| View previous topic :: View next topic |
| Author |
Message |
argie
Newbie cheater
![]() Reputation: 0
Joined: 23 Sep 2012
Posts: 21
|
 Posted: Fri Jun 25, 2021 5:38 am Post subject: Game will not start DBVM is On |
 |
|
Hello.
I am trying to debug\check values on a heavily anti-debug focused so I went with DBVM. I do not have much experience with it but I set it up as instructed and it all works (green text: DBVM is now running on this machine.....) and in top left big text flashes "DBVM ON".
Now I go to start my target game, it starts, black screen shows (as it should) and then hard crash. There is even log created:
| Code: |
<Exception.Summary:>
ACCESS_VIOLATION
<:Exception.Summary>
<Exception.Assertion:>
<bunch of register values, etc>
|
I unloaded the service and game starts up again. Is it possible game is detecting that is in the "VM"?
Is there any workaround for this because for this game I have to run it with loader since it has buttload of checks that needs to be fixed.
Since I have finished with all of that I wanted to use CE for a easier DynAnalysis to find stuff.
Thank you.
|
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 470
Joined: 09 May 2003
Posts: 25812
Location: The netherlands
|
| Posted: Fri Jun 25, 2021 6:50 am Post subject: |
|
|
How did you unload the service? As it sounds more like DBK is detected, not dbvm. (dbvm can function without dbk present)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
argie
Newbie cheater
![]() Reputation: 0
Joined: 23 Sep 2012
Posts: 21
|
| Posted: Fri Jun 25, 2021 7:31 am Post subject: |
|
|
| Dark Byte wrote: | | How did you unload the service? As it sounds more like DBK is detected, not dbvm. (dbvm can function without dbk present) |
I used Kernelmoduleunloader.exe and it was a success (CESERVICE60 deleted).
So basically here is how it went:
- Opened CE and configured dbvm debugging.
- Everything went fine and each CE start it would blink "DBVM ON".
- then I tried to start the game and it just crashes but when service is unloaded it starts again.
Game doesn't have any "Anti-CE". I searched the entire binary for Anti-CE but there is nothing. Basically I can do anything but it has strong anti-debug so every time I try to break or see values access\write = crash.
That is why I went with DBVM.
EDIT: tried older versions of CE and one version I compiled myself which is heavily hidden, game still crashes but DBVM works.
EDIT2: I now have complete control over the game with my loader. Can I do anything do patch out the check for the driver if there is indeed a check? Sorry, I am not familiar on how dbk is detected.
|
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 470
Joined: 09 May 2003
Posts: 25812
Location: The netherlands
|
| Posted: Fri Jun 25, 2021 7:43 am Post subject: |
|
|
assuming you're on 7.2:
Load dbvm, then go to settings->extra and disable all options there
close CE
run the kernelmodule unloader
Now start CE, and you may be able to use the "DBVM find what accesses this address"
If the physical address is blank, you may need to disable spectre protection first
Or ,since you mention DBVM debugging, 7.3 beta which has dbvm level debugging (kernelmode debug is NOT dbvm debug) you can also run that without the driver present
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
argie
Newbie cheater
![]() Reputation: 0
Joined: 23 Sep 2012
Posts: 21
|
| Posted: Fri Jun 25, 2021 8:01 am Post subject: |
|
|
| Dark Byte wrote: | assuming you're on 7.2:
Load dbvm, then go to settings->extra and disable all options there
close CE
run the kernelmodule unloader
Now start CE, and you may be able to use the "DBVM find what accesses this address"
If the physical address is blank, you may need to disable spectre protection first
Or ,since you mention DBVM debugging, 7.3 beta which has dbvm level debugging (kernelmode debug is NOT dbvm debug) you can also run that without the driver present |
Yep, 7.2
Followed the steps, game launched but "DBVM find what accesses this address" is greyed out.
Unf. I cannot access the beta at this time 
|
|
| Back to top |
|
|
argie
Newbie cheater
![]() Reputation: 0
Joined: 23 Sep 2012
Posts: 21
|
| Posted: Sat Jun 26, 2021 1:57 am Post subject: |
|
|
I managed to get it going but it is limited.
Maybe this will help someone who has similar issue:
1. Unload service \ Close CE
2. Start Game
3. Enter into the game (crashes in menus)
4. Open CE and it will load DBVM and allow "DBVM find what accesses this address"
It only works in that instance of the game though. If I leave to menu, insta crash. It is okay though. Don't need much in menu anyways 
Thanks DarkByte for tips!
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
