Cheat Engine

kitesan · Posted: Fri Jan 02, 2015 10:31 am Post subject: Module question

How to make a copy of the "original code" into a module and use it (in your table/trainer) in order to bypass a check? the game uses this kind of scanner: xor al,[rdx]

Xblade Of Heaven · Posted: Fri Jan 02, 2015 12:45 pm Post subject:

farcry 4?

kitesan · Posted: Fri Jan 02, 2015 1:14 pm Post subject:

Assassins creed unity Sad

aikoncwd · Posted: Fri Jan 02, 2015 3:02 pm Post subject:

Did you tried stealthedit plugin? I don't have this game but maybe it helps you

kitesan · Posted: Fri Jan 02, 2015 3:10 pm Post subject:

that's a x64 bit game..

is it possible to inject something like a dll that contains the whole original module's code and using the address of the injected dll in the integrity check?

kitesan · Posted: Sat Jan 03, 2015 12:37 pm Post subject:

i guess it is not..?

Dark Byte · Posted: Sat Jan 03, 2015 1:26 pm Post subject:

it's possible and you already said what you need to do.
Just inject a copy of the game and redirect the read operation to the copy (don't use a dll, just copy)

kitesan · Posted: Sat Jan 03, 2015 1:50 pm Post subject:

thanks alot, one last question: when i'm going to inject the copy of the game, how will i search for his own ModuleName and address? ( by using cheat engine)

Dark Byte · Posted: Sat Jan 03, 2015 2:09 pm Post subject:

you allocate the memory for the copy destination using lua or aa, so you should have it then (registerSymbol can be helpful)

kitesan · Posted: Sat Jan 03, 2015 10:54 pm Post subject:

awesome, thanks alot (another little question) injecting an exe into an exe
works in the same way as a dll injection? (if not, where can i find a tutorial about it?)

And thanks again

Dark Byte · Posted: Sun Jan 04, 2015 5:54 am Post subject:

it's similar but has some differences. The entry point for example will need different parameters

anyhow, you certainly do not want to inject the game's exe like a dll because the relocations and some other things wouldn't match. you have to copy the game's memory (also, be prepared that there can be multiple checks that each scan a different location, and that if the game encrypts/decrypts at runtime, your copy will have to be the fully decrypted version)

kitesan · Posted: Sun Jan 04, 2015 7:15 am Post subject:

I'm wondering why, if it has been cracked its still packed and some of the pieces of the code are obfuscated... RELOADED usually turns all those protections off.
if the game unpacks his code at runtime i have to copy the "runtime" code then and that looks complicated,