| View previous topic :: View next topic |
| Author |
Message |
Monica
How do I cheat?
![]() Reputation: 0
Joined: 22 Jan 2020
Posts: 7
|
 Posted: Wed Jan 22, 2020 5:36 pm Post subject: kernel bypass or injection bypass?Help~~~ |
 |
|
I need some help about anti-cheat. A local game use some methods that i don't konw to Identify Cheat Engine. Once you started the game, if Cheat Engine had been running, then the game crushed. I am pretty sure it is about 28KB .dll file make this happen, which is attached below.
so what i should do to bypass this? Can anyone provide me an approach to fix this? THX.
The attachment:
.....apparently, i can not upload this file and text the downloading url.....
|
|
| Back to top |
|
 |
DanyDollaro
Master Cheater
![]() Reputation: 3
Joined: 01 Aug 2019
Posts: 334
|
| Posted: Wed Jan 22, 2020 6:08 pm Post subject: |
|
|
To identify Cheat Engine the program in question scans the running processes, and if it finds a process called "Cheat Engine" it crashes.
You can get around it by opening the cheat engine file (.exe) file on a hex editor and changing all the strings that have to do with its name "Cheat Engine", many hex editors allow you to replace all the strings through a non case sensitive search.
Edit: I also came across programs that also scanned the pages of my browser (Firefox) so when you start the program make sure you have also closed the Cheat Engine forum otherwise it will detect it as a malicious software.
|
|
| Back to top |
|
|
Monica
How do I cheat?
![]() Reputation: 0
Joined: 22 Jan 2020
Posts: 7
|
| Posted: Thu Jan 23, 2020 2:12 am Post subject: |
|
|
| DanyDollaro wrote: | To identify Cheat Engine the program in question scans the running processes, and if it finds a process called "Cheat Engine" it crashes.
You can get around it by opening the cheat engine file (.exe) file on a hex editor and changing all the strings that have to do with its name "Cheat Engine", many hex editors allow you to replace all the strings through a non case sensitive search.
Edit: I also came across programs that also scanned the pages of my browser (Firefox) so when you start the program make sure you have also closed the Cheat Engine forum otherwise it will detect it as a malicious software. |
Thanks very much. I havd done that with replacing Cheat Engine all the strings even by using lazarus to build my own CE and re-packaging with VMP. It does not work at all.
ps: Thanks for your kind mention. It may not scan other software about anyhing on CE.
|
|
| Back to top |
|
|
DanyDollaro
Master Cheater
![]() Reputation: 3
Joined: 01 Aug 2019
Posts: 334
|
| Posted: Thu Jan 23, 2020 7:08 am Post subject: |
|
|
| Quote: | | It does not work at all. |
Try to see from the task manager if the process name has changed, or change the "Cheat Engine" strings via a hex editor.
If you are interested, this is a masked version that I currently use of Cheat Engine (version x86_64 - 7.0): https://mega.nz/#!GQN3mCaS!9ZhW0K36h42bmydCPpbSchzkK5bi_Ma4Hr22Vz0v1lI
|
|
| Back to top |
|
|
Monica
How do I cheat?
![]() Reputation: 0
Joined: 22 Jan 2020
Posts: 7
|
| Posted: Fri Jan 24, 2020 2:01 am Post subject: |
|
|
| DanyDollaro wrote: | | Quote: | | It does not work at all. |
Try to see from the task manager if the process name has changed, or change the "Cheat Engine" strings via a hex editor.
If you are interested, this is a masked version that I currently use of Cheat Engine (version x86_64 - 7.0): |
How kind you are! I will try this right now.
Amazing! IT work perfectly. Sincerely thank for your help.
i am not good at programming or something about hexeditor. Is there any tutorial that can help me replace the strings through a non case sensitive search? Or is it easy for me that i just search CE and replace? which kind of hex edior do you suggest?
PS: please forgive me these naive questions 
|
|
| Back to top |
|
|
DanyDollaro
Master Cheater
![]() Reputation: 3
Joined: 01 Aug 2019
Posts: 334
|
| Posted: Fri Jan 24, 2020 7:25 am Post subject: |
|
|
the video in question shows how to replace the strings through a Hex editor: https://youtu.be/a5omZXkQPQk.
When replacing the strings make sure that it is equal to or less than 11 characters, this is because if it is higher you will corrupt the file.
When I said "Through a non case sensitive search" I refer to the option that HxD has (HxD is the name of the hex editor used in the video) you just need to tick a check box
|
|
| Back to top |
|
|
Monica
How do I cheat?
![]() Reputation: 0
Joined: 22 Jan 2020
Posts: 7
|
| Posted: Sat Jan 25, 2020 12:11 pm Post subject: |
|
|
| DanyDollaro wrote: | the video in question shows how to replace the strings through a Hex editor:
When replacing the strings make sure that it is equal to or less than 11 characters, this is because if it is higher you will corrupt the file.
When I said "Through a non case sensitive search" I refer to the option that HxD has (HxD is the name of the hex editor used in the video) you just need to tick a check box |
 I have succeeded in replacing the strings. Appreciate all your help!!! 
|
|
| Back to top |
|
|
Monica
How do I cheat?
![]() Reputation: 0
Joined: 22 Jan 2020
Posts: 7
|
| Posted: Sun Jan 26, 2020 8:57 am Post subject: |
|
|
| DanyDollaro wrote: | the video in question shows how to replace the strings through a Hex editor:
When replacing the strings make sure that it is equal to or less than 11 characters, this is because if it is higher you will corrupt the file.
When I said "Through a non case sensitive search" I refer to the option that HxD has (HxD is the name of the hex editor used in the video) you just need to tick a check box |
i meet a new question. i need to start DBVM. When i click the button, it told that the drive is not responsed. How to fix this?
PS: my system support DBVM.
|
|
| Back to top |
|
|
DanyDollaro
Master Cheater
![]() Reputation: 3
Joined: 01 Aug 2019
Posts: 334
|
| Posted: Sun Jan 26, 2020 9:45 am Post subject: |
|
|
Are we always talking about the masked version of Cheat Engine? I don't mean much but try to disable the DBVM on the original version and rehabilitate it on the masked version, otherwise the file may have been damaged.
Ps: DBVM currently only works on Intel processors, therefore not AMD
|
|
| Back to top |
|
|
Monica
How do I cheat?
![]() Reputation: 0
Joined: 22 Jan 2020
Posts: 7
|
| Posted: Sun Jan 26, 2020 11:05 am Post subject: |
|
|
| DanyDollaro wrote: | Are we always talking about the masked version of Cheat Engine? I don't mean much but try to disable the DBVM on the original version and rehabilitate it on the masked version, otherwise the file may have been damaged.
Ps: DBVM currently only works on Intel processors, therefore not AMD |
Yes, apparently we are. My pc processor is AMD. But the 'about' column suggested your system supports DBVM. My original version used windows debugger. A few days ago, i try to use UItimap then i switch to use kernalmode debugger. When i run CE again, my top screen of the left suggested DBVM is loaded. Now i try to do the same thing again on the masked version but nothing is presented even when i reinstall CE and replace strings.
|
|
| Back to top |
|
|
DanyDollaro
Master Cheater
![]() Reputation: 3
Joined: 01 Aug 2019
Posts: 334
|
| Posted: Sun Jan 26, 2020 11:58 am Post subject: |
|
|
Your system supports DBVM but the processor does not necessarily support it, my system also supports DBVM but my processor does not, I have a 3700X.
Although I had read comments from people who despite having an AMD processor (different version from mine) managed to make DBVM work.
|
|
| Back to top |
|
|
Monica
How do I cheat?
![]() Reputation: 0
Joined: 22 Jan 2020
Posts: 7
|
| Posted: Sun Jul 05, 2020 3:11 am Post subject: |
|
|
| DanyDollaro wrote: | Your system supports DBVM but the processor does not necessarily support it, my system also supports DBVM but my processor does not, I have a 3700X.
Although I had read comments from people who despite having an AMD processor (different version from mine) managed to make DBVM work. |
Sorry to bother you. I tried to change all the strings at CE 7.1. it actually worked. But when i see the task manager, i still found "Cheat Engine" title, the second layer was my changed strings.
Could you give me your changed version? THX。
|
|
| Back to top |
|
|
iTzVirtual_
How do I cheat?
![]() Reputation: 0
Joined: 26 May 2020
Posts: 3
|
| Posted: Fri Sep 11, 2020 10:35 am Post subject: Simple bypass |
|
|
| I bypassed the FiveM anti cheat (with cheat engine 7.1) by just running CE as "nt authority\system".
|
|
| Back to top |
|
|
Andrikos85
How do I cheat?
![]() Reputation: 0
Joined: 20 Nov 2020
Posts: 6
|
| Posted: Sun Nov 22, 2020 3:43 am Post subject: |
|
|
| Can someone post the link for the modded cheat engine as the one posted before is not working?
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
