| View previous topic :: View next topic |
| Is this a good idea? |
| Is a stupid idea, Cheat Engine cannot be beaten by another poor copy... |
|
60% |
[ 3 ] |
| Yes this is a nice idea, and i maybe want participate in it! |
|
40% |
[ 2 ] |
|
| Total Votes : 5 |
|
| Author |
Message |
Krähne
Expert Cheater
 Reputation: 0
Joined: 06 Jun 2010
Posts: 108
Location: Inside of my Kernel
|
 Posted: Fri Apr 01, 2011 2:11 am Post subject: It would be good to create an Cheat Engine in C#? |
 |
|
Yes, yes... i know... i have to have enough knowledge to do something so advanced.
Anyway, i mean, is not good make something that already exists, but maybe this new CE can be undetected for most game protections.
So, what you think?, VOTE!
P.S.: (In the first option) that is not the point, i mean, i do not want replace the Cheat Engine, (that should be imposible xD), i just want to know if is a good idea... i was sarcastic with that option.
_________________
Excuse me if you don't understand what I just said, but "english" isn't my native language. |
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 471
Joined: 09 May 2003
Posts: 25832
Location: The netherlands
|
| Posted: Fri Apr 01, 2011 6:24 am Post subject: |
|
|
Sure, it might be undetected for 4 to 5 days, but then the detectors will have updated their signature database with the cil code of your ce version and then you have to find out what is detected and edit that, and repeat that every 3 to 4 days
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Krähne
Expert Cheater
Reputation: 0
Joined: 06 Jun 2010
Posts: 108
Location: Inside of my Kernel
|
| Posted: Fri Apr 01, 2011 7:04 am Post subject: |
|
|
But... What if the CE is private?, I mean... What if only one group of people will use it?, I say this because two friends have created a rare private version of the CE in C++, and is currently undetectable, this CE was done the last year.
_________________
Excuse me if you don't understand what I just said, but "english" isn't my native language. |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 471
Joined: 09 May 2003
Posts: 25832
Location: The netherlands
|
| Posted: Fri Apr 01, 2011 7:13 am Post subject: |
|
|
Sure, if it's private it will stay undetected.
some versions of ce based on the current sourcecode are also still undetected (To the other people: No , I won't tell you which one or where to get it)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
ej52
Cheater
![]() Reputation: 0
Joined: 29 Mar 2011
Posts: 39
Location: Mother City
|
| Posted: Fri Apr 01, 2011 8:03 am Post subject: |
|
|
I was thinking the exact same thing last nyt as i hav started codin my own opcode library in C# 
_________________
Hitler dNt HiDe WaT mOtHa NaTurE pRoViDe ... |
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Fri Apr 01, 2011 8:34 am Post subject: |
|
|
Completely possible sure, but when you get into the kernel layer of things, C# wont be able to produce the drivers and such for example. You will still have to write those in C (or another language that can produce a driver properly.) Most your C# application will do is wrap the calls in your driver and just be a front-end.
If you want it to stay undetected, don't give it out to anyone, not even friends. Regardless of what they say it will get leaked, they will try to profit off your undetected cheat, etc. and it will land up getting detected. If you want to make something and keep it undetected for as long as possible, don't give it out to anyone.
_________________
- Retired. |
|
| Back to top |
|
|
Krähne
Expert Cheater
Reputation: 0
Joined: 06 Jun 2010
Posts: 108
Location: Inside of my Kernel
|
| Posted: Fri Apr 01, 2011 8:38 am Post subject: |
|
|
| Dark Byte wrote: | Sure, if it's private it will stay undetected.
some versions of ce based on the current sourcecode are also still undetected (To the other people: No , I won't tell you which one or where to get it) |
Nice, i will start with my private CE, thanks for answer man!
| ej52 wrote: | | I was thinking the exact same thing last nyt as i hav started codin my own opcode library in C# |
Yes, i was seeing the library you have posted, and it's nice... but doesn't have a driver for get access to protected processess, etc hooks... And that will be the more harder part for make.
| Wiccaan wrote: | Completely possible sure, but when you get into the kernel layer of things, C# wont be able to produce the drivers and such for example. You will still have to write those in C (or another language that can produce a driver properly.) Most your C# application will do is wrap the calls in your driver and just be a front-end.
If you want it to stay undetected, don't give it out to anyone, not even friends. Regardless of what they say it will get leaked, they will try to profit off your undetected cheat, etc. and it will land up getting detected. If you want to make something and keep it undetected for as long as possible, don't give it out to anyone. |
Yeah dude, i have already started with the DDK, i'm reading documents like: "rootkits subverting the windows kernel", "kernel land", etc... i know, in C# is imposible make an .sys file driver xD...
thanks for the answer, then, i will does not give out to anyone (for more selfish it sounds).
_________________
Excuse me if you don't understand what I just said, but "english" isn't my native language. |
|
| Back to top |
|
|
ej52
Cheater
![]() Reputation: 0
Joined: 29 Mar 2011
Posts: 39
Location: Mother City
|
| Posted: Fri Apr 01, 2011 8:54 am Post subject: |
|
|
| Quote: | | Yes, i was seeing the library you have posted, and it's nice... but doesn't have a driver for get access to protected processess, etc hooks... And that will be the more harder part for make. |
Thx, although tht was jst a quick example 
Last nyt i started codin a proper opcode library which will be able to be used in 2 ways ...
1.
| Code: |
ClassName.Register esi = ClassName.Register.ESI;
ClassName.Start(0xXXXXXXXX); // starts injecting code at this address
ClassName.Add(esi, 0x02 );
|
2.
| Code: |
ClassName.Start(0xXXXXXXXX); // starts injecting code at this address
ClassName.Asm("add esi,2");
|
There will be no need 2 enter the address 4 every instruction as the library
automatically calculate offsets after each instruction 
_________________
Hitler dNt HiDe WaT mOtHa NaTurE pRoViDe ...
Last edited by ej52 on Fri Apr 01, 2011 4:02 pm; edited 1 time in total |
|
| Back to top |
|
|
AhMunRa
Grandmaster Cheater Supreme
![]() Reputation: 27
Joined: 06 Aug 2010
Posts: 1117
|
| Posted: Fri Apr 01, 2011 4:00 pm Post subject: |
|
|
They always get out. I was given a for pay cheat that a guy had a 2 day pass on. He gave me a copy to bypass the auth checks to allow him to use it permanently. I did and sent him a copy. And what did he do? Started selling someone elses work as his own. I think it was 2 weeks later the thing was detectable under all the games it worked under.
_________________
<Wiccaan> Bah that was supposed to say 'not saying its dead' lol. Fixing >.> |
|
| Back to top |
|
|
Krähne
Expert Cheater
Reputation: 0
Joined: 06 Jun 2010
Posts: 108
Location: Inside of my Kernel
|
| Posted: Fri Apr 01, 2011 6:44 pm Post subject: |
|
|
| AhMunRa wrote: | | They always get out. I was given a for pay cheat that a guy had a 2 day pass on. He gave me a copy to bypass the auth checks to allow him to use it permanently. I did and sent him a copy. And what did he do? Started selling someone elses work as his own. I think it was 2 weeks later the thing was detectable under all the games it worked under. |
Lol, that happens when you take advantage of your work, badly done ... I do this a hobby, to learn.
_________________
Excuse me if you don't understand what I just said, but "english" isn't my native language.
Last edited by Krähne on Tue May 10, 2011 5:10 pm; edited 1 time in total |
|
| Back to top |
|
|
NoMercy
Master Cheater
![]() Reputation: 1
Joined: 09 Feb 2009
Posts: 289
|
| Posted: Sat Apr 02, 2011 1:30 am Post subject: |
|
|
| You could also try to make a .dll, so you don't need a driver and you've easy memory things since you are inside the process.
|
|
| Back to top |
|
|
Krähne
Expert Cheater
Reputation: 0
Joined: 06 Jun 2010
Posts: 108
Location: Inside of my Kernel
|
| Posted: Sat Apr 02, 2011 4:15 am Post subject: |
|
|
| NoMercy wrote: | | You could also try to make a .dll, so you don't need a driver and you've easy memory things since you are inside the process. |
I was thinking about that but ...
There will be some functions that need the Win32 API (I think), and these APIs can be hooked by the protections of the process that will be injected. Of course, I can not inject a .dll if it is of managed code, because, obviously is not a native .dll. However, there are ways to be injected as if it were a native .dll... Using and injecting a true native .dll, and making this call the managed .dll to the same process... But that's not the point, because we would be returning to the problem of the Win32 API. What if I need to use some hooked API?.
If anyone knows the code of the Cheat Engine long enough to make sure i will not need the use of APIs, with the understanding that I will have total control of memory, I would appreciate if you tell me.
Thanks in advance.
_________________
Excuse me if you don't understand what I just said, but "english" isn't my native language. |
|
| Back to top |
|
|
NoMercy
Master Cheater
![]() Reputation: 1
Joined: 09 Feb 2009
Posts: 289
|
| Posted: Sat Apr 02, 2011 4:49 am Post subject: |
|
|
| For a .dll you need memcpy or any of those functions. If those are hooked it's not hard to write ur own in Kernel with KeAttachProcess().
|
|
| Back to top |
|
|
Krähne
Expert Cheater
Reputation: 0
Joined: 06 Jun 2010
Posts: 108
Location: Inside of my Kernel
|
| Posted: Sat Apr 02, 2011 8:56 am Post subject: |
|
|
| NoMercy wrote: | | For a .dll you need memcpy or any of those functions. If those are hooked it's not hard to write ur own in Kernel with KeAttachProcess(). |
But I'm starting with kernel programming, so ... for now have to operate without a driver.
Anyway, thanks for the impulse!, I will make the memory engine in .dll.
_________________
Excuse me if you don't understand what I just said, but "english" isn't my native language. |
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Sat Apr 02, 2011 9:16 am Post subject: |
|
|
| NoMercy wrote: | | You could also try to make a .dll, so you don't need a driver and you've easy memory things since you are inside the process. |
Most anti-cheats can block injection or will straight up ban you for it. A good number of UCE's are still undetected due to making use of the driver since most of the time the majority of checks and such in anti-cheats are usermode checks.
Overall it depends on the game being targeted to figure out the best solution for a UCE since it varies from anti-cheat as well as revision of the anti-cheat too.
_________________
- Retired. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
