View previous topic :: View next topic |
Author |
Message |
AylinCE Grandmaster Cheater Supreme Reputation: 32
Joined: 16 Feb 2017 Posts: 1257
|
Posted: Fri Jun 14, 2019 11:19 am Post subject: [solved]How is the BlueStacks setting encoded? |
|
|
To make "Physical Memory" visible:
How are the following settings encoded?
MainForm.Settings.ScanSettings.MEM_MAPPED = true
MainForm.Settings.DebuggerOptions.UseKernelmode.Debugger = true
MainForm.Settings.Extra.QueryMemoryRegionRoutines = true
MainForm.Settings.Extra.ReadWriteProcessMemory = true
and:
autoAttachList = getAutoAttachList()
stringlist_add(autoAttachList, "Physical Memory")
How to code these commands with Trainer?
========================================
[Edit - Solved]
========================================
This code has been checked and works fine. Wink
Code: | set = getSettings()
set.Value['Use Windows Debugger']=0
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry()
f = createForm(true)
f.Position = poDesktopCenter
f.Width = 220
f.Height = 100
b1 = createButton(f)
control_setPosition(b1, 73, 30)
b1.caption="Open Log"
b2 = createLabel(f)
control_setPosition(b2, 40, 65)
b2.caption='Process opened: '
b1.OnClick = function()
getMainForm().sbOpenProcess.doClick()
end
onOpenProcess = function(processId)
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
getLuaEngine().cbShowOnPrint.Checked=false --Thanks @Corroder
getLuaEngine().hide()
b2.visible=true
b2.caption=(string.format('Process opened: %d', processId))
end |
Because the Trainer is focused on "Physical Memory":
I will solve the "pidName" topic in a simple way.
Code: | onOpenProcess = function(processId)
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
getLuaEngine().cbShowOnPrint.Checked=false --Thanks @Corroder
getLuaEngine().hide()
b2.visible=true
b2.caption=(string.format('Process opened: %d', processId))
if b2.caption=="Process opened: 4294967295" then
b2.caption="Process opened: Physical Memory"
else
b2.caption="Process opened: Physical Memory"
end
end |
Thanks for all the solutions.
@Corroder, @FreeER and @DB: +1 is always yours, respectively.
( Of course, on different computers, it can vary.
Try one of the @Corroder solutions below. )
Enjoy it ..
_________________
Last edited by AylinCE on Tue Jun 25, 2019 5:29 am; edited 2 times in total |
|
Back to top |
|
|
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Fri Jun 14, 2019 11:38 pm Post subject: |
|
|
Below code will set CE as you want
Code: | --- value 1 = checked 0 = unchecked
set = getSettings()
set.Value['MEM_MAPPED']=1
set.Value['Use Windows Debugger']=0
set.Value['Use Kernel Debugger']=1
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy() |
Since 'use Kernel Debugger Mode' require 'DBVM':
Code: | --- activating DBVM
--- DBVM: The Intel-VT feature in BIOS must set enable
--- Also need to check for 32/64 bit
dbvm_initialize(true)
|
To set debug mode:
Code: | --- set debug mode to kernelmode
--- 0 = default 1 = windows debug 2 = VEH debug 3 = kernel debug
debugProcess("Physical Memory", 3)
|
And d finally:
This part should not work since 'Physical Memory' is not a process, then need to open/attach 'Physical Memory' by manual.
Code: | --- auto attach
getAutoAttachList('Physical Memory')
--- Open Process
openProcess("[Physical Memory]")
|
Description: |
|
Filesize: |
97.52 KB |
Viewed: |
9366 Time(s) |
|
_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Sat Jun 15, 2019 2:53 am Post subject: |
|
|
don't forget reloadSettingsFromRegistry() when using that option
Quote: |
Since 'use Kernel Debugger Mode' require 'DBVM':
|
He ticks the option, but he doesn't use it, so that can be skipped
mem mapped can also be skipped as he doesn't use it
anyhow
Code: |
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
openProcess(-1) --opens physical memory
|
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Sat Jun 15, 2019 4:08 am Post subject: |
|
|
Ah...yes DB, I forgot one line.
Code: | --- value 1 = checked 0 = unchecked
set = getSettings()
set.Value['MEM_MAPPED']=1
set.Value['Use Windows Debugger']=0
set.Value['Use Kernel Debugger']=1
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry() |
And thanks for info which part no need and can be skips and code to open/attach the physical memory.
_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL |
|
Back to top |
|
|
AylinCE Grandmaster Cheater Supreme Reputation: 32
Joined: 16 Feb 2017 Posts: 1257
|
Posted: Sat Jun 15, 2019 6:38 am Post subject: |
|
|
It's nice to know that this is possible with a command.
Thank you @Corroder and @DarkByte ..
It's a family situation, I'm out of town. I'il try when I get back.
Thanks again ❤️
_________________
|
|
Back to top |
|
|
AylinCE Grandmaster Cheater Supreme Reputation: 32
Joined: 16 Feb 2017 Posts: 1257
|
Posted: Sat Jun 22, 2019 2:15 am Post subject: |
|
|
Dark Byte wrote: |
Code: |
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
openProcess(-1) --opens physical memory
|
|
Without making a drastic change,
It works nicely with short and clear result.
Thanks DB.
and @Corroder If you have, the solution is also there, Thanks.
EDIT:
@Corroder:
When I run the code, a confirmation window opens.
If I click OK: PC shuts down and Blue screen is displayed.
If I click NO: "Physical Memory" does not appear.
İMG: https://i.hizliresim.com/gP5q5R.png
@DarkByte:
The code you provide opens "Physical Memory".
However, there is no "Physical Memory" in the Process list.
And the error message occurs when you search the game.
IMG: https://i.hizliresim.com/Orq0qQ.png
Note: Bluestacks and Game are on.
PC: Win7 Ultimate - 64 bit
CE Folder: C: \ Program Files (x86)
where is the problem?
_________________
|
|
Back to top |
|
|
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Sat Jun 22, 2019 8:02 am Post subject: |
|
|
Try this:
--- value 1 = checked 0 = unchecked
Code: | set = getSettings()
set.Value['Use Windows Debugger']=0
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry()
openprocess(-1)
|
When you run this code a DBK 64 window will appear at the top left screen.
But 'physical memory' will on process list. You need to select one, the code provides by DB or by me.
If BSOD appears/ memory crash, you need to inspect what is made your computer got BSOD. You can check at windows memory dump file.
Every BSOD must have error record by windows itself. Find what code make BSOD and then find the solution to fix it. BSOD usually caused by damage drivers.
_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL |
|
Back to top |
|
|
AylinCE Grandmaster Cheater Supreme Reputation: 32
Joined: 16 Feb 2017 Posts: 1257
|
Posted: Sat Jun 22, 2019 3:18 pm Post subject: |
|
|
@Corroder, your last code works fine. Thanks.
But @DarkByte code: I guess it doesn't activate CE.
Although the election is successful, CE is not active.
IMG: https://i.hizliresim.com/RgYrZo.jpg
I've tried different pop-up windows, the action I'm looking for is not in the list.
IMG: https://i.hizliresim.com/VQV9nR.jpg
_________________
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Sat Jun 22, 2019 5:21 pm Post subject: |
|
|
yeah, apparently you have to open it using the processwindow -1 won't work on it's own
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
AylinCE Grandmaster Cheater Supreme Reputation: 32
Joined: 16 Feb 2017 Posts: 1257
|
Posted: Sat Jun 22, 2019 6:43 pm Post subject: |
|
|
yes @DarkByte, there is no problem in the MainForm process window.
Is there a short code to open the MainForm Process window?
I think there are 2 ways to get real confirmation:
Open the MF Transaction Window, and confirm.
or to define "Physical Memory" in the external process window we use.
Requirement: For 1 game for now.
But one detail that needs to be coded,
this is real.
_________________
|
|
Back to top |
|
|
AylinCE Grandmaster Cheater Supreme Reputation: 32
Joined: 16 Feb 2017 Posts: 1257
|
Posted: Mon Jun 24, 2019 9:50 am Post subject: |
|
|
Dark Byte wrote: | yeah, apparently you have to open it using the processwindow -1 won't work on it's own |
Thanks to @ FreeER for this code.
One liner: Code: | getMainForm().sbOpenProcess.doClick() |
@DB:
Please try the following code with .CETRAINER.
I don't understand the problem. Why does the error message!
Code: | set = getSettings()
set.Value['Use Windows Debugger']=0
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry()
f = createForm(true)
f.Position = poDesktopCenter
f.Width = 220
f.Height = 100
b1 = createButton(f)
control_setPosition(b1, 73, 30)
b1.caption="Open Log"
b2 = createLabel(f)
control_setPosition(b2, 40, 65)
b2.caption='Process opened: '
b1.OnClick = function()
getMainForm().sbOpenProcess.doClick()
end
onOpenProcess = function(processId)
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
b2.visible=true
b2.caption=(string.format('Process opened: %d', processId))
end |
and you should see: pid for "Physical Memory": 4294967295
_________________
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25295 Location: The netherlands
|
Posted: Mon Jun 24, 2019 11:04 am Post subject: |
|
|
i can't try that code at the moment but don't destroy the settings window.
also, cetrainers don't use the settings so use the dbk_use* functions
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
|
Back to top |
|
|
AylinCE Grandmaster Cheater Supreme Reputation: 32
Joined: 16 Feb 2017 Posts: 1257
|
Posted: Tue Jun 25, 2019 4:31 am Post subject: |
|
|
Corroder wrote: | Save the script below as CETRAINER and test it.
Code: | getLuaEngine().cbShowOnPrint.Checked=false
getLuaEngine().hide()
f = createForm(true)
f.Position = poDesktopCenter
f.Width = 220
f.Height = 100
b1 = createButton(f)
control_setPosition(b1, 73, 30)
b1.caption="Open Log"
b2 = createLabel(f)
control_setPosition(b2, 40, 65)
b2.caption='Process opened: '
set = getSettings()
set.Value['Use Windows Debugger']=1
set.Value['Use dbk32 QueryMemoryRegionEx']=0
set.Value['Use dbk32 ReadWriteProcessMemory']=0
set.destroy()
reloadSettingsFromRegistry()
function getProcessNameFromID(processId)
local processName = nil
local list = createStringlist()
getProcesslist(list)
for i = 0, list.Count-1 do
local id, name = list.String[i]:match("(.*)-(.*)")
if processId == tonumber(id, 16) then processName = name break end
end return processName end
b1.OnClick = function()
reinitializeSymbolhandler()
set = getSettings()
set.Value['Use Windows Debugger']=0
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry()
getMainForm().sbOpenProcess.doClick()
local id = getOpenedProcessID()
local name = getProcessNameFromID(id)
if id == nil then name = nil return id end
if id == 4294967295 then name = 'Phisical Memory' end
b2.visible=true
b2.caption= 'Process opened: '.. name
end |
|
The code you provide does not list "Physical Memory".
Although the CE setting is "Physical Memory".
But your code below closes the error message.
Thanks.
Code: | getLuaEngine().cbShowOnPrint.Checked=false
getLuaEngine().hide() |
This code has been checked and works fine.
Code: | set = getSettings()
set.Value['Use Windows Debugger']=0
set.Value['Use dbk32 QueryMemoryRegionEx']=1
set.Value['Use dbk32 ReadWriteProcessMemory']=1
set.destroy()
reloadSettingsFromRegistry()
f = createForm(true)
f.Position = poDesktopCenter
f.Width = 220
f.Height = 100
b1 = createButton(f)
control_setPosition(b1, 73, 30)
b1.caption="Open Log"
b2 = createLabel(f)
control_setPosition(b2, 40, 65)
b2.caption='Process opened: '
b1.OnClick = function()
getMainForm().sbOpenProcess.doClick()
end
onOpenProcess = function(processId)
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
getLuaEngine().cbShowOnPrint.Checked=false --Thanks @Corroder
getLuaEngine().hide()
b2.visible=true
b2.caption=(string.format('Process opened: %d', processId))
end |
Because the Trainer is focused on "Physical Memory":
I will solve the "pidName" topic in a simple way.
Code: | onOpenProcess = function(processId)
dbk_useKernelmodeOpenProcess()
dbk_useKernelmodeProcessMemoryAccess()
dbk_useKernelmodeQueryMemoryRegions()
getLuaEngine().cbShowOnPrint.Checked=false --Thanks @Corroder
getLuaEngine().hide()
b2.visible=true
b2.caption=(string.format('Process opened: %d', processId))
if b2.caption=="Process opened: 4294967295" then
b2.caption="Process opened: Physical Memory"
else
b2.caption="Process opened: Physical Memory"
end
end |
Thanks for all the solutions.
@Corroder and @DB: +1 is always yours, respectively.
Description: |
Final 1, Thanks @Corroder:
getLuaEngine().cbShowOnPrint.Checked=false
getLuaEngine().hide() |
|
Filesize: |
30.85 KB |
Viewed: |
8466 Time(s) |
|
Description: |
"Physical Memory" does not list. |
|
Filesize: |
48.73 KB |
Viewed: |
8466 Time(s) |
|
_________________
|
|
Back to top |
|
|
Corroder Grandmaster Cheater Supreme Reputation: 75
Joined: 10 Apr 2015 Posts: 1667
|
Posted: Tue Jun 25, 2019 6:08 am Post subject: |
|
|
@Aylin: Yeah, my provided script sometimes work and sometimes not when the code saves as CETRAINER. Don't know what is the problem. But any way you already solved the problem. Good luck
_________________
Stealing Code From Stolen Code...
And Admit It.. Hmmm....Typically LOL |
|
Back to top |
|
|
|