Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


AikonCWD's challenge #1: Test your skill here!
Goto page 1, 2, 3, 4  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes
View previous topic :: View next topic  
Author Message
aikoncwd
Grandmaster Cheater
Reputation: 23

Joined: 21 Dec 2012
Posts: 591
Location: Spain (Barcelona)

PostPosted: Fri Nov 28, 2014 8:13 pm    Post subject: AikonCWD's challenge #1: Test your skill here! Reply with quote

Here is, my #1 challenge for you Hitler!

I coded something like a "game" so you can try and test if your skill is able to hack this challenge. The game is coded under an Anticheat Engine called GameShield (don't google it, this engine is homemade by me Razz). For all of us it's easy to hack games with CheatEngine, but can be a pain if we stuck vs anticheats modules or memory protections.

Well, so this is why I'm here Smile With this game you will fight versus a REAL anticheat engine, hope you get the same fun as I get coding this:





The game is a rogelike with: timers, health/mana/stamina bars, item counters, etc... The character is controlled using that awesome D-pad at the corner. Are you ready to test your skill?

Defeat all protections, antidebuggers and anticheats:
- Run cheatengine without getting detected
- Debug this game using default windbg
- Debug this game using VEH debug without getting detected
- Optional debug this game using DBVM kernel debugger without getting detected

Find valid pointers for all addresses [HP, MP, SP, Time, Keys, Beholders, Coord X, Coord Y]
One address is protected with anticheat. Find the address and try to edit the value without getting detected
Code some auto-assemble (or LUA) scripts:
- Teleport Hack
- Move without loosing stamina
- Every picked key worth like 10
- Every defeat beholder worth like 5
- Beholders don't decrease your HP
- Beholders don't decrease your keys
- Picking keys don't decrease MP
- Every Red potion restores all your health bar
- Every Blue potion restores all your mana bar
- Every Green potion restores all your stamina bar
- Script to frezee time (or to increase time)
- If your health bar is empty, you never die
- If your mana bar is empty, you never die
- If your stamina bar is empty, you can still move
- If time reachs 0, you never die
- Bonus: Make a lua script to move the character using your mouse

DOWNLOAD: https://www.mediafire.com/?s2fa5gfs7kqnrlr

The game is coded under VB6, some antivirus warns about false-positive. It's clean, but if you feel paranoic, use a Virtual Machine to run it.

============================

Feel free to use this thread to talk about the challenge, ask for help or tip's if you get stuck but don't spoil the solution to the other users Smile

MP me if you wan't to post a solution, table or trainer

_________________
Hey Hitler
Test here your skill with CheatEngine, I coded a challenge for you. Try to beat it!
HERE
Back to top
View user's profile Send private message
Krampus
Cheater
Reputation: 0

Joined: 22 Nov 2014
Posts: 41

PostPosted: Sat Nov 29, 2014 12:11 am    Post subject: Reply with quote

This is amazing! Great challenge, it will help a bunch Very Happy

I'll try my hand at it and see how far I can get.

_________________
There is no spoon.
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Sat Nov 29, 2014 1:51 am    Post subject: Reply with quote

Don't have time to mess with this fully right now, but here's a quick start for anyone else interested.

Make Cheat Engine Work
The anti-cheat is constantly looking for processes with the name 'cheatengine' in it. It does this by using the 'winmgmts' object from Visual Basic. It is querying the running processes and checking if any of their names contain 'cheatengine' in them.

To make Cheat Engine work, simply rename the Cheat Engine executable.

Make Cheat Engine Work (Debugging)
I am not sure this detection works. I can debug the application fine with Cheat Engine after making Cheat Engine work just by renaming it. So I am unsure if this is broken or not. However this detection is done by using 'ZwQueryInformationProcess'. There are three calls to this API doing:
- 1. Checking the debug port.
- 2. Checking the debug flags.
- 3. Checking the debug object handle.

Bypassing this is fairly simple. You can use OllyDbg to do this with any plugin that can protect the debug flags such as:
- OllyAdvanced
- StrongOD
- ScyillaHide
- TitanHide

You could do this manually as well by hooking the ZwQueryInformationProcess API and faking the results.

Making VEH Debugging Work
The anti-cheat is constantly looking for a loaded module named 'vehdebug-i386.dll' via GetModuleHandle.
To bypass this, you can do one of two things:
- 1. Hex edit the game to remove the name 'vehdebug-i386.dll' to something else.
- 2. Alter Cheat Engine to load a different DLL for the VEH debugger via altering the source and recompiling it, or hex edit it as well.

Making DBVM Debugging Work
The anti-cheat is also constantly looking for the DBVM driver being loaded on the system via the 'winmgmts' stuff. This time it is checking the running services and comparing their information to 'CEDRIVER'. This info includes:
- Caption
- Description
- DisplayName
- Name
- PathName (Looks for 'cheat' in the path.)
- PathName (Looks for 'dbk32.sys' in the path.)
- PathName (Looks for 'dbk64.sys' in the path.)

To bypass this, you will need to do a few things:
- Alter the name of the driver.
- Alter the path the driver loads from. (Move CE to a new folder.)
- Alter the various information about the driver listed above.

The Game Shield Timer Loop
If you still want to defeat the anti-cheat in a different manner, you can kill the timer that is running to monitor for the above things. You can find the timer function at:
Address: 4BB571

Detection Check Addresses
Here are the addresses for all the anti-cheat checks:
- Debugger Check: 4BC3CA
- DBVM Check: 4BB8D2
- Process Name Check: 4BC069
- VEH Debugger Check: 4BBF12

There are also a few other functions that make use of the above checkers:
- 4B85BD - Triggers the YouDied display based on a detected cheat.
- 4B807C - Compares memory.
- 4BA996 - Another timer scanning for the above cheats.

It also seems like any action may cause a detection check too.
(Not 100% sure on this didn't get to look too deep into it.)


But that should cover the anti-cheat and get others started.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
JJHACKER
Cheater
Reputation: 0

Joined: 04 Aug 2010
Posts: 26
Location: [EBP-J]

PostPosted: Sat Nov 29, 2014 2:44 am    Post subject: Check THis Reply with quote

Hey admin do some change forum relly have bad shape :\
no theme no avatar and ........
===================
Hope you like it
EXE File Patched Cool
(Protection Completely Disabled (4-method))
and ... Disabled Very Happy
Level: 0/10

File link(exe)
Code:
http://ovh.to/GAYNkGX

_________________
אהבה = הנדסה לאחור
Back to top
View user's profile Send private message Yahoo Messenger MSN Messenger
aikoncwd
Grandmaster Cheater
Reputation: 23

Joined: 21 Dec 2012
Posts: 591
Location: Spain (Barcelona)

PostPosted: Sat Nov 29, 2014 5:56 am    Post subject: Reply with quote

@atom0s: Excellent analysis man. Now you can continue hacking the "game" finding pointers and creating the AA scripts Smile

@JJHACKER: Well, the objective of this is not only to patch the home-made functions. You need to use CheatEngine and try to "hack" the hame as I commented. If you want a hard challenge I can protect this with VMProtec or Themida, but this is too boring and complicated for regular users.

Let me know if you are interested and I can compile + pack this "game" with VMProtect so you can test your cracking skills too Twisted Evil

btw, good job!

_________________
Hey Hitler
Test here your skill with CheatEngine, I coded a challenge for you. Try to beat it!
HERE
Back to top
View user's profile Send private message
JJHACKER
Cheater
Reputation: 0

Joined: 04 Aug 2010
Posts: 26
Location: [EBP-J]

PostPosted: Sat Nov 29, 2014 8:04 am    Post subject: Reply with quote

Its not hard to make patch with cheatengine
I can do all patch with cheatengine
But i Prefer to patch file directly
I know rule is to make patcher with cheatengine
when i have time i will make Smile (Just waste of time)(if you want i can tell which address i Changed)
====================
Vmprotect and themida ?!
Are you made those protector ?!
If you made them(vmprotect and themida), ok protect it and check other skill level (i never use material that i am not made to make my challenge harder)
====================
Are you Checked pes 2015 stamina ?! (Its strange !)
I patched Everything (become a legend too)(Attachment pic)
====================
:X (Love)(Big kiss for you) Smile

_________________
אהבה = הנדסה לאחור


Last edited by JJHACKER on Sun Dec 21, 2014 8:57 am; edited 1 time in total
Back to top
View user's profile Send private message Yahoo Messenger MSN Messenger
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Sat Nov 29, 2014 8:41 pm    Post subject: This post has 1 review(s) Reply with quote

Alright, today I have some free time to play around with this.
So here is what I have found so far. Not done yet just posting some progress.

Before you read, just know I did use OllyDbg as the debugging method of choice. I can use Cheat Engines debugger fine with the info I posted above, I just do not really like using CE for debugging as it has various issues and bugs.
But, the object of making CE work and be usable to debug is already accomplished so that part of this challenge is done.


1. Locating The Player Information
    The first step was to locate the player information and see how the data was handled. In this applications case, simply searching for the data is not an option as the data is "encoded" in a manner to prevent cheating from happening easily. (More info on this below.) So I took to debugging to attempt to locate some usable information.

    The first thing I came across was the string: "FFFFFFFFFFFFFC22"

    Immediately this stood out to me as a double value in string/hex form. So converting this back to an actual value gives us: -990.00

    Afterward, I debugged the parts of the code that made use of this string which we see here:
    Code:
    004B7E4B   . 8B4E 7C        MOV ECX,DWORD PTR DS:[ESI+7C]
    004B7E4E   . 66:8941 04     MOV WORD PTR DS:[ECX+4],AX
    004B7E52   . 8D4D CC        LEA ECX,DWORD PTR SS:[EBP-34]
    004B7E55   . E8 4A99F4FF    CALL <JMP.&MSVBVM60.__vbaFreeVar>
    004B7E5A   . BA E46A4100    MOV EDX,challeng.00416AE4                         ;  UNICODE "FFFFFFFFFFFFFC22"
    004B7E5F   . 8D8E 88000000  LEA ECX,DWORD PTR DS:[ESI+88]
    004B7E65   . E8 2299F4FF    CALL <JMP.&MSVBVM60.__vbaStrCopy>
    004B7E6A   . BA 0C6B4100    MOV EDX,challeng.00416B0C
    004B7E6F   . 8D8E 8C000000  LEA ECX,DWORD PTR DS:[ESI+8C]
    004B7E75   . E8 1299F4FF    CALL <JMP.&MSVBVM60.__vbaStrCopy>


    From this if we monitor the data, we see that the string is truncated and copied to [ESI+88]. Next, we let the game run and we will see that the value that was stored in ESI+88 is changing as the game plays. Freezing this value freezes the time.
    Bingo, we have the time location.


2. Locating A Pointer
    I am not going to go into much detail here since it's not needed as using the pointer scanner of CE is pretty straight forward. But to give a little info, I scanned for the address of ESI+88 at that point, and came up with a large number of results. Restarting the game and rescanning the results with the new location of ESI+88 yielded me a small and specific pointer of:
    "challenge #1.exe"+000BD010

    I loaded of my VM for Windows XP, altered Cheat Engine to run on there too and tested the pointer, works. So I concluded this is a usable base pointer to work with.


3. Finding Other Information
    Now that we know that inside of this initialization function, were we have found the timer info in, that ESI is used as a base pointer to the timer data, we can assume that it holds other data in this area too.

    Towards the top of the function the first use of ESI we will see is:
    Code:
    004B7D60   . 8B46 44        MOV EAX,DWORD PTR DS:[ESI+44]
    004B7D63   . 66:C740 02 0E0>MOV WORD PTR DS:[EAX+2],0E
    004B7D69   . 8B46 44        MOV EAX,DWORD PTR DS:[ESI+44]
    004B7D6C   . 66:C740 04 0E0>MOV WORD PTR DS:[EAX+4],0E


    This is actually the player model X and Y axis coords.
    So we now know where these values are within this structure.

    Following below these instructions we will also see the locations for the key and the eye. (position +60 and +7C respectively for their pointers.)

    Next is the timer block information, which I explained above.

    Next is some unknown block of data being initialized by a logical AND against 0 in the block. This happens at the pointer located at ESI+A0. I have not researched into what this block is for yet.

    Next is the player mana and health:
    Code:

    004B7F2D   . D905 78114000  FLD DWORD PTR DS:[401178]
    004B7F33   . 8B86 CC000000  MOV EAX,DWORD PTR DS:[ESI+CC]
    004B7F39   . 66:83A6 D80000>AND WORD PTR DS:[ESI+D8],0
    004B7F41   . D99E B0000000  FSTP DWORD PTR DS:[ESI+B0]         <-- Store the initial player health
    004B7F47   . DD05 70114000  FLD QWORD PTR DS:[401170]
    004B7F4D   . 8D4D CC        LEA ECX,DWORD PTR SS:[EBP-34]
    004B7F50   . DD9E B4000000  FSTP QWORD PTR DS:[ESI+B4]        <-- Store the initial player mana


    From this, we can see that on initialization the values look like this:
    - Player Health
    --> Initial value: -100 (float)
    - Player Mana
    --> Initial value: 500 (double)

    Debugging more will result in us finding the other data values as well.


4. Key Count and Eye Count Values

    The last part of the data to find is the key and eye counts. These are a bit trickier. The key count is actually the last part of the timer information above at offset ESI+8C. However, this value is a string. The length of the string is the count of the keys.

    So to read this we would use:
    [[ESI+8C] - 4] = key length

    The game appends a character (so far just seems to be A) to the length each time a key is touched. The -4 offset points to the actual length which is what matters, the string does not.

    And last, the eye count. This ones a bit more confusing. It is a single value by itself. This one can be found doing a normal scan, however the pointer we use to get to it consists of two parts.

    The first part is the table the data is located in. This is found at:
    [ESI+A0] = pointer to info table

    The next part is the index in the table to locate the value at:
    [ESI+AC] = index in the pointer table.

    I am not sure if there is a suitable way to add this to a cheat table, I have not kept up with Cheat Engines newest features and such. So a double read usage thing is not something I am familiar with CE being able to do.

    However this would look like this:
    eax = [ESI+A0]
    ecx = [ESI+AC]
    value = (eax + ecx * 4)


Attached is a basic cheat table accessing these values described above.

Cheat table contains access to the following addresses:
- Health
- Mana
- Time
- Player X / Y
- Key X / Y
- Eye X / Y
- Key Count

And a small patch to never run out of time.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Sat Nov 29, 2014 9:27 pm    Post subject: Reply with quote

Missed the stamina some how, so here is that information.

To start, the stamina is located at:
[ESI+CC]+8 = player stamina

However this is the address that is protected by the anti-cheat. There is a comparison to check if the value is what it should be each iteration here:
Code:
004B9CEB   . 8985 04FEFFFF  MOV DWORD PTR SS:[EBP-1FC],EAX
004B9CF1   > 8B45 08        MOV EAX,DWORD PTR SS:[EBP+8]
004B9CF4   . 8B80 CC000000  MOV EAX,DWORD PTR DS:[EAX+CC]
004B9CFA   . 8B8D 44FFFFFF  MOV ECX,DWORD PTR SS:[EBP-BC]
004B9D00   . 0FBF0448       MOVSX EAX,WORD PTR DS:[EAX+ECX*2]
004B9D04   . 8985 00FEFFFF  MOV DWORD PTR SS:[EBP-200],EAX
004B9D0A   . DB85 00FEFFFF  FILD DWORD PTR SS:[EBP-200]
004B9D10   . D99D FCFDFFFF  FSTP DWORD PTR SS:[EBP-204]
004B9D16   . D985 50FFFFFF  FLD DWORD PTR SS:[EBP-B0]
004B9D1C   . D89D FCFDFFFF  FCOMP DWORD PTR SS:[EBP-204]
004B9D22   . DFE0           FSTSW AX
004B9D24   . 9E             SAHF
004B9D25   . 74 0C          JE SHORT challeng.004B9D33
004B9D27   . C785 F8FDFFFF >MOV DWORD PTR SS:[EBP-208],1


If they do not match, EBP-208 is set as a flag that we are cheating. (There are other checks too but this is the one I found while testing.)

Either way, the stamina is checked and then we are passed to a function to check if we are cheating:
Code:
004B8195   . 8B45 10        MOV EAX,DWORD PTR SS:[EBP+10]
004B8198   . 66:397D 0C     CMP WORD PTR SS:[EBP+C],DI
004B819C   . 897D DC        MOV DWORD PTR SS:[EBP-24],EDI
004B819F   . 897D CC        MOV DWORD PTR SS:[EBP-34],EDI
004B81A2   . 8938           MOV DWORD PTR DS:[EAX],EDI
004B81A4   . 74 2F          JE SHORT challeng.004B81D5
004B81A6   . 8B06           MOV EAX,DWORD PTR DS:[ESI]
004B81A8   . 8D4D CC        LEA ECX,DWORD PTR SS:[EBP-34]
004B81AB   . 51             PUSH ECX
004B81AC   . 68 146B4100    PUSH challeng.00416B14                            ;  UNICODE "FUCK YOU CHEATER!"
004B81B1   . 56             PUSH ESI
004B81B2   . FF90 08070000  CALL DWORD PTR DS:[EAX+708]
004B81B8   . 3BC7           CMP EAX,EDI
004B81BA   . 7D 11          JGE SHORT challeng.004B81CD


To bypass the anti-cheat here, we just patch the JE line to Jump.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Sun Nov 30, 2014 12:10 am    Post subject: Reply with quote

Here is an updated table with various scripts and such added.


At this time I ran out of time between playing with this and work so wont have time to finish the rest of the options.

If you want to teleport the player around via the mouse, here is a C# source I did for that:
Code:
                    var cursorX = Cursor.Position.X;
                    var cursorY = Cursor.Position.Y;

                    // Obtain the target window handle..
                    var hWnd = FindWindow(IntPtr.Zero, "AikonCWD's challenge #1");

                    // Obtain the target window rect..
                    var rect = new RECT();
                    GetWindowRect(hWnd, ref rect);

                    var r = new Rectangle(rect.Left, rect.Top, rect.Right - rect.Left, rect.Bottom - rect.Top);
                    if (r.Contains(cursorX, cursorY))
                    {
                        var windowX = (cursorX - rect.Left) - 32;
                        var windowY = (cursorY - rect.Top) - 32;

                        // Write player position values..
                        var playerPointer = Memory.Read<int>(this.Process, new IntPtr(basePointer + 0x44));
                        Memory.Write(this.Process, new IntPtr(playerPointer + 0x02), (short)windowX);
                        Memory.Write(this.Process, new IntPtr(playerPointer + 0x04), (short)windowY);
                    }


_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
aikoncwd
Grandmaster Cheater
Reputation: 23

Joined: 21 Dec 2012
Posts: 591
Location: Spain (Barcelona)

PostPosted: Sun Nov 30, 2014 7:39 am    Post subject: Reply with quote

wow atom0s you really did a great job here, awesome! May I ask some questions?

Can you rank this challenge (0 to 10), point of view -> fun?
Can you rank this challenge (0 to 10), point of view -> hard?
Which address was the hardest/fun to work witk? Eyes? Stamina?

Also, can you give me some tips to make a better (and harder) challenge next time?

Very Happy

_________________
Hey Hitler
Test here your skill with CheatEngine, I coded a challenge for you. Try to beat it!
HERE
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 198

Joined: 25 Jan 2006
Posts: 8516
Location: 127.0.0.1

PostPosted: Sun Nov 30, 2014 3:22 pm    Post subject: Reply with quote

Given that it's coded in Visual Basic 5/6 it was a little annoying for some values since VB handles things through its own runtime rather then just using raw asm to optimize the code down to better/faster code. So working with string based stuff is probably the most annoying. But using a more detailed debugger like OllyDbg can make things a lot easier.

Fun point of view: 8/10
Hard point of view: 3-4/10 (For newbies it will probably be like a 7-8.)

The hardest address to work with was probably the eye count given that it was broken into two parts being an array and an index. But once it is figured out its easy to do.

Your anti-cheat was pretty basic, bypassing it was fairly simple once the details of it were figured out. It's pretty much impossible to make an anti-cheat from user-mode that is going to be any bit efficient since hooks and patches can bypass everything you do easily. But it should deter some of the newbie cheaters that are not used to anti-cheats.

The usage of your data was good, making things not use the default assumed values of like 0 to 100 for health, but instead using -100 to 0 etc. Little encoding/masking tricks like that help protect data some, again from the newbies.

Stuff like this is great to help newbies get into game hacking and understanding different ways data can be handled and such. So it is a great challenge for those looking to learn the basics, as well as those looking to understand how some basic anti-cheat methods work. It should help them analyze a file more closely and think about how to bypass things more thoroughly.

Some tips for any future challenges:
- I wouldn't recommend using VB5/6 for things, the runtime calls make it very easy to follow the code flow.
- Strengthen the anti-cheat by encoding your strings so they are not visible. (Such as xor encoding them or using non-ascii characters to represent actual words.)
- Look into using raw ASM to walk the process information for debugging info instead of using API to help prevent direct API hooks.
- Add more features for determining if the process is being debugged. Such as detecting the process was paused based on time information.
- Scan for other known tools that cheaters use.
- Protect your memory areas with Crc32 checks or similar.

And so on. But like I said since its all done in user mode, it will be easy to bypass all of it. It's more of a question for yourself. Are you interested in seeing people bypass your anti-cheating methods, or hack the application itself more? And if you are interested in them working with the anti-cheat, whats your target group of people to mess with it? Such as newbies, advanced users, or experts etc.

In your next challenge if you do decide to make another one, try coding it in a different language and see if that sparks some new ideas.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
smashninja
How do I cheat?
Reputation: 0

Joined: 28 Nov 2014
Posts: 3

PostPosted: Sat Jan 03, 2015 1:54 pm    Post subject: Cool Reply with quote

This is pretty cool. This can definitely help me improve my skills.
Back to top
View user's profile Send private message
Cryptokun
Newbie cheater
Reputation: 0

Joined: 01 Jan 2015
Posts: 23

PostPosted: Sun Jan 04, 2015 1:57 pm    Post subject: Reply with quote

Was much more fun that what I was expecting Smile IDA makes life a lot easier though haha Razz

Have anything else up your sleeve?
Back to top
View user's profile Send private message
aikoncwd
Grandmaster Cheater
Reputation: 23

Joined: 21 Dec 2012
Posts: 591
Location: Spain (Barcelona)

PostPosted: Sun Jan 04, 2015 3:38 pm    Post subject: Reply with quote

Cryptokun wrote:
Have anything else up your sleeve?


What?

_________________
Hey Hitler
Test here your skill with CheatEngine, I coded a challenge for you. Try to beat it!
HERE
Back to top
View user's profile Send private message
Cryptokun
Newbie cheater
Reputation: 0

Joined: 01 Jan 2015
Posts: 23

PostPosted: Sun Jan 04, 2015 5:31 pm    Post subject: Reply with quote

AikonCWD wrote:
Cryptokun wrote:
Have anything else up your sleeve?


What?


Another hack me Razz haha
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes All times are GMT - 6 Hours
Goto page 1, 2, 3, 4  Next
Page 1 of 4

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites