Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Finding hidden module pointer addresses

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
tested05
How do I cheat?
Reputation: 0

Joined: 24 Jan 2018
Posts: 3

PostPosted: Wed Jan 24, 2018 2:40 am    Post subject: Finding hidden module pointer addresses Reply with quote

Base address 0x00001234, the address of the pointer to this address is
test.dll + 0x1234.

However, if test.dll is hidden due to peb unlinking, the Cheat Engine will not recognize the module and will return 0x00001234 instead of the pointer address.

I'm wondering if there is a way for the cheat engine to return a pointer based on that module, even if the module is hidden.
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Wed Jan 24, 2018 2:48 am    Post subject: Reply with quote

Manually find where test.dll is loaded, relink it to the PEB. Or just use the address where its properly found at.
_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
tested05
How do I cheat?
Reputation: 0

Joined: 24 Jan 2018
Posts: 3

PostPosted: Wed Jan 24, 2018 3:02 am    Post subject: Reply with quote

atom0s wrote:
Manually find where test.dll is loaded, relink it to the PEB. Or just use the address where its properly found at.


I dont know relink peb manually. Is it possible with cheat engine?
Back to top
View user's profile Send private message
FreeER
Grandmaster Cheater Supreme
Reputation: 53

Joined: 09 Aug 2013
Posts: 1091

PostPosted: Wed Jan 24, 2018 6:29 am    Post subject: Reply with quote

google gave this for "peb relinking" (edited, oops-ing lol) https://www.unknowncheats.me/forum/c-and-c/81519-unlinking-and-relinking-loaded-dlls-peb.html

looks annoying...of course pretty much anything is possible in CE if you know what you are doing since you can execute arbitrary assembly code which is what compiled languages get compiled into.

presumably you could just do an aobscan for something in the module and subtract the offset to get the module's base address and then register the dll name as a symbol at that base address and continue on as if it was linked for most purposes in CE...


Last edited by FreeER on Wed Jan 24, 2018 7:11 am; edited 1 time in total
Back to top
View user's profile Send private message
tested05
How do I cheat?
Reputation: 0

Joined: 24 Jan 2018
Posts: 3

PostPosted: Wed Jan 24, 2018 6:50 am    Post subject: Reply with quote

FreeER wrote:
google gave this for "peb relinkinking"
looks annoying...of course pretty much anything is possible in CE if you know what you are doing since you can execute arbitrary assembly code which is what compiled languages get compiled into.

presumably you could just do an aobscan for something in the module and subtract the offset to get the module's base address and then register the dll name as a symbol at that base address and continue on as if it was linked for most purposes in CE...



I just succeeded. Thank you bro
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Wed Jan 24, 2018 3:38 pm    Post subject: Reply with quote

tested05 wrote:
atom0s wrote:
Manually find where test.dll is loaded, relink it to the PEB. Or just use the address where its properly found at.


I dont know relink peb manually. Is it possible with cheat engine?


Yes it is entirely possible with just CE. All you are doing is writing pointers to a linked list.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites