Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


is it any plugin to view process on vmware-vmx.exe ?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Source -> Plugin development
View previous topic :: View next topic  
Author Message
systrojan
How do I cheat?
Reputation: 0

Joined: 08 Jun 2010
Posts: 3
PostPosted: Tue Jun 08, 2010 4:40 pm    Post subject: is it any plugin to view process on vmware-vmx.exe ? Reply with quote
Hi Dark Byte,

I tried to search game process on vmware with CE, but CE only read vmware process on their memory.

Can u explain to me how can do that? i mean CE can read the other process in vmware-vmx ?

note: i use vmware workstation 7.1 with windows sp2

Thanks in advanced Very Happy
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 470

Joined: 09 May 2003
Posts: 25807
Location: The netherlands
PostPosted: Tue Jun 08, 2010 5:08 pm    Post subject: Reply with quote
I have no idea, perhaps you can find the base of the physical memory, then the base of the loaded windows kernel, from there try to find the eprocess list, and in there find the CR3 address of the specied process
Then use that and the relative addresses to map the virtual addresses to physical addresses and back to virtual again and read that
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
systrojan
How do I cheat?
Reputation: 0

Joined: 08 Jun 2010
Posts: 3
PostPosted: Tue Jun 08, 2010 5:30 pm    Post subject: Reply with quote
LoL.. too many jumping process..

Thanks a lot, i will try it
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 470

Joined: 09 May 2003
Posts: 25807
Location: The netherlands
PostPosted: Sat Jun 19, 2010 4:07 pm    Post subject: Reply with quote
for those interested to implement this, here's a easy trick to get the physical address memory region:
Use virtualqueryEx to find all memory regions and look for regions with the type "mapped"
then for each mapped region find the filename (GetMappedFileName) the region with extension .vmem is the physical memory of the virtual machine
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
SER[G]ANT
Expert Cheater
Reputation: 10

Joined: 29 Dec 2005
Posts: 215
Location: Russia
PostPosted: Mon Nov 15, 2010 11:06 pm    Post subject: Reply with quote
Just run CE on VM Laughing
_________________
rzndsa
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Source -> Plugin development All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites