View previous topic :: View next topic |
Author |
Message |
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Thu Jul 24, 2014 2:24 pm Post subject: android ceserver APK |
|
|
<outdated: http://cheatengine.org/download/Cetest.apk >
it will extract and execute the ceserver binaries for you and output the log to the textfield. (tip: turn off logging when it works. Logging slows it down)
It doesn't have a proper way to terminate the server yet though...
Requires root and preferably disabled selinux _________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping
Last edited by Dark Byte on Sat Feb 07, 2015 8:30 pm; edited 1 time in total |
|
Back to top |
|
|
Radiation Grandmaster Cheater Reputation: 14
Joined: 17 Jun 2009 Posts: 842 Location: Chernobyl
|
Posted: Mon Aug 04, 2014 5:17 am Post subject: |
|
|
thanks, seems to work. better than having to type in commands into the terminal emulator
EDIT:
Works surprisingly well actually
Now if you slowly add features to communicate with the server (ex: speedhack), you are going to produce the next most powerful android memory editor.
Bugs:
Clearing the log and rotating the screen produces the initial log message to reappear. _________________
|
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Tue Aug 05, 2014 3:30 am Post subject: |
|
|
yeah, I should add some stuff when the activity is destroyed(rotating destroys it...). But the server will keep running though, and activating it will just connect to the already existing ceserver so it's not a big issue
I take it you mean local communication with the server ? (e.g the gui on android doing stuff?) I could add that, but i'm not sure. I haven't seen a lot of games that survive switching to another app and then back again without restarting the level
edit: for those wondering: yes, the speedhack does work with ceserver and cheat engine attached to it _________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
Radiation Grandmaster Cheater Reputation: 14
Joined: 17 Jun 2009 Posts: 842 Location: Chernobyl
|
Posted: Wed Aug 06, 2014 4:37 am Post subject: |
|
|
I see, that's not a big problem I guess since the server still works like it should.
Yes, local communication with the server, like sending commands such as setting speedhack, change value of an address to another value, or even advanced options like performing sequential scans.
For me, no apps out there have a working speedhack except ceserver. It works just like on a computer I was using it on an online game and the changed timers stay modified for days unless I swype the app away from the recent menu which ultimately kills the process. As long as the process is alive, speedhack will retain if you switch to other apps, and simply pressing the home button will enable you to do that. Heck, I even tried slowing down systemUI and it worked haha, although it crashed after a minute because it could not respond to user input fast enough.
I see high potential in your project, keep it going _________________
|
|
Back to top |
|
|
abystus Expert Cheater Reputation: 1
Joined: 09 Dec 2010 Posts: 140
|
Posted: Wed Aug 06, 2014 3:55 pm Post subject: |
|
|
So I've been testing this with a Galaxy S3 with logging turned off, and it is hella slow to perform an initial search. Is this sending a search request to the server and the server doing the work then returning results to the client, or is cheat engine continually searching through the network during the entire scan? If the latter is true, then would it be possible to make the server do the search and just return progress and results back to the client (should be a whole lot faster for a search)?
Very nice work btw, I can't wait to see what this setup can accomplish in the future for mobile game hacking (especially if you get a debugger working!). |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Wed Aug 06, 2014 4:07 pm Post subject: |
|
|
For the speed not sure. It is sending the data to ce over the network, but most of it's cpu is eaten up during the copying. If the network speed was the bottleneck then cpu usage shouldn't have been that high(perhaps it's the compression. Try playing with it. It's in the main menu)
Also, there's currently no skipping of useless memory like mapped memory which is normally skipped in windows
The debugger is semi working. Find what accesses/find what writes works, and auto assembler scripts work as well (.so injection is possible as well but not yet implemented for other .so's besides ce's own extention
Note that debugging has only been tested on Tegra based soc's _________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping
Last edited by Dark Byte on Wed Aug 06, 2014 4:23 pm; edited 2 times in total |
|
Back to top |
|
|
abystus Expert Cheater Reputation: 1
Joined: 09 Dec 2010 Posts: 140
|
Posted: Wed Aug 06, 2014 4:14 pm Post subject: |
|
|
Dark Byte wrote: | For the speed not sure. It is sending the data to ce over the network, but most of it's cpu is eaten up during the copying. If the network speed was the bottleneck then cpu usage shouldn't have been that high(perhaps it's the compression. Try playing with it. It's in the main menu)
The debugger is semi working. Find what accesses/find what writes works, and auto assembler scripts work as well (.so injection is possible as well but not yet implemented for other .so's besides ce's own extention |
I'll have a look around the options for compression and see if that helps. Do you plan on having the tables reside on the phone, and the server loading them up instead of having to hook to a PC to cheat when on the go (it seems it is all client side for the table implementation atm)? I'll have a look at the debugger side of things as well when I get a chance (hopefully there is a full ARM assembly display included as well).
Last edited by abystus on Wed Aug 06, 2014 4:20 pm; edited 1 time in total |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Wed Aug 06, 2014 4:20 pm Post subject: |
|
|
For now it's only clientside , but i may make it serverside (assuming the android devices have enough ram for ce's symbolhandler, disassembler and assembler, without it killing the game to make space. In ce it tends to eat up over 100Mb)
And yes, there is a basic ARM disassembler, but no Thumb support, nor the hardware Java support (which android doesn't use anyhow...)
Also check this script for an example of a code injection
http://forum.cheatengine.org/viewtopic.php?t=568068 _________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping
Last edited by Dark Byte on Wed Aug 06, 2014 5:04 pm; edited 1 time in total |
|
Back to top |
|
|
abystus Expert Cheater Reputation: 1
Joined: 09 Dec 2010 Posts: 140
|
Posted: Wed Aug 06, 2014 5:04 pm Post subject: |
|
|
Nice. Seems you have a general plan of action for most of this. Do you plan to support the skipping of useless memory in the future (is it even possible)? Very cool to see Cheat Engine being opened up to a whole new platform while not losing much of its original functionality (or any at all for that matter). Thanks for the info. |
|
Back to top |
|
|
Radiation Grandmaster Cheater Reputation: 14
Joined: 17 Jun 2009 Posts: 842 Location: Chernobyl
|
Posted: Wed Aug 06, 2014 6:28 pm Post subject: |
|
|
before the apk was out, i used the terminal emulator. to make it work faster:
1. grant SU permission. (type su in the terminal)
2. Make sure you're on the same WiFi SSID (if you have a dual-band router, make sure you're on the same band, preferably the 2.4GHz band if you're in the US)
also, i will also try to play around with compression because scanning for values with ceserver does take up a lot of time.
Tried to load a table, but CE client just froze, this is what I got on cetest:
Code: | Welcome to the CEServer test app
Expect it to not work
Trying to fetch ceserver from the package...
stage 1 success
Failure... You're screwed:
java.io.FileNotFoundException: /data/data/org.cheatengine.cetest/ceserver: open failed: ETXTBSY (Text file busy) |
_________________
|
|
Back to top |
|
|
abystus Expert Cheater Reputation: 1
Joined: 09 Dec 2010 Posts: 140
|
Posted: Wed Aug 06, 2014 7:00 pm Post subject: |
|
|
Played with it a bit more when I got home, but ran into a few issues. Seems it would pretty much destroy any application it was scanning (I would have to force close the app even after the server finished the scan or I had cancelled it). Also, I did not see a setting for compression within the server settings (I could not get the setting area of the server to display when clicking the menu). I looked a around in the normal Cheat Engine settings, though I found nothing that jumped out at me about any sort of compression options. As reported before, rotating the phone breaks it, and also it will sometimes drop the connection initially on the first connection made by the client (the open failed: ETXTBSY (Text file busy) error). I'll tinker a bit more with it later when I get some time. |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Wed Aug 06, 2014 7:14 pm Post subject: |
|
|
The first messages are no client/ceserver messages but just local Activity log data (ceserver actually starts from the &s=xxxx line)
ETXTBSY means ceserver is in use, so extracting it from the apk to the data folder failed.
It's no issue as it means it's already extracted, so it's fine(clicking on the "activate service" button will connect to the service that has launched ceserver, assuming it launched it. If something else ran it it'll likely fail to bind the port it needs)
If you wish the log, just make sure the activity is attached to the service, so click on "activate service" when you rotate the screen (or turn of rotating...)
When the gui isn't attached the log messages are discarded(this includes when the gui doesn't have focus)
The settings are in ce's main menu at top(Network->selection). Selecting it will bring up an compression slider(the compression level is specified by the client for each read command, so you can change it during scans)
Make sure you use CE 6.4(Compression was added in 6.4 and the ceserver expects the RPM command to provide a compression level) _________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
Radiation Grandmaster Cheater Reputation: 14
Joined: 17 Jun 2009 Posts: 842 Location: Chernobyl
|
Posted: Wed Aug 06, 2014 8:23 pm Post subject: |
|
|
Dark Byte wrote: | The settings are in ce's main menu at top(Network->selection). Selecting it will bring up an compression slider(the compression level is specified by the client for each read command, so you can change it during scans)
Make sure you use CE 6.4(Compression was added in 6.4 and the ceserver expects the RPM command to provide a compression level) |
to readers: this option is only available after you actually connect to a server. _________________
|
|
Back to top |
|
|
abystus Expert Cheater Reputation: 1
Joined: 09 Dec 2010 Posts: 140
|
Posted: Wed Aug 06, 2014 11:59 pm Post subject: |
|
|
The compression setting definitely sped up all searches including the initial one (any way to save this setting for all network scans?). So I tested a game called "Bubble Burst Free" on the Google Play Store, and found the static (green) address for points was 41FC7958 (I was able to change the value, etc...). So I decided to test "what writes to this address" and "what accesses this address", but it never found anything that accessed it either way. After attaching/stopping the debugger, I was not able to modify the value any longer through the client, but it would receive updates from the phone when the score changed. I tested writing in the memory window, through the address value change prompt, and locking the value, but nothing would alter the value after I had attached the debugger (even after I stopped the debugger). Not sure if this is a one time thing with that game (will need more testing), but it definitely stopped any progress I had going (without restarting the CE Server/Client).
By the way, why exactly does the server crash when the screen rotates (seems it would not affect how the application is running by just changing its orientation)? Needs a little work overall, but definitely shaping up to be a wonderful tool. |
|
Back to top |
|
|
Dark Byte Site Admin Reputation: 458
Joined: 09 May 2003 Posts: 25287 Location: The netherlands
|
Posted: Thu Aug 07, 2014 3:18 am Post subject: |
|
|
I'll see about saving it. Out of curiosity, what compression level did you set it to for best results? (Up from default, down from default?)
Not sure about debugging, it may be a hardware thing, but when i get time i may check that game.
Edit:since you say it was a green address it may be the symbolhandler bug.(when you look at the title it'll say address 00000000)
Add the address to the list manually as hexadecimal only (no sybolnames) and then find what writes/accesses that
The server doesn't crash when you rotate the screen(it keeps running), just the gui activity gets destroyed and recreated in android. It's just the way android works. (I'll add some saving/loading to it in the future) _________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
Back to top |
|
|
|