Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Game reloading it's own code

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking
View previous topic :: View next topic  
Author Message
Noobrzor
Advanced Cheater
Reputation: 0

Joined: 19 May 2014
Posts: 74

PostPosted: Wed May 04, 2016 3:32 pm    Post subject: Game reloading it's own code Reply with quote

Greetings

Dank Souls 3. I inject code. Code works. Suddenly doesn't work. I check out why - my alloc memory is still there, my symbols still registered, but at the spot instead of a jmp newmem as it was supposed to be - the original code is shown.

The game literally reloads it's own code. How to counter that?

Best Regards
Back to top
View user's profile Send private message
hhhuut
Grandmaster Cheater
Reputation: 6

Joined: 08 Feb 2015
Posts: 607

PostPosted: Wed May 04, 2016 3:47 pm    Post subject: Reply with quote

Find the routines/instructions that acutally rewrite the code and nop them.
Back to top
View user's profile Send private message
Noobrzor
Advanced Cheater
Reputation: 0

Joined: 19 May 2014
Posts: 74

PostPosted: Wed May 04, 2016 5:09 pm    Post subject: Reply with quote

Ha, clever! Gonna try it out tomorrow.
Any other ways?
Back to top
View user's profile Send private message
deama1234
Master Cheater
Reputation: 3

Joined: 20 Dec 2014
Posts: 328

PostPosted: Wed May 04, 2016 5:26 pm    Post subject: Reply with quote

I tried to find those instructions, but I couldn't, I used ollyDBG and browsed through the whole lot of it, it's probably in some .dll file or somewhere other than the .exe I think.

Easiest way is to search the AOB of that instruction, change it to what you want, and then freeze it. Since AOBs for instructions are static, you won't have to keep searching for it each time.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 457

Joined: 09 May 2003
Posts: 25262
Location: The netherlands

PostPosted: Wed May 04, 2016 5:54 pm    Post subject: Reply with quote

most likely it's a dll being reloaded

you could use a timer that checks every few seconds if the code has been restored and then rehook

or if windows keeps that dll cached you could use kernelmode read/write process memory in combination with dbk_writesIgnoreWriteProtection(true) which will bypass copy-on-write and affect every process loading that module (again, only if cached)

_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
++METHOS
I post too much
Reputation: 92

Joined: 29 Oct 2010
Posts: 4197

PostPosted: Wed May 04, 2016 8:27 pm    Post subject: Reply with quote

I haven't checked, but perhaps this is what Matze500 and Cielos were working on? I honestly don't know.
Back to top
View user's profile Send private message
Noobrzor
Advanced Cheater
Reputation: 0

Joined: 19 May 2014
Posts: 74

PostPosted: Thu May 05, 2016 2:23 am    Post subject: Reply with quote

All right.

The timer method, while seemngly easiest for me, has a major drawback. If I'll do it too often, it would've been an aobscan every few seconds which surely means some sort of a lag. And if I'll make it, like, a check every minute then there could be a delay between times where the cheat is active or no, leading to blind spots.

It seems I need to check if it's cached or not. Since I don't really know anything, how do I do that?

I thought about doing the first advice, i.e. making a code that checks if there's a jmp newmem or original, and if original then restore to jmp newmem, but if the code that checks and writes the jmp newmem get's reloaded along, then it's all been in vain.

What a pickle.
Back to top
View user's profile Send private message
STN
I post too much
Reputation: 42

Joined: 09 Nov 2005
Posts: 2672

PostPosted: Thu May 05, 2016 5:08 am    Post subject: Reply with quote

Dark souls 3 has a unique anti-cheat where it constantly overwrites its code, not the whole memory but parts which deals with cheats possibly more.

I defeated the checks (there are shitload of them) but still missed some as some are triggered at different time/points in game and you can't trigger them all.

BUT it is incredibly easy to defeat the anti-cheat, there are no checks in that game doesn't crash if you modify the code so just do an overwriting of your own - bam problem solved. Game overwrites after 15 or sometimes more minutes, you can do it 1 minute each or more. There is no noticeable blind spot.

Heck, i tried doing it every second and no lag. Create a thread and inject there, its just a few bytes injection its not going to lag anything. I don't know why its such a big problem, this game's anticheat is a joke and they certainly could have made it harder like some of the other recent games

_________________
Cheat Requests/Tables- Fearless Cheat Engine
https://fearlessrevolution.com
Back to top
View user's profile Send private message
Noobrzor
Advanced Cheater
Reputation: 0

Joined: 19 May 2014
Posts: 74

PostPosted: Thu May 05, 2016 11:00 am    Post subject: Reply with quote

I didn't use cheat engine online and never bothered with any anti cheats Smile
Kind of shameful not to figure it out. Always something to learn.

I'll try it later then, by this point anything to do can be supplemented with a tutorial rather than more question.

I presume topic closed, and thanks for all the replies!

Also, by lag I meant when they would be necessity for an aobscan. But that would only be necessary if the code was shifting around. The overwrite of the code is in the same spot and registered symbols suffice for that.
Back to top
View user's profile Send private message
STN
I post too much
Reputation: 42

Joined: 09 Nov 2005
Posts: 2672

PostPosted: Thu May 05, 2016 11:57 am    Post subject: This post has 1 review(s) Reply with quote

Noobrzor wrote:
I didn't use cheat engine online and never bothered with any anti cheats Smile
Kind of shameful not to figure it out. Always something to learn.

I'll try it later then, by this point anything to do can be supplemented with a tutorial rather than more question.

I presume topic closed, and thanks for all the replies!

Also, by lag I meant when they would be necessity for an aobscan. But that would only be necessary if the code was shifting around. The overwrite of the code is in the same spot and registered symbols suffice for that.


Oh, well the aobscan is pretty blazing fast or you could use hard-coded addresses. I did it using a programming language for my infinity trainer tool but you can easily create a thread in CE and just activate your script after certain time.

I believe the table for ds3 in table section had an anti-anti-cheat method which created a thread to copy whole game memory so you can see how to create a thread in ce. Wish i could help more though unless you want c++ code.

_________________
Cheat Requests/Tables- Fearless Cheat Engine
https://fearlessrevolution.com
Back to top
View user's profile Send private message
Noobrzor
Advanced Cheater
Reputation: 0

Joined: 19 May 2014
Posts: 74

PostPosted: Sun May 08, 2016 4:09 am    Post subject: Reply with quote

Here was a big post about creating thread to automatically rewrite the changed code but I was having problems until I realized.

I can just register symbol and freeze the value in cheat table, not to mention noping overwriting instructions work. Nvm.

Still, can I be gives an example of code that's infinitely looped to rewrite address: jmp newmem every second or so?
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Gamehacking All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites