / Scorpion). Scorpion is
custom DLL file made by Acustica, which performs another decryption.
[2] How Nebula Image Works
To use one Nebula Image file, program works like this:
1) Load Image file.
2) Decrypt TOC (File List) by RC4.
3) Get File List.
4) Get offset and RC4 encryption key of RC4 of FileA.
5) Load FileA to memory.
6) Decrypt FileA by RC4 using key acquired in (4).
7) Decompress FileA by GoogleSnappy.
Some files are more protected after (7).
8) Find SCORPIONX64n.dll in the file list.
9) Load SCORPIONX64n.dll to memory, DeRC4, DeSnappy.
10) Virtually load SCORPIONX64n.dll to memory.
11) Decrypt FileA by running the code inside SCORPIONX64n.dll.
License file is checked by SCORPION in this process.
12) There are 2nd SCORPION in the Image, do the same thing like 1st one.
13) Finaly FileA gets decrypted in the memory!
To make the things worse, SCORPION also Virtually load additional DLL which
is embedded in SCORPION.
[3] Bloating
As you can see, every Image files can have SCORPION inside. Since Acustica
Audio products have support for Win32, Win64, Mac32, Mac64, MacARM, there are
10 DLL files (because there are 2 SCORPIONs per platform) in 1 Nebula Image.
Of course, Nebula Image can have another Nebula Image in it.
This is how their Library gets bloated.
[4] R2R “Optimization”
In R2R rebuilt library, all RC4 and SCORPION are pre-decrypted, decompressed
from Google Snappy. As a result, we can also remove SCORPION DLL files from
Nebula Image (saves 3MB per Image). If there were 1000 files, it saves about
3GB. Some huge products actually have much more than 1000 files.
After R2Ring, Nebula Image works like this:
1) Load Image file.
2) Get TOC (File List).
3) Get offset of FileA.
4) Load FileA to memory.
Just 4 steps! Can we optimize more? It’s just like plain ISO file :)
Since Image file in our release is already decrypted and decompressed, you
can see what files are included in the Image by just opening Image in your
favorite Hex Editor.
Because R2Red Image files are plain, you get additional good compression by
format compression at the final stage.
[5] Tricks Use by Acustica
* Virtual DLL – Basically, DLL is loaded by using Win32API LoadLibrary/Ex.
But it is possible to load DLL manually without using that API. Beginner
crackers only know the basic of DLL and debugger usage. By encrypting the
DLL and loading it virtually, beginner cracker cannot perform static
analysis and modify the file like other formal DLL files. Crackers with
solid knowledge can dump (extract) the DLL from the memory, or write the
code to patch the virtualized dll. Cherry Audio does same thing.
* SYSCALL – Acustica Audio scans ntdll.dll in the system32 dir, and calling
system function without using Win32API. This is used to avoid API-Hooking
by hackers. API-Hooking can be used to change some values to identify the
machine (used by generating challenge code). Acustica Audio tried to avoid
it. Some commercial protectors do this as an extra trick.
EOF
![Plugin Alliance HUM Audio Devices LAAL v1.0 [WiN]](https://cdn1.5kys.net/wp-content/uploads/2025/05/HUM-Audio-Devices-LAAL-Limiter-700x394-1-500x394.jpg)
![BABY Audio Smooth Operator Pro v1.0 [WiN, MacOSX]](https://cdn1.5kys.net/wp-content/uploads/2025/05/SmoothOperatorProBabyAudioCoverImage-500x400.jpg)
![UVI Effects Bundle v2025.04 [MacOSX]](https://cdn1.5kys.net/wp-content/uploads/2025/05/UVI-the-effects-bundle.001-500x400.webp)
![Plugin Boutique Core Collection v1.0.1 Rev2 [MacOSX]](https://cdn1.5kys.net/wp-content/uploads/2025/05/Plugin-Boutique-Core-Collection-500x400.webp)