Ah. The target vector would be emulating not only the server, but the actual files that are distributed FROM the server itself. When the user would access their profile (autoloading from 24-digit HWID, based off of hardware identification), the data that dictates expiration dates, hardware codes, modules, modulenames, etc, is where secondary encryption comes into play. Even emulating server side authentication using VMs is a lot more difficult than it would seem, since the actual content HAS to be copied in order for the crack to actually work. This is well above the skill level of most seasoned devs, so again, the weakest point would be the security of said authentication server. It's not crackproof, but it's extremely difficult to actually work around, even using external patching and disassembly. During my tenure at said company, I did months worth of testing, debugging, cracking, etc, to make sure that altering the compiled code would NOT be a simple cakewalk like other applications that are easily vulnerable to an external patching crack. Internal disassembly, once compiled, obfuscated, and compressed isn't exactly anyone's idea of a fun ride at a waterpark.
The reason I left wasn't because I peddled some kind of snake oil, the code works. I gave several live demonstrations in-house, and for their costumer base. The reason I left was because I suffered a secondary fracture to a knee that had been fractured at a different location less than 10 years ago, which was due to negligence on the part of the company and the property management. Not exactly something one can just bounce back from. However, that's really beside the point.