Red Dead Redemption 2

Post your topics and discussions here that you can't find a good section for.
Post Reply
User avatar
SunBeam
Administration
Administration
Posts: 3076
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 1499

Red Dead Redemption 2

Post by SunBeam » Thu Nov 07, 2019 4:42 pm

Hello folks,

Been hearing about this game that there's some anti-cheat in place and decided to create this topic for free discussions on the matter. STN has been kind enough to let me try out the game (112 GB?!?!? dafuq). So here's my several observations after 10-20 minutes of game run:

a) while riding that horse in the beginning through the storm I can say the textures weren't properly loaded in some places, whereas moon rays were solid instead of transparent and blocks of white shit were up across the map, which you could walk into; later on, it all got clear; not to mention the default settings were set to Ultra, which basically reduced my resolution to compensate for the GFX RAM.. seriously, Rockstar..

b) the EP and some functions in the game are using something similar to what I've experienced with Blizzard's Battle.net.dll a few years ago; they use the same method for mutating jumps that I've seen with Blizzard:

Image

Code: Select all

00007FF61B4BC509 | 8B05 BE9FB6FF                          | MOV EAX,DWORD PTR DS:[7FF61B0264CD]                               |
00007FF61B4BC50F | 8B15 2681ECFF                          | MOV EDX,DWORD PTR DS:[7FF61B38463B]                               |
00007FF61B4BC515 | 3BC2                                   | CMP EAX,EDX                                                       |

Code: Select all

00007FF61B4BC550 | 48:0F46D8                              | CMOVBE RBX,RAX                                                    |
The CMOVBE above with the 2 addresses in RBX and RAX replaces a JBE:

Image

Whereas one or the other destination is hit based on the result of the CMOVBE. Pretty much in the form of "if rbx>=rax, then hit dest_1; else hit dest_2".

In short:

Code: Select all

mov [RDR2_dumped.exe+61064CD],edx
mov eax,[RDR2_dumped.exe+61064CD]
mov edx,[RDR2_dumped.exe+646463B]
cmp eax,edx
jbe RDR2_dumped.exe+67968C4
jmp RDR2_dumped.exe+6CEA788
c) the game suddenly crashed when loading a map, saying this:

Image

I had previously dumped the .exe to disk. To my surprise, it seems like they check for the folder integrity :D Stupid check, seriously. But that's their way of stopping proxy DLLs :)

d) apparently, you can't name horses or whatever.. cuss.. in-game:

Image

More to follow. Add your own shit to the discussion ;)

BR,
Sun

User avatar
SunBeam
Administration
Administration
Posts: 3076
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 1499

Re: Red Dead Redemption 2

Post by SunBeam » Thu Nov 07, 2019 5:17 pm

As far as the anti-breakpoint mechanism, it's identical to the one used by Blizzard in their early days: INT3, UD2, etc. + regular anti-attach. Will post a script later that deals with this so you can trace with CE :P

sebastianyyz
Expert Cheater
Expert Cheater
Posts: 136
Joined: Sun Jul 09, 2017 3:33 am
Reputation: 8

Re: Red Dead Redemption 2

Post by sebastianyyz » Thu Nov 07, 2019 5:25 pm

112GB? WTF. That's a lot. Thank you SunBeam. I will buy the game when it is released on Steam, and don't worry, if the game gets updates by that time, I will not be bitching about it like other people.

User avatar
SunBeam
Administration
Administration
Posts: 3076
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 1499

Re: Red Dead Redemption 2

Post by SunBeam » Thu Nov 07, 2019 10:28 pm

Tested this out with Dark Byte: make sure you "attach debugger to process" instead of open process + F5. That way the game won't crash, even with F5 tracing/stepping through code :) Yes, VEH.

User avatar
The Mogician
Table Makers
Table Makers
Posts: 517
Joined: Sat Mar 04, 2017 12:00 am
Reputation: 243

Re: Red Dead Redemption 2

Post by The Mogician » Fri Nov 08, 2019 2:48 pm

I heard somewhere that this game has some similar stuff compared to GTAV when it comes to data structures, not sure how true it is though.
Per aspera ad astra

User avatar
SunBeam
Administration
Administration
Posts: 3076
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 1499

Re: Red Dead Redemption 2

Post by SunBeam » Fri Nov 08, 2019 4:01 pm

Yeaps, there's a topic on UC where you can read more. Google it up. If you can't find it, I'll PM it to you (UC links are prohibited here).

jj4756
What is cheating?
What is cheating?
Posts: 4
Joined: Wed Nov 20, 2019 4:00 pm
Reputation: 0

Re: Red Dead Redemption 2

Post by jj4756 » Wed Nov 20, 2019 4:17 pm

Would game clock modification ( Speed hack down to 0.4 ) cause any unwarranted issues with game input/memory ? Seems like everytime I slow down the game and returning to normal speed really jams the control making the player unable to walk forward as if blocked by an invisible barrier.

User avatar
SunBeam
Administration
Administration
Posts: 3076
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 1499

Re: Red Dead Redemption 2

Post by SunBeam » Mon Dec 02, 2019 9:43 am

jj4756 wrote:
Wed Nov 20, 2019 4:17 pm
Would game clock modification ( Speed hack down to 0.4 ) cause any unwarranted issues with game input/memory ? Seems like everytime I slow down the game and returning to normal speed really jams the control making the player unable to walk forward as if blocked by an invisible barrier.
^ If you've already detected such a behavior, why not stop doing it? We won't assist with "bypassing" this, considering all the anti-debug implemented in the game's protection. And no, don't really care why you need that speed-hack for. You'll have to manage. Kindly stop spamming this nuisance everywhere you can. I read it once in the game's topic, no need to post in another topic to attract attention; you'll get the exact opposite reaction. Yeah, I know I'm rude - just to cover all possible replies from you. Anything else?

Post Reply

Who is online

Users browsing this forum: BoehserOnkel, wangyi