Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Bypassing Ring0 hooks

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
iPromise
Grandmaster Cheater
Reputation: -1

Joined: 27 Jun 2009
Posts: 529
Location: Canada
PostPosted: Sun Oct 07, 2012 11:25 am    Post subject: Bypassing Ring0 hooks Reply with quote
I do understand that Ring0 hooks are done through kernel mode, but how would you bypass them?

Whats the difference between a Ring0 hook and a Ring3 hook?
Back to top
View user's profile Send private message MSN Messenger
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25833
Location: The netherlands
PostPosted: Sun Oct 07, 2012 12:23 pm    Post subject: Reply with quote
Run in 64-bit windows...

Anyhow, there is no real difference between ring0 and ring3. It's usually just a jump. Note though, that one function might be hooked that calls another hooked function. (e.g KeStackAttachProcess calls KiSwapProcess which isn't exported and was also hooked by some anti cheats like gg)

One of the methods to bypass that is to call an unmodified copy of the whole kernel. (since relative jumps will point to the unhooked copies)
Just make sure the copy is made before the hooks are done.

And another method besides bypassing ring0 hooks is just change hardware registers like CR3.
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites