Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


[solved]How is the BlueStacks setting encoded?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting
View previous topic :: View next topic  
Author Message
Aylin
Master Cheater
Reputation: 7

Joined: 16 Feb 2017
Posts: 475

PostPosted: Fri Jun 14, 2019 11:19 am    Post subject: [solved]How is the BlueStacks setting encoded? Reply with quote

To make "Physical Memory" visible:
How are the following settings encoded?

MainForm.Settings.ScanSettings.MEM_MAPPED = true
MainForm.Settings.DebuggerOptions.UseKernelmode.Debugger = true
MainForm.Settings.Extra.QueryMemoryRegionRoutines = true
MainForm.Settings.Extra.ReadWriteProcessMemory = true

and:

autoAttachList = getAutoAttachList()
stringlist_add(autoAttachList, "Physical Memory")

How to code these commands with Trainer?

========================================
[Edit - Solved]
========================================
This code has been checked and works fine. Wink


Code:
set = getSettings()
set.Value['Use Windows Debugger']=0
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry()

f = createForm(true)
f.Position = poDesktopCenter
f.Width = 220
f.Height = 100

b1 = createButton(f)
control_setPosition(b1, 73, 30)
b1.caption="Open Log"

b2 = createLabel(f)
control_setPosition(b2, 40, 65)
b2.caption='Process opened: '

b1.OnClick = function()
getMainForm().sbOpenProcess.doClick()
end

onOpenProcess = function(processId)
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
getLuaEngine().cbShowOnPrint.Checked=false --Thanks @Corroder
getLuaEngine().hide()
b2.visible=true
b2.caption=(string.format('Process opened: %d', processId))
end



Because the Trainer is focused on "Physical Memory":
I will solve the "pidName" topic in a simple way.


Code:
onOpenProcess = function(processId)
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
getLuaEngine().cbShowOnPrint.Checked=false --Thanks @Corroder
getLuaEngine().hide()
b2.visible=true
b2.caption=(string.format('Process opened: %d', processId))
if b2.caption=="Process opened: 4294967295" then
b2.caption="Process opened: Physical Memory"
else
b2.caption="Process opened: Physical Memory"
end
end



Thanks for all the solutions.
@Corroder, @FreeER and @DB: +1 is always yours, respectively.

( Of course, on different computers, it can vary.
Try one of the @Corroder solutions below. Wink )

Enjoy it ..

_________________
Hi Hitler Take control of your trainer
Enthusiastic people: Always one step ahead
Do not underestimate me Master: You were a beginner in the past


Last edited by Aylin on Tue Jun 25, 2019 5:29 am; edited 2 times in total
Back to top
View user's profile Send private message MSN Messenger
Corroder
Grandmaster Cheater Supreme
Reputation: 29

Joined: 10 Apr 2015
Posts: 1067

PostPosted: Fri Jun 14, 2019 11:38 pm    Post subject: Reply with quote

Below code will set CE as you want

Code:
--- value 1 = checked  0 = unchecked
set = getSettings()
set.Value['MEM_MAPPED']=1
set.Value['Use Windows Debugger']=0
set.Value['Use Kernel Debugger']=1
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()


Since 'use Kernel Debugger Mode' require 'DBVM':

Code:
--- activating DBVM
--- DBVM: The Intel-VT feature in BIOS must set enable
--- Also need to check for 32/64 bit

dbvm_initialize(true)


To set debug mode:

Code:
--- set debug mode to kernelmode
--- 0 = default 1 = windows debug  2 = VEH debug  3 = kernel debug
debugProcess("Physical Memory", 3)


And d finally:

This part should not work since 'Physical Memory' is not a process, then need to open/attach 'Physical Memory' by manual.

Code:
--- auto attach
getAutoAttachList('Physical Memory')

--- Open Process
openProcess("[Physical Memory]")



Enabled Physical Memory.JPG
 Description:
 Filesize:  97.52 KB
 Viewed:  3102 Time(s)

Enabled Physical Memory.JPG



_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 376

Joined: 09 May 2003
Posts: 22225
Location: The netherlands

PostPosted: Sat Jun 15, 2019 2:53 am    Post subject: This post has 1 review(s) Reply with quote

don't forget reloadSettingsFromRegistry() when using that option

Quote:

Since 'use Kernel Debugger Mode' require 'DBVM':

He ticks the option, but he doesn't use it, so that can be skipped
mem mapped can also be skipped as he doesn't use it

anyhow
Code:

dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
openProcess(-1) --opens physical memory

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Corroder
Grandmaster Cheater Supreme
Reputation: 29

Joined: 10 Apr 2015
Posts: 1067

PostPosted: Sat Jun 15, 2019 4:08 am    Post subject: Reply with quote

Ah...yes DB, I forgot one line.

Code:
--- value 1 = checked  0 = unchecked
set = getSettings()
set.Value['MEM_MAPPED']=1
set.Value['Use Windows Debugger']=0
set.Value['Use Kernel Debugger']=1
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry()


And thanks for info which part no need and can be skips and code to open/attach the physical memory.

_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL
Back to top
View user's profile Send private message
Aylin
Master Cheater
Reputation: 7

Joined: 16 Feb 2017
Posts: 475

PostPosted: Sat Jun 15, 2019 6:38 am    Post subject: Reply with quote

It's nice to know that this is possible with a command.
Thank you @Corroder and @DarkByte ..

It's a family situation, I'm out of town. I'il try when I get back.
Thanks again ❤️

_________________
Hi Hitler Take control of your trainer
Enthusiastic people: Always one step ahead
Do not underestimate me Master: You were a beginner in the past
Back to top
View user's profile Send private message MSN Messenger
Aylin
Master Cheater
Reputation: 7

Joined: 16 Feb 2017
Posts: 475

PostPosted: Sat Jun 22, 2019 2:15 am    Post subject: Reply with quote

Dark Byte wrote:

Code:

dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
openProcess(-1) --opens physical memory


Without making a drastic change,
It works nicely with short and clear result. Smile
Thanks DB.
and @Corroder If you have, the solution is also there, Thanks. Wink

EDIT:

@Corroder:
When I run the code, a confirmation window opens.
If I click OK: PC shuts down and Blue screen is displayed.
If I click NO: "Physical Memory" does not appear.
İMG: https://i.hizliresim.com/gP5q5R.png


@DarkByte:
The code you provide opens "Physical Memory".
However, there is no "Physical Memory" in the Process list.
And the error message occurs when you search the game.
IMG: https://i.hizliresim.com/Orq0qQ.png


Note: Bluestacks and Game are on.
PC: Win7 Ultimate - 64 bit
CE Folder: C: \ Program Files (x86)

where is the problem?

_________________
Hi Hitler Take control of your trainer
Enthusiastic people: Always one step ahead
Do not underestimate me Master: You were a beginner in the past
Back to top
View user's profile Send private message MSN Messenger
Corroder
Grandmaster Cheater Supreme
Reputation: 29

Joined: 10 Apr 2015
Posts: 1067

PostPosted: Sat Jun 22, 2019 8:02 am    Post subject: Reply with quote

Try this:

--- value 1 = checked 0 = unchecked
Code:
set = getSettings()
set.Value['Use Windows Debugger']=0
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry()
openprocess(-1)


When you run this code a DBK 64 window will appear at the top left screen.
But 'physical memory' will on process list. You need to select one, the code provides by DB or by me.

If BSOD appears/ memory crash, you need to inspect what is made your computer got BSOD. You can check at windows memory dump file.
Every BSOD must have error record by windows itself. Find what code make BSOD and then find the solution to fix it. BSOD usually caused by damage drivers.

_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL
Back to top
View user's profile Send private message
Aylin
Master Cheater
Reputation: 7

Joined: 16 Feb 2017
Posts: 475

PostPosted: Sat Jun 22, 2019 3:18 pm    Post subject: Reply with quote

@Corroder, your last code works fine. Thanks.
But @DarkByte code: I guess it doesn't activate CE.
Although the election is successful, CE is not active. Sad
IMG: https://i.hizliresim.com/RgYrZo.jpg




I've tried different pop-up windows, the action I'm looking for is not in the list.
IMG: https://i.hizliresim.com/VQV9nR.jpg



Rolling Eyes Rolling Eyes

_________________
Hi Hitler Take control of your trainer
Enthusiastic people: Always one step ahead
Do not underestimate me Master: You were a beginner in the past
Back to top
View user's profile Send private message MSN Messenger
Dark Byte
Site Admin
Reputation: 376

Joined: 09 May 2003
Posts: 22225
Location: The netherlands

PostPosted: Sat Jun 22, 2019 5:21 pm    Post subject: Reply with quote

yeah, apparently you have to open it using the processwindow -1 won't work on it's own
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Aylin
Master Cheater
Reputation: 7

Joined: 16 Feb 2017
Posts: 475

PostPosted: Sat Jun 22, 2019 6:43 pm    Post subject: Reply with quote

yes @DarkByte, there is no problem in the MainForm process window.
Is there a short code to open the MainForm Process window? Smile

I think there are 2 ways to get real confirmation:
Open the MF Transaction Window, and confirm.
or to define "Physical Memory" in the external process window we use.

Requirement: For 1 game for now.
But one detail that needs to be coded,
this is real. Wink

_________________
Hi Hitler Take control of your trainer
Enthusiastic people: Always one step ahead
Do not underestimate me Master: You were a beginner in the past
Back to top
View user's profile Send private message MSN Messenger
Aylin
Master Cheater
Reputation: 7

Joined: 16 Feb 2017
Posts: 475

PostPosted: Mon Jun 24, 2019 9:50 am    Post subject: Reply with quote

Dark Byte wrote:
yeah, apparently you have to open it using the processwindow -1 won't work on it's own


Thanks to @ FreeER for this code.
One liner:
Code:
getMainForm().sbOpenProcess.doClick()


@DB:
Please try the following code with .CETRAINER.
I don't understand the problem. Why does the error message! Rolling Eyes

Code:
set = getSettings()
set.Value['Use Windows Debugger']=0
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry()

f = createForm(true)
f.Position = poDesktopCenter
f.Width = 220
f.Height = 100

b1 = createButton(f)
control_setPosition(b1, 73, 30)
b1.caption="Open Log"

b2 = createLabel(f)
control_setPosition(b2, 40, 65)
b2.caption='Process opened: '

b1.OnClick = function()
getMainForm().sbOpenProcess.doClick()
end


onOpenProcess = function(processId)
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
b2.visible=true
b2.caption=(string.format('Process opened: %d', processId))
end


and you should see: pid for "Physical Memory": 4294967295 Smile

_________________
Hi Hitler Take control of your trainer
Enthusiastic people: Always one step ahead
Do not underestimate me Master: You were a beginner in the past
Back to top
View user's profile Send private message MSN Messenger
Dark Byte
Site Admin
Reputation: 376

Joined: 09 May 2003
Posts: 22225
Location: The netherlands

PostPosted: Mon Jun 24, 2019 11:04 am    Post subject: Reply with quote

i can't try that code at the moment but don't destroy the settings window.

also, cetrainers don't use the settings so use the dbk_use* functions

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Corroder
Grandmaster Cheater Supreme
Reputation: 29

Joined: 10 Apr 2015
Posts: 1067

PostPosted: Mon Jun 24, 2019 9:02 pm    Post subject: This post has 1 review(s) Reply with quote

Save the script below as CETRAINER and test it.

Code:
getLuaEngine().cbShowOnPrint.Checked=false
getLuaEngine().hide()

f = createForm(true)
f.Position = poDesktopCenter
f.Width = 220
f.Height = 100

b1 = createButton(f)
control_setPosition(b1, 73, 30)
b1.caption="Open Log"

b2 = createLabel(f)
control_setPosition(b2, 40, 65)
b2.caption='Process opened: '

set = getSettings()
set.Value['Use Windows Debugger']=1
set.Value['Use dbk32 QueryMemoryRegionEx']=0
set.Value['Use dbk32 ReadWriteProcessMemory']=0
set.destroy()
reloadSettingsFromRegistry()


function getProcessNameFromID(processId)
local processName = nil
local list = createStringlist()
getProcesslist(list)
for i = 0, list.Count-1 do
local id, name = list.String[i]:match("(.*)-(.*)")
if processId == tonumber(id, 16) then processName = name break end
end return processName end

b1.OnClick = function()
reinitializeSymbolhandler()
set = getSettings()
set.Value['Use Windows Debugger']=0
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry()
getMainForm().sbOpenProcess.doClick()
local id = getOpenedProcessID()
local name = getProcessNameFromID(id)
if id == nil then name = nil return id end
if id == 4294967295 then name = 'Phisical Memory' end
b2.visible=true
b2.caption= 'Process opened: '.. name
end

_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL
Back to top
View user's profile Send private message
Aylin
Master Cheater
Reputation: 7

Joined: 16 Feb 2017
Posts: 475

PostPosted: Tue Jun 25, 2019 4:31 am    Post subject: Reply with quote

Corroder wrote:
Save the script below as CETRAINER and test it.

Code:
getLuaEngine().cbShowOnPrint.Checked=false
getLuaEngine().hide()

f = createForm(true)
f.Position = poDesktopCenter
f.Width = 220
f.Height = 100

b1 = createButton(f)
control_setPosition(b1, 73, 30)
b1.caption="Open Log"

b2 = createLabel(f)
control_setPosition(b2, 40, 65)
b2.caption='Process opened: '

set = getSettings()
set.Value['Use Windows Debugger']=1
set.Value['Use dbk32 QueryMemoryRegionEx']=0
set.Value['Use dbk32 ReadWriteProcessMemory']=0
set.destroy()
reloadSettingsFromRegistry()


function getProcessNameFromID(processId)
local processName = nil
local list = createStringlist()
getProcesslist(list)
for i = 0, list.Count-1 do
local id, name = list.String[i]:match("(.*)-(.*)")
if processId == tonumber(id, 16) then processName = name break end
end return processName end

b1.OnClick = function()
reinitializeSymbolhandler()
set = getSettings()
set.Value['Use Windows Debugger']=0
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry()
getMainForm().sbOpenProcess.doClick()
local id = getOpenedProcessID()
local name = getProcessNameFromID(id)
if id == nil then name = nil return id end
if id == 4294967295 then name = 'Phisical Memory' end
b2.visible=true
b2.caption= 'Process opened: '.. name
end


The code you provide does not list "Physical Memory".
Although the CE setting is "Physical Memory".

But your code below closes the error message.
Thanks.

Code:
getLuaEngine().cbShowOnPrint.Checked=false
getLuaEngine().hide()


This code has been checked and works fine. Wink

Code:
set = getSettings()
set.Value['Use Windows Debugger']=0
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry()

f = createForm(true)
f.Position = poDesktopCenter
f.Width = 220
f.Height = 100

b1 = createButton(f)
control_setPosition(b1, 73, 30)
b1.caption="Open Log"

b2 = createLabel(f)
control_setPosition(b2, 40, 65)
b2.caption='Process opened: '

b1.OnClick = function()
getMainForm().sbOpenProcess.doClick()
end


onOpenProcess = function(processId)
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
getLuaEngine().cbShowOnPrint.Checked=false --Thanks @Corroder
getLuaEngine().hide()
b2.visible=true
b2.caption=(string.format('Process opened: %d', processId))
end


Because the Trainer is focused on "Physical Memory":
I will solve the "pidName" topic in a simple way.

Code:
onOpenProcess = function(processId)
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
getLuaEngine().cbShowOnPrint.Checked=false --Thanks @Corroder
getLuaEngine().hide()
b2.visible=true
b2.caption=(string.format('Process opened: %d', processId))
if b2.caption=="Process opened: 4294967295" then
b2.caption="Process opened: Physical Memory"
else
b2.caption="Process opened: Physical Memory"
end
end


Thanks for all the solutions.
@Corroder and @DB: +1 is always yours, respectively.



Ekran 23.JPG
 Description:
Final 1, Thanks @Corroder:
getLuaEngine().cbShowOnPrint.Checked=false
getLuaEngine().hide()
 Filesize:  30.85 KB
 Viewed:  2202 Time(s)

Ekran 23.JPG



Ekran 2.jpg
 Description:
"Physical Memory" does not list.
 Filesize:  48.73 KB
 Viewed:  2202 Time(s)

Ekran 2.jpg



_________________
Hi Hitler Take control of your trainer
Enthusiastic people: Always one step ahead
Do not underestimate me Master: You were a beginner in the past
Back to top
View user's profile Send private message MSN Messenger
Corroder
Grandmaster Cheater Supreme
Reputation: 29

Joined: 10 Apr 2015
Posts: 1067

PostPosted: Tue Jun 25, 2019 6:08 am    Post subject: Reply with quote

@Aylin: Yeah, my provided script sometimes work and sometimes not when the code saves as CETRAINER. Don't know what is the problem. But any way you already solved the problem. Good luck
_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Lua Scripting All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites