Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


bypass integrity check without stealthedit

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials
View previous topic :: View next topic  
Author Message
tocaedit
How do I cheat?
Reputation: 0

Joined: 26 Aug 2012
Posts: 3

PostPosted: Wed Aug 29, 2012 10:32 am    Post subject: bypass integrity check without stealthedit Reply with quote

Another way I found to bypass integrity checks is to search near your target dynamic memory address for possible base code (usually numbers between 00400000 to 02000000)

chances are you'll find a pointer to a function list which is also in base code, who's functions are being called on a regular basis to update the target value.

you don't want to edit the base code because that will trigger a crc check, so you make a copy of the function pointer list in some allocated memory , then modify the pointer you find and point it to your copy of the function list, edit the function you want to replace (storing the original value for later use) and point it to your function, voila you have stealth code running

(pointer to the function list must be in dynamic memory)

now your function will be called by something like

call eax
call edx...

ok fine but say you want to run your code after the call

you do something like this
Code:

      push eax
      mov eax, [esp+0x4]
      mov CALLER, eax
      pop eax

      add esp, 0x4  //important bit
      call OLDFUNC

      pushAll   
      call   DoFrame
      popAll

      jmp CALLER



this is for a proxy dll, but may also work with injected dll or codecave

this way you could have the game run a copy of a few functions in your allocated space then just return to the caller. finding the right function in the pointerlist you want to edit is the hardest part, also it relies on the initial pointer being near the target value and associated with its change, you will need to know the pointer path to the dynamic memory with the target

couple advantages over stealthedit; small package, no DEP required, no admin rights required
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Tutorials All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites