| View previous topic :: View next topic |
| Author |
Message |
Pokiaka
Cheater
![]() Reputation: 0
Joined: 09 Jul 2011
Posts: 48
|
 Posted: Sun Jan 13, 2013 2:29 am Post subject: Kernelmode Debugging Problem |
 |
|
Hey guys, I'm having a few problems recently.
I'm running Windows 7 on 64 bit, and there's a game (Just Cause 2 right now, but it happens in many many other games too. And yes, it's the cracked version) I'm trying to get the debugger on but it detects it and closes down immediately.
I remember that when I ran 32 bit OS it worked perfectly fine (as long as it was kernelmode debugging).
Anyways, ever since it didn't work I've been trying to find a solution.
I made sure Windows 7 loads all drivers (signed or not).
I've booted in test mode & have signed both dbk32.sys and dbk64.sys in it.
Nothing worked.
By the way, whenever I attach the debugger I get a flashing message at the top left saying: "DBK64 LOADED" (always been like that tho, regardless of the integrity of the driver).
Can anyone help me? |
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 471
Joined: 09 May 2003
Posts: 25830
Location: The netherlands
|
| Posted: Sun Jan 13, 2013 4:37 am Post subject: |
|
|
dbk64loaded should only show if the driver is properly loaded by windows. (It's signed)
Anyhow,
have you tried the VEH debugger interface on this game ?
If that doesn't work, I recommend making a dualboot with 32-bit windows so you can use the debugger.
When you say "Nothing worked", do you mean your system freezes/crashes when you try it, or do you mean you can't tick it ?
Does it say that dbvm is about to get loaded ?
Also, kerneldebugging in 64-bit currently only works on cpu's that have intel-VT
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Pokiaka
Cheater
![]() Reputation: 0
Joined: 09 Jul 2011
Posts: 48
|
| Posted: Sun Jan 13, 2013 6:44 am Post subject: |
|
|
| Dark Byte wrote: | dbk64loaded should only show if the driver is properly loaded by windows. (It's signed)
Anyhow,
have you tried the VEH debugger interface on this game ?
If that doesn't work, I recommend making a dualboot with 32-bit windows so you can use the debugger.
When you say "Nothing worked", do you mean your system freezes/crashes when you try it, or do you mean you can't tick it ?
Does it say that dbvm is about to get loaded ?
Also, kerneldebugging in 64-bit currently only works on cpu's that have intel-VT |
Ah, I had no idea it was signed. I recall from other posts in this forum saying it isn't.
Have tried the VEH debugger and didn't work too (also Windows debugger with trying to prevent detection).
When I said "Nothing worked" I meant the game still detects the debugger, and shuts down immediately.
Well unfortunately I can't duel-boot and I don't have Intel-VT.
Do you have any plans to implement full functionality for 64 bit users? I guess I'll just have to wait (or do you have an alternative?).
If yes, (and I'm pretty sure you will since in a few years 64-bit would take over), could estimate when?
Thank you very much. |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 471
Joined: 09 May 2003
Posts: 25830
Location: The netherlands
|
| Posted: Sun Jan 13, 2013 6:56 am Post subject: |
|
|
I don't think it's detecting the debugger but that you're setting breakpoints.
With VEH debug enabled go to debugger settings and turn off 'Override existing breakpoints', so it will not replace anti debug breakpoints. Big chance you won't find anything, but it's a start. (You can then manually remove some breakpoints on threads)
If that's the problem then it also wouldn't work on 32-bit (or it's because you tried a old ce version that had that option disabled by default)
As for full functionality for 64-bit users, not any time soon and blame microsoft for adding integrity checks to the kernel and interrupt handler making the debugger impossible to use unless you hijack the whole operating system (dbvm with intel-vt)
Also, ce 6.3 will have (already has in the svn) a "last resort" option to find what accesses a certain address. The game will be completely unplayable but might give some info
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Pokiaka
Cheater
![]() Reputation: 0
Joined: 09 Jul 2011
Posts: 48
|
| Posted: Sun Jan 13, 2013 7:26 am Post subject: |
|
|
| Dark Byte wrote: | I don't think it's detecting the debugger but that you're setting breakpoints.
With VEH debug enabled go to debugger settings and turn off 'Override existing breakpoints', so it will not replace anti debug breakpoints. Big chance you won't find anything, but it's a start. (You can then manually remove some breakpoints on threads)
If that's the problem then it also wouldn't work on 32-bit (or it's because you tried a old ce version that had that option disabled by default)
As for full functionality for 64-bit users, not any time soon and blame microsoft for adding integrity checks to the kernel and interrupt handler making the debugger impossible to use unless you hijack the whole operating system (dbvm with intel-vt)
Also, ce 6.3 will have (already has in the svn) a "last resort" option to find what accesses a certain address. The game will be completely unplayable but might give some info |
Just Cause 2 still shuts down on VEH with disabling that option.
However I tried it on Saints Row: The Third earlier (which also has the same problem) and it didn't shut down (but yeah, didn't catch anything).
And yeah, If I recall correctly, it was on CE 5.6.
Would you say that most games would run perfectly on 32-bit? I'm considering to go back to 32-bit (speed & support) and want to know if I've got myself another reason. |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 471
Joined: 09 May 2003
Posts: 25830
Location: The netherlands
|
| Posted: Sun Jan 13, 2013 8:08 am Post subject: |
|
|
Most games run fine in 32-bit, only drawback is that you can only use 4gb ram (but if your system only has that much, no need for 64-bit at all)
But not sure if kerneldebug will be any different on jc2
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Pokiaka
Cheater
![]() Reputation: 0
Joined: 09 Jul 2011
Posts: 48
|
| Posted: Sun Jan 13, 2013 1:25 pm Post subject: |
|
|
| Dark Byte wrote: | Most games run fine in 32-bit, only drawback is that you can only use 4gb ram (but if your system only has that much, no need for 64-bit at all)
But not sure if kerneldebug will be any different on jc2 |
Thanks a lot Dark Byte! :) |
|
| Back to top |
|
|
Rydian
Grandmaster Cheater Supreme
 Reputation: 31
Joined: 17 Sep 2012
Posts: 1358
|
| Posted: Sun Jan 13, 2013 4:35 pm Post subject: |
|
|
Well there's also a 2GB per-process memory limit, expandable to 3GB if you turn on an optional command-line switch in windows/booting, and if the program has been compiled with large memory awareness or whatever it's called...
But it's rarely an issue for games themselves. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
