Cheat Engine with EAC - anti cheat

Post your topics and discussions here that you can't find a good section for.
3qalves3
Novice Cheater
Novice Cheater
Posts: 18
Joined: Tue Sep 28, 2021 4:40 pm
Reputation: 1

Cheat Engine with EAC - anti cheat

Post by 3qalves3 »

Anyone know a method to use 100% of cheat engine in games which use EAC anti cheat?

aSwedishMagyar
Table Makers
Table Makers
Posts: 670
Joined: Mon Jul 06, 2020 3:19 am
Reputation: 1190

Re: Cheat Engine with EAC - anti cheat

Post by aSwedishMagyar »

For Hero Siege all you have to do is run the executable from the main directory.

3qalves3
Novice Cheater
Novice Cheater
Posts: 18
Joined: Tue Sep 28, 2021 4:40 pm
Reputation: 1

Re: Cheat Engine with EAC - anti cheat

Post by 3qalves3 »

The main problem is my char and items are saved on steam cloud, when i run the executable direcly i cant load my chars
For some reason i can use Cheat engine only for scan, edit memory, acess what write/read but i cant inject a code
it's annoying since a guy ansxx updated your table in Hero Siege post and i cant use it on single player with EAC
I compare the instructions and bytes and all are the same. Nothing has change in the region where he inject the code, but the EAC is blocking it in someway

User avatar
SunBeam
Administration
Administration
Posts: 4703
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Cheat Engine with EAC - anti cheat

Post by SunBeam »

From what I'm reading, the game can be run without EAC directly from the executable, but you probably miss an argument or something that initializes Steam. That's all. And since you've tried a or b, you're not very convinced you've tried "everything"... Please try harder.

EDIT: You owe me 6$, as I had to buy the game to demonstrate the below :)

The method below is NOT A BYPASS FOR ONLINE PLAY! It's aimed at just disabling EAC for SINGLE PLAYER PURPOSES!

1) Download [Link]. Click the big green button. At the time of the post, the snapshot I'm looking at is snapshot_2022-09-25_14-55.zip.

2) Extract the content of the release folder in the ZIP to a folder of your choice on disk (e.g.: D:\x64dbg).

Image

Image

3) Run x96dbg.exe and click Yes, No, Yes:

Image

4) Go to game folder (e.g.: G:\SteamLibrary\steamapps\common\HeroSiege\bin). Right-click start_protected_game.exe and 'Debug with x64dbg'. You will see this:

Image

5) Click 'Symbols', then check the list on the left-side. Right-click 'start_protected_game.exe' and 'Follow in Disassembler' (or press Enter key after you've clicked on the line with 'start_protected_game.exe'):

Image

5) Ctrl+G > :$1A9F8. Then press F2. It should now look like this:

Image

6) Press Shift+F9 keys twice. You should now be at the breakpoint:

Image

7) You now want to double-click on EAX register in the right tree and change it from value 3 to value 2:

Image

You will now see the JMP branch has changed and flow will execute the function immediately beneath the JMP.

8) Press Shift+F9 3 times and you'll see EAC erroring. Wait 3-5s more and you'll see the EAC window dying, 'start_protected_game.exe process terminating in x64dbg and the game window showing up :D

What the above accomplishes is to force EAC to run the "I can't connect to download server" branch. Which is == if no connection, then run the game :P

Image

Image

BR,
Sun

User avatar
SunBeam
Administration
Administration
Posts: 4703
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Cheat Engine with EAC - anti cheat

Post by SunBeam »

I did a bit of research, looking for some examples of proxy DLLs -- namely the ones 'start_protected_game.exe' imports -- and found this:

[Link]

[Link]

So I said "let's give it a go".

Download the latest release:

Image

Then from the ZIP extract to game folder (e.g.: G:\SteamLibrary\steamapps\common\HeroSiege\bin) the following:
  • Koaloader-v2.4.0.zip\msimg32-32\msimg32.dll
  • Koaloader-v2.4.0.zip\Koaloader.json
Why? Because our exe imports 'msimg32.dll'. So we'll use this as our automatic loader ;)

Image

Now open Koaloader.json and paste this in:

Code: Select all

{
  "logging": false,
  "targets": [
    "start_protected_game.exe"
  ],
  "modules": [
    {
      "path": "Lyptus32.dll"
    }
  ]
}
Now, we want to bring in the x86 library that will DO THE PATCHING, called Lyptus. Which can be found in same user's repository, here:

[Link]

Download the latest release:

Image

Extract 'Lyptus32.dll' and 'Lyptus.json' to game folder. Open the .json file and paste this in (overwrite everything):

Code: Select all

{
  "logging": true,
  "patches": [
    {
      "name": "Patch #1 (force leap to CreateProcess)",
      "pattern": "0FB680????????FF2485????????FFB6????????8B86",
      "offset": 0,
      "replacement": "31C09090909090",
      "enabled": true,
      "required": false
    },
    {
      "name": "Patch #2 (force leap to ExitProcess(0))",
      "pattern": "80BE????????000F85????????8B86????????8BB6????????6A3089",
      "offset": 0,
      "replacement": "6A00E8322E0400",
      "enabled": true,
      "required": false
    }	
  ]
}
What the above does is to patch that EAX to 0 (I did some more testing and found 0 to be a more appealing value), then, once the CreateProcess is run, to immediately jump to ExitProcess with arg 0. This will kill 'start_protected_game.exe'.

So now, when you start the game from Steam, you'll see the EAC launcher for 0.5-1s, then, like earlier, in 2-3s time the game window will show up :)

There you have it, a loader+patcher and I didn't have to code anything this time around ;)

Note that if the game updates, so will 'start_protected_game.exe' file. Meaning the patches above have to be recalculated based on the new file. They can easily be fixed, unless the EAC devs change the exe code radically. You've been warned.

P.S.: The loader/patcher author has some other NICE stuff in his repositories. Be sure to check it out :P

3qalves3
Novice Cheater
Novice Cheater
Posts: 18
Joined: Tue Sep 28, 2021 4:40 pm
Reputation: 1

Re: Cheat Engine with EAC - anti cheat

Post by 3qalves3 »

ohh fk very nice jobb =D

Please let me know what method do you prefer i pay you 6$ for the cost of the game

User avatar
Csimbi
RCE Fanatics
RCE Fanatics
Posts: 878
Joined: Sat Apr 29, 2017 9:04 pm
Reputation: 1203

Re: Cheat Engine with EAC - anti cheat

Post by Csimbi »

SunBeam wrote:
Wed Sep 28, 2022 10:10 pm
P.S.: The loader/patcher author has some other NICE stuff in his repositories. Be sure to check it out :P
Nice, indeed! ;-)
Good find!

User avatar
SunBeam
Administration
Administration
Posts: 4703
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Cheat Engine with EAC - anti cheat

Post by SunBeam »

3qalves3 wrote:
Thu Sep 29, 2022 5:36 pm
ohh fk very nice jobb =D

Please let me know what method do you prefer i pay you 6$ for the cost of the game
I was joking, man :) I did end-up playing a bit of it, so we're good. Looks like a Diablo 2 replica, if you ask me (it's true I've not done any reading about it, so that's that).
Csimbi wrote:
Thu Sep 29, 2022 5:40 pm
SunBeam wrote:
Wed Sep 28, 2022 10:10 pm
P.S.: The loader/patcher author has some other NICE stuff in his repositories. Be sure to check it out :P
Nice, indeed! ;-)
Good find!
Yeah, found it funny that there are a shitload of tools out there no one knows about and I just happened to stumble across one. A mighty good one, actually. The same user has done a LOT of work for store clients (Steam, EGS, Ubisoft) and unlocking DLCs, paid content, etc. Emulators. Each tool in his github repos has a link to a release topic @ cs.rin.ru. Go to those topics, if you're curious or have the time to and witness his greatness ;)

3qalves3
Novice Cheater
Novice Cheater
Posts: 18
Joined: Tue Sep 28, 2021 4:40 pm
Reputation: 1

Re: Cheat Engine with EAC - anti cheat

Post by 3qalves3 »

SunBeam wrote:
Thu Sep 29, 2022 11:27 pm
3qalves3 wrote:
Thu Sep 29, 2022 5:36 pm
ohh fk very nice jobb =D

Please let me know what method do you prefer i pay you 6$ for the cost of the game
I was joking, man :) I did end-up playing a bit of it, so we're good. Looks like a Diablo 2 replica, if you ask me (it's true I've not done any reading about it, so that's that).

Btw, have you ever tried hack the hero siege with EAC enable?
Actually, not fully hack, just make a pointer for baseEquip address?
Do you think it would be possible?

User avatar
SunBeam
Administration
Administration
Posts: 4703
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Cheat Engine with EAC - anti cheat

Post by SunBeam »

Hi. No. And please stop asking for ways to bypass EAC in MP. Thanks.

3qalves3
Novice Cheater
Novice Cheater
Posts: 18
Joined: Tue Sep 28, 2021 4:40 pm
Reputation: 1

Re: Cheat Engine with EAC - anti cheat

Post by 3qalves3 »

SunBeam wrote:
Fri Sep 30, 2022 4:35 pm
Hi. No. And please stop asking for ways to bypass EAC in MP. Thanks.
Ok , sorry thank you

User avatar
SunBeam
Administration
Administration
Posts: 4703
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Cheat Engine with EAC - anti cheat

Post by SunBeam »

3qalves3 wrote:
Fri Sep 30, 2022 5:14 pm
SunBeam wrote:
Fri Sep 30, 2022 4:35 pm
Hi. No. And please stop asking for ways to bypass EAC in MP. Thanks.
Ok , sorry thank you
viewtopic.php?f=4&t=20

Alright. Now you know. Cheers.

3qalves3
Novice Cheater
Novice Cheater
Posts: 18
Joined: Tue Sep 28, 2021 4:40 pm
Reputation: 1

Re: Cheat Engine with EAC - anti cheat

Post by 3qalves3 »

totally understood

i havent read that post until now =D

Mefetran
Cheater
Cheater
Posts: 34
Joined: Fri Apr 23, 2021 12:27 am
Reputation: 3

Re: Cheat Engine with EAC - anti cheat

Post by Mefetran »

It doesn't work anymore. Both methods. Or I'm really dumb. Dunno

User avatar
SunBeam
Administration
Administration
Posts: 4703
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Cheat Engine with EAC - anti cheat

Post by SunBeam »

Mefetran wrote:
Sat Oct 08, 2022 5:49 am
It doesn't work anymore. Both methods. Or I'm really dumb. Dunno
That's why I wrote some big ass red text so you see it :) Good luck fixing it; I doubt the devs changed anything in the whole framework...

Post Reply

Who is online

Users browsing this forum: No registered users