View previous topic :: View next topic |
Author |
Message |
vitdor Newbie cheater Reputation: 0
Joined: 08 Feb 2018 Posts: 18
|
Posted: Sun Sep 20, 2020 3:01 pm Post subject: The process is opened as 32 bits however it is 64 bits. |
|
|
Can't solve this problem.
Under windows 10 release 2004, if I set the flag, "Do not try to obtain handlers" all 64-bit processes are opened only as 32-bit mode, and the assembler does not inject with 64-bit code. This problem does not exist under Windows 7.
CE Release 7.0, 7.1, 7.2.
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25288 Location: The netherlands
|
Posted: Sun Sep 20, 2020 10:17 pm Post subject: |
|
|
if you know it's 64 bit then use this lua code
Code: |
setPointerSize(8)
setAssemblerMode(1)
|
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
vitdor Newbie cheater Reputation: 0
Joined: 08 Feb 2018 Posts: 18
|
Posted: Tue Sep 22, 2020 7:39 am Post subject: |
|
|
Dark Byte wrote: | if you know it's 64 bit then use this lua code
Code: |
setPointerSize(8)
setAssemblerMode(1)
|
|
Many thanks! Your answer helped me!
In addition, I found that isWow64Process produces invalid data if the "Don't try to get handlers" flag is set.
Another moment. The example below does not work for Win 10, but works for Win 7. For Win 10, the wrong address is calculated there.
GlobalAlloc (any, 2048)
cmp [any + rax + 28], 0 // works for win 7, but doesn't work for win 10
Replaced by win 10:
lea r11, [any]
cmp [r11 + rax + 28], 0
|
|
Back to top |
|
|
|