Cheat Engine

[blitz02]

Hi again, thank you for visiting my thread.
I was wondering if I could get a clear explanation about getPixels.
I tried messing around with it and gave me some ideas.

first I try to check if pixel colors do really work..
So i tried messing my paint and spill it with different colors.
I check the code if it's working by comparing 2 selected pixel coordinates.
So if i color all black, message show that its equal.
while if it's not the same, it says unequal.
So from here I conclude that the code is working and I can now use getPixels.

But there is a problem, when I try to connect it on a game, (Which is having a gameguard) it only says equal..

So I try messing around.
Put some if conditions
if this pixel == -1 or 0.

The getPIxel dont work.. I am usually getting -1 and equal(even it is in different color).

I kinda search for getPixel with Gameguard, and it tells that this api is blocked by gg.

I know this can be done, bcoz I am purchasing other FPS VIPs and their aimbot functions very well.

Could anyone give me a hint regarding this..
It would be a really really big great help. TIA

[hcavolsdsadgadsg]

does gamegaurd block all the gdi functions?

like bitblt(), getdc(), createdibsection()? it's easy to read pixels without getpixel().


create a dib section, select it into a memory dc, then blit your dc into the memory dc.

[Slugsnack]

i believe getpixel is only hooked in usermode so you can easily bypass that

[blitz02]

[Slugsnack]

On second thoughts I'm not so sure it's not got a kernelmode hook either. I remember someone who used to use the game's screenshot function and read the bitmap produced from the file system.

[hcavolsdsadgadsg]

A DIB section provides you with a pointer to the data.
BitBlt is basically a memcpy with some other stuff behind the scenes

when you blit the device context contents into the memory dc with the dib selected into it, you'll end up with a pointer to all the raw pixel data.


here's an abortion for you to play with

[blitz02]

Awesome, it's like you already make it for me.
Many thanks, I'll try messing this around so I could learn how'dya do it.
Thanks again


----------------------------------------------------------------------------------------
Feedback.

The code works perfectly well.
I have located RGB Colors I want when I am using it.
Afterwards, I included the code on my DLL.

modify the coordinates of the mouse x/y to a static coordinates.

I open the console that I compiled with your code. I looked at the coordinate 406, 486 and returned me a value of E68000.

In my DLL, I was hoping to get the same value. So I change coordinates to 406,486 and compared it. returns to error.
When I check what the code returns, it gave me 0.

-------------------

Every coordinates at the screen returns me a 0 value.

-------------------

I have gettin an idea that the game itself uses the function and I wasn't able to get a chance using it.

Criticize my actions, what do you think is the problem? Is it gameguard? or really the game itself.

[hcavolsdsadgadsg]

I've never played a game with gamegaurd so i don't really know how it works.


Make sure you're getting a valid DC when you're using it in your DLL. 0 for the parameter means it will try to use the screen itself, not a specific window.



If you're using visual studio, you can debug injected dll's easily. Just set a breakpoint, inject it, and attach the debugger. It'll break inside visual studio just like any other program.

[blitz02]

Thanks for the reply.

GetDC is not working after I injected it.
After I injected it, ofcourse I expect it becomes 0.
So I tried minimizing the game to get to my desktop.
Then hit the F9(to initiate pixel getting/your code)
Pixel shows that it stays at 0, no changes at all.

It didn't get the window after I minimize it. It is still returns 0.

//edit

Okay. I conduct another test.
I tried it on a D3D9 Test Enviroment.
It still gives me value of 0, even if I am viewing desktop.

is the problem cause on injecting? :3


//

I am searchingfor IDirect3DSurface9::GetDC() now.. maybe it can help.

[hcavolsdsadgadsg]

I'm pretty sure you should be able to get the DC of a directx / opengl window, so i'd imagine blitting its contents should work alright, I'm not entirely sure though.

I don't know why it would break on injecting.


I guess if you had the renderer hooked you could create a surface, copy the front buffer there, lock the surface and do your pixel checks like that...

[blitz02]

I'm pretty sure it does gettin the DC.
The problem I think is on hooking maybe..

I'll search for more. Thanks for your time.


//add

now I can be sure the problem is on injecting.

I tried to inject it to paint.exe.
it returns 0 value of pixels too.

[Slugsnack]

posting your code could well help us determine your problem

[blitz02]

I just C/P the code from slovach.
Anyways I spent the whole day working on it. And just now, I got the answers.

Hooking BitBlt into anyprocess makes the data lost.
On my understanding, it's like BitBlt or the copied pixels are the ones who doesn't work. It will only have black background.

Thanks for all the support out here! +rep

[hcavolsdsadgadsg]

Can you actually confirm that your DC is valid when you inject it? What are you using, the actual process that you've injected it into window?

GetLastError() will return ERROR_INVALID_HANDLE if BitBlt fails from an invalid DC.


I don't think the DIB pointer is invalid, you'd probably get an access violation otherwise.

[blitz02]

I got it all working hurray! Thanks again, it seems that I need to place BltBit everytime I will do a scan.. I places the code so wrong sorry.. Thanks again