Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


ScyllaHideCE - hide CE in usermode

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Source -> Plugin development
View previous topic :: View next topic  
Author Message
reverser69
Expert Cheater
Reputation: 0

Joined: 03 Sep 2014
Posts: 112
PostPosted: Thu May 30, 2024 4:17 am    Post subject: ScyllaHideCE - hide CE in usermode Reply with quote
hi all

cheat engine is really stealthy in kernel mode but we still cant start a process using CE debug modules except for windows debugger (AFAIK) and that is detected easily.
i wanted to debug a game from entry point in CE environment and i couldn't, so decided to port ScyllaHide.

i really appreciate any information on how "break on entry" could be implemented in DBVM debugger.

ScyllaHideCE:
hxxps://github.com/Abbas-MG/ScyllaHide
Back to top
View user's profile Send private message  
Dark Byte
Site Admin
Reputation: 468

Joined: 09 May 2003
Posts: 25712
Location: The netherlands
PostPosted: Thu May 30, 2024 2:41 pm    Post subject: Reply with quote
you could try the windows debugger to create the process and suspend it, and then use another CE setup DBVM debugging. When done close the CE that had the windows debugger attached. it should release the debugger and subsequent breakpoints should happen on the DBVM debugger

Or you could use CreateProcessA with the CREATE_SUSPENDED process creation flag. One issue is that modules won't show up in CE at that point, but just do a memory scan for 4 byte 0x00905a4d on all memory with a memory alignment of 10000 to find all the loaded modules (the target process and ntdll)
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger 
ICQ Number
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine Source -> Plugin development All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites