View previous topic :: View next topic |
Author |
Message |
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25288 Location: The netherlands
|
Posted: Thu Jul 04, 2019 3:12 pm Post subject: |
|
|
i'm not sure what goes wrong. I have tested the latest build and it works (tested it without DBVM at the moment to prevent getting confused by DBVM's cloak)
try: https://cheatengine.org/download/cekinfobuild-07042019.zip
Just extract it to an empty folder.
Make sure DBVM isn't loaded, run the kernelmoduleunloader exe(get rid of older conflicting drivers)
and then run CE.
Click proof of concept->kernelmode hook, no, yes, and see what happens then
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
nb81 Cheater Reputation: 0
Joined: 08 Jun 2013 Posts: 35
|
Posted: Thu Jul 04, 2019 4:38 pm Post subject: |
|
|
Your build works fine.
Anyways, after some real struggle I managed to debug and find the cause: I'm building with the privatebuild flag set and I'm guessing that the NtReadVirtualMemory hook messes autoassemble up. Do you know why / how this could happen?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25288 Location: The netherlands
|
Posted: Thu Jul 04, 2019 4:52 pm Post subject: |
|
|
ah, that.
I'm not sure it's the NtReadVirtualMemory hook as the command dbk_useKernelmodeProcessMemoryAccess will swap the internal rpm and wpm api pointers to the DBK implementation anyhow
You'll have to do some more debugging to figure out where it goes wrong
(or hook the API's used to detect handles. And in case of an Ob callback then hook the functions pointed to and filter out ce process events)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
nb81 Cheater Reputation: 0
Joined: 08 Jun 2013 Posts: 35
|
Posted: Thu Jul 04, 2019 6:36 pm Post subject: |
|
|
After some more debugging I've found out that it's something with OpenProcess. When autoAssemble (or readByte?) is called from the lua script, somewhere in the code it enumerates and opens handles for every process even though only the CE process is needed (seems like it has to get a valid handle through OpenProcess even though the handle it uses in autoassember is acquired with GetCurrentProcess?, I'm really not sure at this point but I let it get a handle from DBK anyways).
Adding a check for GetCurrentProcessId in the hooked OpenProcess solved my problem (I can now use the call logger and r/w without handles), however I'd consider it a messy and not proper solution, maybe after I get more familiar with the source code I'll come up with something better :/
Also, there are no Ob callbacks, the game I'm trying to get into has some basic antidebug techniques in place and from what I've seen they open handles to CE to scan it's memory for keyword strings.
|
|
Back to top |
|
|
nb81 Cheater Reputation: 0
Joined: 08 Jun 2013 Posts: 35
|
Posted: Fri Jul 05, 2019 9:30 am Post subject: |
|
|
Is it possible to hook non-exported functions with this lua script (addresses, ntoskrnl offsets or functions which appear in pdb as symbols)?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25288 Location: The netherlands
|
Posted: Fri Jul 05, 2019 9:42 am Post subject: |
|
|
Yes, but you must make sure that in memoryview kernel symbols is selected (i need to add a lua function to automate that, or use the form access lua commands)
then you can use file-use/download windows symbol files or the lua command enableWindowsSymbols()
Once the symbols are downloaded and loaded by CE those functions will be available as well
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
nb81 Cheater Reputation: 0
Joined: 08 Jun 2013 Posts: 35
|
Posted: Fri Jul 05, 2019 10:05 am Post subject: |
|
|
Thank you, getAddress couldn't find some ntoskrnl symbols, calling enableWindowsSymbols() fixed that.
|
|
Back to top |
|
|
maskelihileci Cheater Reputation: 0
Joined: 08 Oct 2016 Posts: 43
|
Posted: Mon Feb 10, 2020 2:48 am Post subject: Windows 10 ? |
|
|
Does this software work for windows 10 version?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25288 Location: The netherlands
|
Posted: Mon Feb 10, 2020 2:50 am Post subject: |
|
|
yes, on intel
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
maskelihileci Cheater Reputation: 0
Joined: 08 Oct 2016 Posts: 43
|
Posted: Mon Feb 10, 2020 3:22 am Post subject: Anti Cheat |
|
|
Can we turn off access to the Cheat engine software ?
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25288 Location: The netherlands
|
Posted: Mon Feb 10, 2020 4:26 am Post subject: |
|
|
yes, look at enableDRM()
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
maskelihileci Cheater Reputation: 0
Joined: 08 Oct 2016 Posts: 43
|
Posted: Mon Feb 10, 2020 11:04 pm Post subject: |
|
|
Unfortunately, the operating system crashes on me
Also has access to cheat engine software
|
|
Back to top |
|
|
|