View previous topic :: View next topic |
Author |
Message |
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Wed Feb 20, 2019 5:32 pm Post subject: Patch scanner |
|
|
This extension will add a new menu item to the memory viewer under tools (below dissect pe header, ctrl+shift+p)
It will scan the selected module for changes.
Example of using it: Open chrome.exe, start the patch scanner, select ntdll.dll and you'll see it'll fill with diffs
Code: |
Diff found at 7ffaa70aab30 (ntdll.NtSetInformationThread)
Diff found at 7ffaa70aab38 (ntdll.ZwSetInformationThread+8)
Diff found at 7ffaa70aae10 (ntdll.NtOpenThreadToken)
Diff found at 7ffaa70aae18 (ntdll.ZwOpenThreadToken+8)
Diff found at 7ffaa70aae50 (ntdll.NtOpenProcess)
Diff found at 7ffaa70aae58 (ntdll.ZwOpenProcess+8)
Diff found at 7ffaa70aae70 (ntdll.NtSetInformationFile)
Diff found at 7ffaa70aae78 (ntdll.ZwSetInformationFile+8)
Diff found at 7ffaa70aae90 (ntdll.NtMapViewOfSection)
Diff found at 7ffaa70aae98 (ntdll.ZwMapViewOfSection+8)
Diff found at 7ffaa70aaed0 (ntdll.ZwUnmapViewOfSection)
Diff found at 7ffaa70aaed8 (ntdll.NtUnmapViewOfSection+8)
Diff found at 7ffaa70aaf70 (ntdll.ZwOpenThreadTokenEx)
Diff found at 7ffaa70aaf78 (ntdll.NtOpenThreadTokenEx+8)
Diff found at 7ffaa70aaf90 (ntdll.ZwOpenProcessTokenEx)
Diff found at 7ffaa70aaf98 (ntdll.NtOpenProcessTokenEx+8)
Diff found at 7ffaa70aaff0 (ntdll.ZwOpenFile)
Diff found at 7ffaa70aaff8 (ntdll.NtOpenFile+8)
Diff found at 7ffaa70ab130 (ntdll.ZwQueryAttributesFile)
Diff found at 7ffaa70ab138 (ntdll.ZwQueryAttributesFile+8)
Diff found at 7ffaa70ab430 (ntdll.ZwCreateFile)
Diff found at 7ffaa70ab438 (ntdll.ZwCreateFile+8)
Diff found at 7ffaa70acda0 (ntdll.NtOpenProcessToken)
Diff found at 7ffaa70acda8 (ntdll.NtOpenProcessToken+8)
Diff found at 7ffaa70ace60 (ntdll.NtOpenThread)
Diff found at 7ffaa70ace68 (ntdll.NtOpenThread+8)
Diff found at 7ffaa70ad140 (ntdll.NtQueryFullAttributesFile)
Diff found at 7ffaa70ad148 (ntdll.NtQueryFullAttributesFile+8)
|
Perhaps when I have time I'll update this with a GUI result, so you can click it to restore the code back to original, and do multiple dll's in one run
To use:
Add this lua file to the autorun folder of CE (or just run the code once yourself)
Description: |
|
Download |
Filename: |
patchscan.lua |
Filesize: |
8.24 KB |
Downloaded: |
1178 Time(s) |
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
AylinCE Grandmaster Cheater Supreme Reputation: 32
Joined: 16 Feb 2017 Posts: 1257
|
Posted: Thu Feb 21, 2019 4:23 pm Post subject: |
|
|
I tried some. I think it's early for me.
But I realized: "Discrete Color code" in this forum makes it dysfunctional.
https://forum.cheatengine.org/viewtopic.php?t=609418
EDIT:
Sorry, DarkByte, it's my fault.
When another Form was open, I tried your .Lua.
When I opened the second CE there was no Color mixer.
I wrote it to indicate that.
But now I understand that there is a hasty outcome.
Both .lua does not affect one another.
Sorry again.
_________________
Last edited by AylinCE on Fri Feb 22, 2019 11:28 am; edited 3 times in total |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Fri Feb 22, 2019 8:21 am Post subject: |
|
|
I don't see why it should
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
maskelihileci Cheater Reputation: 0
Joined: 08 Oct 2016 Posts: 43
|
Posted: Tue Feb 11, 2020 4:08 pm Post subject: Soory |
|
|
Sorry I'm so disturbed I'm trying to try all the plugins on this plugin sometimes I get such errors
" Yaz?l?mlar? "
Doesn't support some letters
"ı" does not support the letter
Error:Unable to open file
|
|
Back to top |
|
|
|