Cheat Engine

[Noobrzor]

Greetings

Dank Souls 3. I inject code. Code works. Suddenly doesn't work. I check out why - my alloc memory is still there, my symbols still registered, but at the spot instead of a jmp newmem as it was supposed to be - the original code is shown.

The game literally reloads it's own code. How to counter that?

Best Regards

[hhhuut]

Find the routines/instructions that acutally rewrite the code and nop them.

[Noobrzor]

Ha, clever! Gonna try it out tomorrow.
Any other ways?

[deama1234]

I tried to find those instructions, but I couldn't, I used ollyDBG and browsed through the whole lot of it, it's probably in some .dll file or somewhere other than the .exe I think.

Easiest way is to search the AOB of that instruction, change it to what you want, and then freeze it. Since AOBs for instructions are static, you won't have to keep searching for it each time.

[Dark Byte]

most likely it's a dll being reloaded

you could use a timer that checks every few seconds if the code has been restored and then rehook

or if windows keeps that dll cached you could use kernelmode read/write process memory in combination with dbk_writesIgnoreWriteProtection(true) which will bypass copy-on-write and affect every process loading that module (again, only if cached)

[++METHOS]

I haven't checked, but perhaps this is what Matze500 and Cielos were working on? I honestly don't know.

[Noobrzor]

All right.

The timer method, while seemngly easiest for me, has a major drawback. If I'll do it too often, it would've been an aobscan every few seconds which surely means some sort of a lag. And if I'll make it, like, a check every minute then there could be a delay between times where the cheat is active or no, leading to blind spots.

It seems I need to check if it's cached or not. Since I don't really know anything, how do I do that?

I thought about doing the first advice, i.e. making a code that checks if there's a jmp newmem or original, and if original then restore to jmp newmem, but if the code that checks and writes the jmp newmem get's reloaded along, then it's all been in vain.

What a pickle.

[STN]

Dark souls 3 has a unique anti-cheat where it constantly overwrites its code, not the whole memory but parts which deals with cheats possibly more.

I defeated the checks (there are shitload of them) but still missed some as some are triggered at different time/points in game and you can't trigger them all.

BUT it is incredibly easy to defeat the anti-cheat, there are no checks in that game doesn't crash if you modify the code so just do an overwriting of your own - bam problem solved. Game overwrites after 15 or sometimes more minutes, you can do it 1 minute each or more. There is no noticeable blind spot.

Heck, i tried doing it every second and no lag. Create a thread and inject there, its just a few bytes injection its not going to lag anything. I don't know why its such a big problem, this game's anticheat is a joke and they certainly could have made it harder like some of the other recent games

[Noobrzor]

I didn't use cheat engine online and never bothered with any anti cheats
Kind of shameful not to figure it out. Always something to learn.

I'll try it later then, by this point anything to do can be supplemented with a tutorial rather than more question.

I presume topic closed, and thanks for all the replies!

Also, by lag I meant when they would be necessity for an aobscan. But that would only be necessary if the code was shifting around. The overwrite of the code is in the same spot and registered symbols suffice for that.

[STN]

[Noobrzor]

Here was a big post about creating thread to automatically rewrite the changed code but I was having problems until I realized.

I can just register symbol and freeze the value in cheat table, not to mention noping overwriting instructions work. Nvm.

Still, can I be gives an example of code that's infinitely looped to rewrite address: jmp newmem every second or so?