Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


How Does Cheat Engine Gain Memory Privileges?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Source
View previous topic :: View next topic  
Author Message
Acidic92
Newbie cheater
Reputation: 0

Joined: 09 Sep 2017
Posts: 16

PostPosted: Sun Sep 10, 2017 9:08 pm    Post subject: How Does Cheat Engine Gain Memory Privileges? Reply with quote

I've been having some trouble when it comes to reading a processor's memory. I receive an access denied error, even when I run my program as administrator.

I've been trying to make my program 100% external, without any injection of DLL's or code into any processors.

How does Cheat Engine do it?
Does cheat engine inject a DLL into a process when you select it from the list? Or does it do it 100% externally (somehow)?
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 138

Joined: 25 Jan 2006
Posts: 7325
Location: 127.0.0.1

PostPosted: Mon Sep 11, 2017 2:04 am    Post subject: Reply with quote

If you are not using the driver, it does normal means to obtain a handle. Elevates the proper token privileges then uses OpenProcess with PROCESS_ALL_ACCESS.

You can follow this in CE's source. Inside of the process window handler, you can find PWOP:
https://github.com/cheat-engine/cheat-engine/blob/f6c497b19f2604a09d58306a25d9926f057c4481/Cheat%20Engine/ProcessWindowUnit.pas#L392

In that you will find a call to Open_Process; which is found in CEFuncProc:
https://github.com/cheat-engine/cheat-engine/blob/e743f5bca89eec16f47e91aee336f8b295d1e0e8/Cheat%20Engine/CEFuncProc.pas#L1800

Here you can see its calling NewKernelHandler.OpenProcess:
https://github.com/cheat-engine/cheat-engine/blob/master/Cheat%20Engine/NewKernelHandler.pas

Here you will find all the OpenProcess setup code which depends on if you are using DBVM / driver or not, the networking setup, etc. Each of these have their own override for OpenProcess. By default though, the original is called from kernel32.dll if no extra features are being used.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Source All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites