 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
kostya555
Advanced Cheater
![]() Reputation: 0
Joined: 04 Apr 2013
Posts: 55
|
 Posted: Thu Nov 05, 2015 11:03 am Post subject: Re: |
 |
|
| What code do where to get them, send me. I don't understand much. Can you give an example with the introduction of the security code. When you show the steps please. I will be very grateful to all for the help...
|
|
| Back to top |
|
 |
Rydian
Grandmaster Cheater Supreme
 Reputation: 31
Joined: 17 Sep 2012
Posts: 1358
|
| Posted: Thu Nov 05, 2015 11:48 am Post subject: |
|
|
If you can't figure it out then chances are the trainers you make aren't worth protecting anyways.
I sound like an ass in this thread, but...
_________________
|
|
| Back to top |
|
|
kostya555
Advanced Cheater
![]() Reputation: 0
Joined: 04 Apr 2013
Posts: 55
|
| Posted: Thu Nov 05, 2015 11:52 am Post subject: Re: |
|
|
| I wanted your take enter what protection I don't know. The trainers normally do. You can protect the table from Decompiller. I just want to know how.
|
|
| Back to top |
|
|
Rydian
Grandmaster Cheater Supreme
Reputation: 31
Joined: 17 Sep 2012
Posts: 1358
|
| Posted: Thu Nov 05, 2015 1:55 pm Post subject: |
|
|
Sure, you can protect a trainer from a decompiler.
Just like games can protect themselves from debugging, right?
Oh wait no. You can make it more annoying, but you cannot stop it.
_________________
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
 Reputation: 218
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Thu Nov 05, 2015 2:13 pm Post subject: |
|
|
To break compatibility with that simple "Decompiller" you mentioned, use this patch, and compile CE yourself (look at "Cheat Engine Source" forum section)
One of many possible modifications for CE6.4:
| Code: | Index: OpenSave.pas
===================================================================
--- OpenSave.pas (revision 1672)
+++ OpenSave.pas (working copy)
@@ -1173,24 +1173,24 @@
for i:=f.Size-2 downto 0 do
m[i]:=m[i] xor m[i+1];
- k:=$ce;
+ k:=$cd;
for i:=0 to f.size-1 do
begin
m[i]:=m[i] xor k;
- inc(k);
+ inc(k,2);
end;
- getmem(p,6);
- copymemory(p,m,5);
- p[5]:=#0;
- if p='CHEAT' then
+ getmem(p,8);
+ copymemory(p,m,7);
+ p[7]:=#0;
+ if p='BRICKED' then
begin
//new storage method
- f.Position:=5; //skip "CHEAT" header
+ f.Position:=7; //skip "CHEAT" header
d:=Tdecompressionstream.create(f,true);
@@ -1256,8 +1256,8 @@
f.LoadFromFile(filename);
f2:=tmemorystream.create;
- s:='CHEAT';
- f2.Write(s[1], 5);
+ s:='BRICKED';
+ f2.Write(s[1], 7);
c:=Tcompressionstream.create(clmax, f2,true);
@@ -1268,13 +1268,13 @@
f.free;
- k:=$ce;
+ k:=$cd;
m:=f2.Memory;
for i:=0 to f2.Size-1 do
begin
m[i]:=(m[i] xor k);
- inc(k);
+ inc(k,2);
end;
for i:=0 to f2.Size-2 do
|
It will create CETRAINER files which will work only with that version of CE.
Since I gave you the above patch, anyone can again decompile it, by just using Lazarus (IDE used to compile cheatengine)
_________________
|
|
| Back to top |
|
|
kostya555
Advanced Cheater
![]() Reputation: 0
Joined: 04 Apr 2013
Posts: 55
|
| Posted: Thu Nov 05, 2015 2:20 pm Post subject: Re |
|
|
| And you can throw already patched the file in "OpenSave.pas" to me in PM. I just can't figure where to fit it and replace...
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 218
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Thu Nov 05, 2015 2:31 pm Post subject: |
 |
|
I could send you cheatengine-x86_64.exe and cheatengine-i386.exe files with different patch.
then you will "copy & paste & replace" them in your original CE installation folder.
From now on, you won't be able to open CETRAINER files created with official CE release. From now on, your CETRAINER files won't work for other users. So, you have to release your trainers as EXE files (not the "tiny" one).
Regular guy will receive this:
Many users on this forum (and others) will still be able to extract it (including me). We will just use different method to crack it.
_________________
|
|
| Back to top |
|
|
kostya555
Advanced Cheater
![]() Reputation: 0
Joined: 04 Apr 2013
Posts: 55
|
| Posted: Thu Nov 05, 2015 2:35 pm Post subject: Re: |
|
|
Installed Lazarus, I'm confused, I can't understand what they need to do, where to change and what to patch.
If you will not be difficult then could you throw me this file in PM. I would be very grateful...
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 218
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Thu Nov 05, 2015 3:02 pm Post subject: |
|
|
OK. Your funeral. You have been warned. It will only stop the lazy ones.
_________________
|
|
| Back to top |
|
|
kostya555
Advanced Cheater
![]() Reputation: 0
Joined: 04 Apr 2013
Posts: 55
|
| Posted: Thu Nov 05, 2015 3:12 pm Post subject: Re: |
|
|
If I only know how to use this program. I downloaded, installed, launched, and then nothing can not understand what to do there need.
 [/img]
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 218
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Thu Nov 05, 2015 3:17 pm Post subject: |
|
|
@kostya555, sent.
_________________
|
|
| Back to top |
|
|
kostya555
Advanced Cheater
![]() Reputation: 0
Joined: 04 Apr 2013
Posts: 55
|
| Posted: Thu Nov 05, 2015 3:26 pm Post subject: Re: |
|
|
| mgr.inz.Player wrote: | | @kostya555, sent. |
Thank you very much! Look in PM.
|
|
| Back to top |
|
|
mgr.inz.Player
I post too much
Reputation: 218
Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00
|
| Posted: Thu Nov 05, 2015 3:28 pm Post subject: |
|
|
@kostya555, no problem. It's nothing.
@Shrooms, why not. release it in Crackmes subforum:
http://forum.cheatengine.org/viewforum.php?f=39
Create a trainer, post it there, advertise it, ask people to crack/extract/rip/analyse your trainer.
You can even embed an "easter egg" or "secret message".
_________________
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 199
Joined: 25 Jan 2006
Posts: 8518
Location: 127.0.0.1
|
| Posted: Thu Nov 05, 2015 11:06 pm Post subject: |
|
|
| Shrooms wrote: | | so whats the workaround then mr ibm |
It is not that there is a work around, it is that you're talking about doing things from user mode which has very limited abilities to stop other things from happening.
For example, you call VirtualProtect/VirtualProtectEx from user mode to do whatever you feel is needed inside of your app. I can inject a dll into the same app that hooks both APIs and causes your calls to fail.
If you then decide to implement your own hooks on the API, I can just monitor for your hooks and either remove them, override them, or hook your hooks. The point being here, your user mode code will do nothing in terms of protection against someone that is actively defeating your work.
The point here is that I can code a driver the fully make your API calls useless regardless if you hook or not. Which is the point to show that user mode is not the place to be handling security based things. As for your argument on skype that you can just detect my driver, how? I can prevent all methods of user mode API from detecting it. (Look up rootkits if you need to understand how to do that.)
Is there ways to detect things, yes. But from user mode you are going to be one step behind pretty much always.
| STN wrote: | @Shrooms: The workaround is don't use managed code. Go with c++ or assembly and use protections like themida but that is just slowing them down and i don't think you can stop spying on WPM even then.
If it was possible to stop someone completely, don't you think thats what all the big companies would have done to prevent piracy ? when they have more money than they know what to do with. |
I wouldn't recommend Themida anymore as it is entirely defeated with a simple drag and drop script for OllyDbg. Every VM pattern for it is reversed and scripted. Similar to why .NET is not safe as there are drag and drop tools to defeat pretty much every protector out there for it as well as tools like de4dot that remove basic obfuscation.
_________________
- Retired. |
|
| Back to top |
|
|
Rydian
Grandmaster Cheater Supreme
Reputation: 31
Joined: 17 Sep 2012
Posts: 1358
|
| Posted: Fri Nov 06, 2015 12:14 am Post subject: |
|
|
| Shrooms wrote: | | btw, just for you tards, I will after this release put up a challange to prove u Rydian cannot crack my shit. |
I'm not saying that I can get your original code or anything.
I'm saying I don't need to.
Here's some of the games I have installed right now on Steam.
AdVenture Capitalist, Aquaria, Bastion, The Binding of Isaac, Borderlands, Borderlands 2, Borderlands Pre-Sequel, Cave Story+, FTL: Faster Than Light, La-Mulana, Rogue Legacy, Terraria, Torchlight, Torchlight II, Undertale, VVVVVV
Make a trainer for one of them, and I will replicate the important part of what you did.
Because all I have to do is scan the game for changes... and then replicate them, blindly copying bytes if needed.
_________________
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
