Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post here (make sure thread doesn't exist first) any type of tutorials: text, images, videos or oriented discussions on specific games. No online-related discussions/posts OR warez!
User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by SunBeam »

Dropping this here. Peace :)



BR,
Sun

User avatar
fantomas
Table Makers
Table Makers
Posts: 1163
Joined: Sat Mar 25, 2017 7:13 pm
Reputation: 552

Re: Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by fantomas »

Nobody could deny of how it is always nice to watch your work - The only thing that keeps me from enjoying it even more is all your s**t and f**k, every two lines.
When I was watching the video I said: "Wow! He speaks normally", it even gave a plus to the video. But sunbeam would not be sunbeam without a little s**t and f**k, would not he?

One day, one day. ;)

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by SunBeam »

Would be nice to listen to it without your mom or wife nearby. Or kids. Your choice :D

TimFun13
Expert Cheater
Expert Cheater
Posts: 1354
Joined: Fri Mar 03, 2017 12:31 am
Reputation: 6

Re: Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by TimFun13 »

I Just started playing this game, so perfect timing for me. Thanks for the video.

fantomas wrote:
Wed Jun 12, 2019 9:39 pm
Nobody could deny of how it is always nice to watch your work - The only thing that keeps me from enjoying it even more is all your s**t and f**k, every two lines.
When I was watching the video I said: "Wow! He speaks normally", it even gave a plus to the video. But sunbeam would not be sunbeam without a little s**t and f**k, would not he?

One day, one day. ;)
It really isn't that bad, he says fuck once and shit once. Plus it actually added ephesus to what he's saying, so it works well. But they are adult words, with adult meaning and feelings.

User avatar
fantomas
Table Makers
Table Makers
Posts: 1163
Joined: Sat Mar 25, 2017 7:13 pm
Reputation: 552

Re: Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by fantomas »

ShyTwig16 wrote:
Wed Jun 12, 2019 11:04 pm
It really isn't that bad, he says fuck once and shit once.
And I applaud his effort, it is exactly what I'm saying in my comment. I put a 9/10. :D

But no intention to offend, of course. Just some people more sensitive than other. Especially in a public and serious forum such like FRF. ;)

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by SunBeam »

You guys crack me up :D :D *claps*

Incoming: "Batman Arkham Knight - Console & CheatManager" - - letting UE3 do the dirty work for us :) ;)

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by SunBeam »

That's what I basically did in MK11. I don't patch the prologue of the thread functions; I just set the thread creation flag to CREATE_SUSPENDED. That way the thread doesn't even start, doesn't eat up CPU and won't even show in the thread list. See here: [Link]. But then again, going full blown patching-style on the game shows what you said: you don't have the time to.

As for the inspiration, it simply came from remembering SneakyMofo did some thread killing in Sniper Elite 4. That pretty much tipped me off into looking for threads' entry points that were mainly VMProtect obfuscated/virtualized code. Killing such a thread (thus trial/error) led me to the video. That's about it. Didn't look high and low for some method :) Like you said.. thinking outside of the box, which we kinda missed back in Unity/Syndicate days.

I did read those Crackdown 3 posts, but at the time, I wasn't both going to use them or interested, as my main target practice was UE4 and what I could get out of it, as well as succeeding in dumping UE4 information to disk from an UWP shielded process. Which I tried in several ways and didn't yet succeed. Had one more thing to try, but then another game surfaced (think it was FC:ND) and so I let it be. I've done enough in Crackdown 3 as well, so yeah...

chrisreddot3
Expert Cheater
Expert Cheater
Posts: 452
Joined: Sun Mar 24, 2019 1:38 am
Reputation: 80

Re: Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by chrisreddot3 »

SunBeam wrote:
Wed Jun 12, 2019 8:02 pm
Dropping this here. Peace :)



BR,
Sun
Ubi just update the game,this thread dont exist anymore,so you can't stop checks in,in this game and no cheat table or trainer works with this game =[

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Re: Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by SunBeam »

:| Seriously now.. the game's got years since it last updated. Ah, that you can't find the SAME address.. that's a different thing. Doesn't mean the game updated.

chrisreddot3
Expert Cheater
Expert Cheater
Posts: 452
Joined: Sun Mar 24, 2019 1:38 am
Reputation: 80

Re: Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by chrisreddot3 »

SunBeam wrote:
Wed Jul 31, 2019 1:09 am
:| Seriously now.. the game's got years since it last updated. Ah, that you can't find the SAME address.. that's a different thing. Doesn't mean the game updated.
I understand,but that's sad :(

Paul44
Table Makers
Table Makers
Posts: 736
Joined: Thu Jul 27, 2017 9:02 am
Reputation: 425

Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by Paul44 »

12587: yep, I recall that 'Sniper 4' trick as well at the time; but that kind of stuff is out-of-my-league anyways. That said: any chances of getting the Id of the thread and having it killed via the CE GUI interface?

Reason I ask: I do not dare touching my table (adding just one additional breakpt makes it very unstable/unreliable); and one can hardly expect gamers to pick up that particular thread...



I did do some research in the mean time, but apparently CE does not (yet) have a method to get that ID. Perhaps it can be done using ASM, but then again we are back to square one... Also: did check upon: 'getThreadlist()' (which only returns a string list; no additional info/props/methods) & 'getHandleList()' (nothing in that list I could link with info from [View ~ Threadlist] ~ I noticed then that 2 threads check that opcode location)

And apparently, it is not straightforward to call a winAPI from within Lua; correct me if I'm wrong?!



see also:

* [ [Link] ]

* [ [Link] ]

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by SunBeam »

[QUOTE="Paul44, post: 136279, member: 7422"]

...

[/QUOTE]



I'll check what you can do with Lua; in theory, the logic would be: get a list of thread ids, get into each thread, get the rip and compare it to a hard-coded address (that should be unique to the executable you use, do note that!). In the video I am showing the thread and the function running in that thread checking the code integrity; that's what should be used as a comparison. Thread entry point. Will return with more feedback; reinstalling Unity to see if my theory works.



EDIT: Theory worked, I now have a nice Lua script that does the job just fine :P Will post it in a bit.
Last edited by SunBeam on Fri May 22, 2020 4:31 pm, edited 1 time in total.

Paul44
Table Makers
Table Makers
Posts: 736
Joined: Thu Jul 27, 2017 9:02 am
Reputation: 425

Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by Paul44 »

^ I did not post on CE yet - see above link - until I get/got some response from here.

I already read that one can easily access C(++) via Lua, but that solution would probably become a drag(on)... There are also some (basic) WinAPI libraries (github andwhatnot), but I do not like to go in that direction either.

Thx for taking the time looking into this, but don't go overboard...

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by SunBeam »

[QUOTE="Paul44, post: 136310, member: 7422"]

^ I did not post on CE yet - see above link - until I get/got some response from here.

I already read that one can easily access C(++) via Lua, but that solution would probably become a drag(on)... There are also some (basic) WinAPI libraries (github andwhatnot), but I do not like to go in that direction either.

Thx for taking the time looking into this, but don't go overboard...

[/QUOTE]



If you hop on Discord, you'll see what I've done :P Else, wait till I post the whole script (with comments).

User avatar
SunBeam
Administration
Administration
Posts: 4704
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4287

Bypassing Integrity Checks in Assassin's Creed Unity & Syndicate

Post by SunBeam »

[QUOTE="Paul44, post: 136315, member: 7422"]

I think Discord is feminin; we don't get along very well :cool:. Anyways: trying to hold up on your reputation, are you? the other day, you said that #Zanzer was from Mars... Neighbours by any chance?

Ahum: awaiting your script...

[/QUOTE]



First-up, use @ in front of a name, if you want to notify them in (which is a Discord feature, in case you didn't know). Secondly, I don't get the statement, if a joke or not, nor when I said that (that he's from Mars). Do remind me, perhaps the context eludes me currently.



In short.. at the time I made the video, I didn't think of any ways to do it from CE. Not to mention how old and not sought-for is this game. So the x64dbg method would suffice. Now that I've read this.. and I remember I wanted to make a CE plugin that allows you to bypass stuff directly upon enabling it.. and didn't work out fine.. I thought "why not give this a go?" :) So there you have it.
Last edited by SunBeam on Thu Jan 01, 1970 12:00 am, edited 2 times in total.

Post Reply

Who is online

Users browsing this forum: No registered users