View previous topic :: View next topic |
Author |
Message |
Emski How do I cheat? Reputation: 0
Joined: 12 Jul 2015 Posts: 2
|
Posted: Sun Jul 12, 2015 6:01 pm Post subject: Running ceserver on Linux with limited success |
|
|
First of all, thank you for your amazing work on Cheat Engine. It's an invaluable tool for me on Windows and when I found out I could use it on Linux with ceserver I was thrilled. Unfortunately I've ran into some issues which I just can't seem to get past.
Since I can't post links yet I'll just put the ID of the paste, go to pastebin dot com slash [id] to view it.
Testing system OS is Arch Linux x64 with kernel v4.0.7, ceserver is always run as root. Client version is always v6.4 run from Windows 8.1 x64 although I've had the same results when trying with Wine 1.7.47.
I have also tried with other distros such as Xubuntu and Linux Mint to no avail.
First I cloned the repository from GitHub and ran the binary in "ceserver/Release-linux", connected over the network and tried to open a process. Opening a process works fine here but an error ("Scan error:controller:No readable memory found") is shown immediately when trying to scan.
Pastebin ID: uKC3cdkV
(The ptrace attach failing PID matches the ceserver PID.)
Then I started Steam on my Linux machine, restarted the server and tried again. This time the process list is not shown in the client due to an "Access violation" error. When connecting with the 32-bit client the program will hang on the empty process list then terminate without showing the error.
Pastebin ID: WsgSZNF7
I ran a diff on the process list from when the server opened a process succesfully and when it failed on requesting the process list. The cause may be due to one of these processes in the link below, assuming from similar previous reports most likely due to the length.
Pastebin ID: J3HCbPw3
As I couldn't get the latest server code to compile from source with the Makefile in ./Debug-linux I tried the same tests with the binary available from the download page. (ceserver-linux-x86_64.zip)
I started the server and connected over the network. The process list is shown and I can open a process without error. Here I can memory scan, attach the debugger, pointer scan, etc without any issue.
Server log of a test scan: Pastebin ID: Kug4uye5
Again I restarted the server, started Steam and tried to connect. As expected from the previous bug report on this topic (thread ID: 574358) this causes a fault.
Pastebin ID: j3vSA5CM
Since this version seems to be mostly functional I tried to start the server while Steam is closed, connect over the network, open Steam and then try to open the process through it's PID. This does not work either but I noticed the PID I entered in the client (3201) was different from the one the server printed in stdout (12801) which might be another issue entirely.
Pastebin ID: 4v69eBqR
I've tried every server binary from the git repo history with similar results that I'll only go into briefly since the tests are the same as written above.
- fb22049444: scanning works, server faults when steam is running.
- 96ebf70518: scanning fails with error: "Scan error:controller:No readable memory found", access violation when steam is running.
- 49e9fc765c: scanning fails with error: "Scan error:controller:No readable memory found", access violation when steam is running.
- eb5f4b9853: scanning fails with error: "Scan error:controller:No readable memory found", access violation when steam is running.
At this point I'm totally stuck so any help would be greatly appreciated.
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25296 Location: The netherlands
|
Posted: Sun Jul 12, 2015 6:30 pm Post subject: |
|
|
the current git version of ceserver requires the git version of cheat engine. (The protocol for memory query has changed)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
Emski How do I cheat? Reputation: 0
Joined: 12 Jul 2015 Posts: 2
|
Posted: Sun Jul 12, 2015 7:33 pm Post subject: |
|
|
Dark Byte wrote: | the current git version of ceserver requires the git version of cheat engine. (The protocol for memory query has changed) |
I still get an access violation error on the process list but after entering the PID manually everything works great.
Thanks so much for the help!
EDIT: Just another quick question, is pointer scanning working in the current ceserver/latest git client? Just wondering as I'm getting no results back when running scans.
I get a lot of "failed to open <shortened path to file>" in stdout which might have something to do with it.
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25296 Location: The netherlands
|
Posted: Mon Jul 13, 2015 1:55 am Post subject: |
|
|
I haven't tested that yet, so it's possible it won't work
See if you get any results if you deselect the option that the base must be a static (just as a temporary test. A full scan will more than likely result in you running out of disk space)
Edit: Just tested it and it seems to work (I also don't get an error with the processlist so could be it's a modulename issue)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
vityav Newbie cheater Reputation: 0
Joined: 24 Oct 2014 Posts: 15
|
Posted: Sun Jul 19, 2015 6:14 pm Post subject: |
|
|
I found this after also getting access violation errors but have since gotten past them. I'm using the latest ceserver from svn in linux and the latest Cheat Engine source from svn in a windows XP virtual machine built with Lazarus as outlined here:
viewtopic.php?t=549357&sid=36e28ef51a311ce255a7da5645f752fd
and here:
viewtopic.php?p=5536858#5536858
However, now I have one process that causes the Cheat Engine client to segfault, I assume because of string length?
This is the process as seen in linux: Code: | /home/vityav/.local/share/Steam/ubuntu12_32/steamwebhelper --type=renderer --disable-gpu-compositing --enable-pinch --enable-threaded-compositing --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en_US.UTF-8 --product-version=Valve Steam Client --disable-spell-checking --enable-pinch --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --disable-gpu-compositing --channel=1297.0.187652472 |
and on trying to connect to the server it throws the error:
Code: | Project Cheat Engine 6.4 raised exception class: External: SIGSEGV
in file processlist.pas at line 176:
ProcessList.Add(AnsiToUtf8(s)) |
and the debugger seems to show that the string "s" only catches up to "--lang=" before getting cut off. If I kill that process before launching Cheat Engine, it runs just fine, picks up all processes, modifies values correctly, etc.
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25296 Location: The netherlands
|
Posted: Sun Jul 19, 2015 7:01 pm Post subject: |
|
|
it's fixed
In networkinterface.pas in the function TCEConnection.Process32Next at line 311 change
Code: |
strcopy(@lppe.szExeFile[0], pname);
|
to
Code: |
CopyMemory(@lppe.szExeFile[0], pname, min(r.stringlength+1, MAX_PATH));
lppe.szExeFile[MAX_PATH-1]:=#0;
|
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
vityav Newbie cheater Reputation: 0
Joined: 24 Oct 2014 Posts: 15
|
Posted: Sun Jul 19, 2015 11:23 pm Post subject: |
|
|
That fixed it, thanks.
Follow up question, since the OP also had issues with pointer scans: is there a known problem with AoB scans using this method? I tried using pointer scans and everything filtered down to libc+offset, which didn't work, so I tried using AoB scans instead and those also don't seem to work. The same game and same method work in a windows-only environment just fine though. I can find the regions I want and change the opcode manually, but doing an Array of Bytes search for any particular add/sub command returns no results in linux+windows where it successfully finds that array in just windows.
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25296 Location: The netherlands
|
Posted: Mon Jul 20, 2015 2:31 am Post subject: |
|
|
pointerscan: have you tried a deeper level and or width?
And how did you filter it? restarted the game a few times or does it also fail without restarting (to see if it's a modulename lookup error or not)
Also, if the game uses Java, there won't be any valid pointerpaths. (unless you launch java with the option to not use compressed pointers, and even then it's tricky)
for aob: Did you set it to scan all memory? By default it skips readonly memory (make all 3 checkboxes gray to scan all)
it's also possible they used a different compiler for the linux build
Edit:
Can you guys post the contents of the /proc/#processid/maps file (without censoring the paths, or at least place an equal amount of characters and don't mess the spaces)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
vityav Newbie cheater Reputation: 0
Joined: 24 Oct 2014 Posts: 15
|
Posted: Mon Jul 20, 2015 12:25 pm Post subject: |
|
|
For the pointerscan, I'll try deeper/wider, but it failed whether exiting the game entirely, or just starting a new instance within the game (i.e. start a new game, change the money, find pointers, go back to the main menu, start a new game, find the new money value or new pointer, update scan). It's also supposedly in C++ (definitely not java, regardless)
For AoB, I set writable, executable, and copyonwrite to all be optional. But really, I'm searching for something very simple, and I'm taking the bytes directly from the disassembler window so I can see that that particular array exists. It just doesn't find it when searching in linux. Screenshot:
i.imgur Fgq8gxC.png
Also doesn't work with fast scan off, or looking for either of the moves after the highlighted line. If I search for something even more simple, like just '44 89', I get a lot of results, but they're listed by static address in the disassembler instead of the game+offset that shows up when you find it via "what writes here".
And I don't know if you wanted the game maps or the ceserver maps, so here are both:
Game:
pastebin jJQiuYYk
Server:
pastebin eR2tCNT8
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25296 Location: The netherlands
|
Posted: Mon Jul 20, 2015 12:53 pm Post subject: |
|
|
Thanks, I'll do some tests with that map file and paths. (probably spaces. Linux apparently hates spaces)
Also, I did a small patch for max modulelength in ceserver and CE itself which might fix it already (the modulepath also was being written beyond the max allowed size)
for the aob:
go to network and disable the "Scan changed regions only"
I apparently forgot to make ce disable that when the option to scan writable memory only is disabled
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
vityav Newbie cheater Reputation: 0
Joined: 24 Oct 2014 Posts: 15
|
Posted: Sat Aug 01, 2015 10:07 am Post subject: |
|
|
You mention a patch, but is there some more up-to-date repository that I don't see? The latest commit on the google code svn is from April.
For the AoB scan, disabling "Scan changed regions only" didn't have any noticeable effect, nor did a separate test where I also disabled "Scan paged memory only". Both still fail to find a short series of bytes that I can see in the disassembler.
I tried messing around with scan settings and enabling scanning of MEM_MAPPED regions, but that turns everything already found or in the disassembler into question marks and every attempt to scan thereafter (even if I re-disable scanning MEM_MAPPED) results in something like
Code: | controller:Cleanup:Failed spawning the Save First Scan thread: Unable to open file "C:\Documents and Settings\Administrator\My Documents\Cheat Engine\{Long hex string}\ADDRESSES.TMP" |
I get the same error with a different path if I allow it to use a temporary directory instead. I don't know if this is related or helpful, but seemed worth mentioning.
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25296 Location: The netherlands
|
Posted: Sat Aug 01, 2015 10:22 am Post subject: |
|
|
oh, ce's sourcecode was moved to git: https://github.com/cheat-engine/cheat-engine
it has the patches I mentioned
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
vityav Newbie cheater Reputation: 0
Joined: 24 Oct 2014 Posts: 15
|
Posted: Sat Aug 01, 2015 2:15 pm Post subject: |
|
|
Well now I feel silly. Though the website still points to google code. In any case, using the git version makes everything work I now have AoB scripts and pointers that persist between game restarts and behave as expected.
Thanks for all your help and hard work, Dark Byte!
|
|
Back to top |
|
|
|