[BUYING] anti debugger or table for SC II

Ask about cheats/tables for single player games here
Post Reply
Insterluda
Table Makers
Table Makers
Posts: 83
Joined: Sun Nov 10, 2019 5:02 pm
Reputation: 139

[BUYING] anti debugger or table for SC II

Post by Insterluda »

Hi,

After a half year I'm giving up.
I can't bypass Starcraft II anti-debugger mechanics.
I really need help of a professional.

I buy a table, or the knowledge how to bypass the anti-debugger.


The only benefit of my hard work is; I'm better at using Cheatengine.

via PM. Discord,. etc.
I'm not a scamming scum bag on the internet, I will greatly pay you for your work.

User avatar
SunBeam
Administration
Administration
Posts: 4932
Joined: Sun Feb 04, 2018 7:16 pm
Reputation: 4630

Re: [BUYING] anti debugger or table for SC II

Post by SunBeam »

..you and the whole world. The game's strong feat isn't the anti-debug, but the obfuscated code.

Cheater69
Expert Cheater
Expert Cheater
Posts: 136
Joined: Tue May 16, 2017 2:41 am
Reputation: 13

Re: [BUYING] anti debugger or table for SC II

Post by Cheater69 »

This is very sad actually. How desperate can someone be to buy cheats for a specific video game?

Insterluda
Table Makers
Table Makers
Posts: 83
Joined: Sun Nov 10, 2019 5:02 pm
Reputation: 139

Re: [BUYING] anti debugger or table for SC II

Post by Insterluda »

SunBeam wrote:
Fri Apr 10, 2020 1:05 am
..you and the whole world. The game's strong feat isn't the anti-debug, but the obfuscated code.
[Before you read this you should know I invest several hours every day in memory hacking]

Hi,
Well Warden is since 1.15.2 integrated in Starcraft I (17.01.2008, and starcraft II release in 2010 ) and still there where memory hacks eze available because the internal value was at this time not encrypted.
At my current research its not 100% sure that Warden crashes the game when you attach the debugger.
There were tables from 2019 with unlimited resources, god mode etc. so there has to be away arround the anti-debugger.

Yes, it's an obfuscated code, but I still reach to the encrypted values that is effecting my minerals and I can frezze them for unlimitied mineralz, but it's everytime a lot of work untill I reach the correct enrypted values.

SC II stores the collection for the current session, not chaning anything while you're playing.
If you are familar with memory hacking there ways to handle this.
finding the encrypted value (possible) and use "Find out what writes to this address"(Which is not possible, cuz it needs debugger)
backtracing and manipulation the stack is not a big thing, its the fucking anti-debugger that crashes the game.

Many games are using such a method, there are even 16 XOR keys+++ but its possible if you can attach the debugger.


I'm not expierenced enough to write my own cheat bypass for Starcraft II.
I don't even know where to start, or how to collect data about the crashes.
I'm still learning more and more about CE.

Insterluda
Table Makers
Table Makers
Posts: 83
Joined: Sun Nov 10, 2019 5:02 pm
Reputation: 139

Re: [BUYING] anti debugger or table for SC II

Post by Insterluda »

Cheater69 wrote:
Fri Apr 10, 2020 1:13 am
This is very sad actually. How desperate can someone be to buy cheats for a specific video game?
Hi,
I am not a bloodsucker like other people who always ask for help, but cannot give anything themselves.
If I can support them with money and they support me with their knowledge, I find it legitimate.

I work every day to get better at Cheatengine.
Since English is not my native language I need some extra time.
The category memory hacking is very large and many functions I do not yet understand one hundred percent, but I am learning.
To write a cheat bypass requires a knowledge of what I can only dream of at the moment.

User avatar
Csimbi
RCE Fanatics
RCE Fanatics
Posts: 933
Joined: Sat Apr 29, 2017 9:04 pm
Reputation: 1320

Re: [BUYING] anti debugger or table for SC II

Post by Csimbi »

Insterluda wrote:
Fri Apr 10, 2020 2:46 pm
I'm not expierenced enough to write my own cheat bypass for Starcraft II.
I don't even know where to start, or how to collect data about the crashes.
I'm still learning more and more about CE.
Seems to me you've already solved it [Link].

Xetal
What is cheating?
What is cheating?
Posts: 1
Joined: Sun Nov 28, 2021 6:13 pm
Reputation: 0

Re: [BUYING] anti debugger or table for SC II

Post by Xetal »

Hello there friend. I love this game. I remember Zynastor aka Valiant Chaos who made the BEST cheat for sc1 and sc2.
Also, I have dew's source code for sc2's map hack... This method became detected, and it's for wings of liberty. The engine changed alot since.

Back in the day, people launched the game in 32 bits (option inside of b.net launcher), and they loaded the game with Ollydbg. Ollydbg is by far the best debugger in the planet, when it comes to being able to change cpu instructions on the fly while the process is running. Also, they used to use scylla hide plugin to hide the debugger.

Then we used to share warden dumps in d3scene (real website is long gone, the current site is all spam crap for cheats)... Today, you can use Vuno's software to hack if you wish, and there are a few other external ones, like Aina's ... Vuno has a website, but the rest are just obscure hard to find... Vuno is the current best by far, and I have the feeling vuno is valiantChaos with another name, dont quote me on that though.

The code below cam be used with MASM, I hope it helps you to find how the maphack is done, it might help you on what you are looking for when you are able to debug the game:

Code: Select all

.486
.model flat, stdcall
option casemap: none

include \masm32\include\windows.inc
include \masm32\include\masm32.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
include \masm32\include\gdi32.inc
include \masm32\include\debug.inc
includelib \masm32\lib\masm32.lib
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\gdi32.lib
includelib \masm32\lib\debug.lib

include Tools.inc
include Game.inc

thread_Hotkeys proto :DWORD, :DWORD, :DWORD
thread_Callback proto :DWORD, :DWORD, :DWORD
thread_Hook proto

.data

	szWindow	     db "StarCraft II", 0

.data?

	thread_HookID	     dd ?
	thread_HotkeysID     dd ?

.code

DllEntryPoint proc   hInstDLL:DWORD, lpReason:DWORD, lpReserved:DWORD
   ; This code is executed when our DLL is loaded.

	mov eax, lpReason
	.if (eax == DLL_PROCESS_ATTACH)

	    ; Check that the game version is correct.
	    mov eax, hook_Maphack_01
	    mov al, byte ptr [eax]
	    mov bl, byte ptr [h01_Reset]
	    .if (al != bl)
		ret
	    .endif

	    ; Set up the hooking thread.
	    invoke CreateThread, NULL, 0, addr thread_Hook, 0, 0, addr thread_HookID

	.endif
	ret

DllEntryPoint endp


thread_Hotkeys proc   nCode:DWORD, wParam:DWORD, lParam:DWORD
   ; Hotkey callback thread.

	push eax
	mov eax, lParam
	or eax, 00FFFFFFh
	.if (nCode == HC_ACTION && eax != 0C0FFFFFFh)

	    .if (wParam == VK_F5)

		.if (mState == 00h)

			; Change to full mode.
			invoke Tools_PatchMemory, hook_Maphack_01, addr h01_Reset, 6
			invoke Tools_PatchMemory, hook_Maphack_02, addr h02_Full, 2
			mov mState, 01h

		.elseif (mState == 01h)

			; Change to shared vision mode.
			invoke Tools_PatchMemory, hook_Maphack_01, addr h01_Shared, 6
			invoke Tools_PatchMemory, hook_Maphack_02, addr h02_Reset, 2
			mov mState, 02h

		.elseif (mState == 02h)

			; Change to enemy vision mode.
			invoke Tools_PatchMemory, hook_Maphack_01, addr h01_Enemy, 6
			invoke Tools_PatchMemory, hook_Maphack_02, addr h02_Reset, 2
			mov mState, 03h

		.elseif (mState == 03h)

			; Turn off the maphack.
			invoke Tools_PatchMemory, hook_Maphack_01, addr h01_Reset, 6
			invoke Tools_PatchMemory, hook_Maphack_02, addr h02_Reset, 2
			mov mState, 00h

		.endif

	    .endif

	.endif
	pop eax
	invoke CallNextHookEx, thread_HotkeysID, nCode, wParam, lParam
	ret

thread_Hotkeys endp


thread_Hook proc
   ; Hook setting thread.

	; Show the ad.
	invoke MessageBox, NULL, CTEXT("CLOSE THIS WINDOW FIRST--Press F5 to activate after closing this window,/"), CTEXT("CLOSE THIS WINDOW TO ACTIVATE"), MB_OK

	; Get the device context.
	invoke Tools_GetDeviceContext, addr szWindow

	; Get the process ID.
	invoke FindWindow, 0, addr szWindow
	.if (eax == 0)
	    invoke FindWindow, addr szWindow, 0 ;korean/taiwan client fix
	.endif
	invoke GetWindowThreadProcessId, eax, 0

	.if (eax != 0)

	    ; Set the hotkey hook.
	    invoke SetWindowsHookEx, WH_KEYBOARD, addr thread_Hotkeys, NULL, eax

	    ; Save our thread handle and sleep.
	    mov thread_HotkeysID, eax
	    invoke Sleep, -1

	.endif

thread_Hook endp


End DllEntryPoint

Code: Select all

Game_TextOut proto :DWORD, :DWORD, :DWORD, :DWORD

.data

	; Maphack state.
	mState		       db 00h

	; Maphack hooks.
	hook_Maphack_01        dd 00A5C6D9h
	hook_Maphack_02        dd 00A5C6DFh

	; Maphack data.
	h01_Shared	       db 0B3h, 02h, 90h, 90h, 90h, 90h
	h01_Enemy	       db 0B3h, 03h, 90h, 90h, 90h, 90h
	h01_Reset	       db 8Ah, 1Dh, 0Ch, 2Dh, 5Ah, 01h
	h02_Full	       db 0EBh, 09h
	h02_Reset	       db 3Ah, 1Dh


.code


Game_TextOut proc   lpX:DWORD, lpY:DWORD, lpText:DWORD, lpLen:DWORD
   ; Displays text at specific coordinates in-game.

	pushad
	mov ebx, hdcDevice
	invoke TextOut, ebx, lpX, lpY, lpText, lpLen
	popad
	ret

Game_TextOut endp

Code: Select all

Tools_PatchMemory proto :DWORD, :DWORD, :DWORD
Tools_SetHook proto :DWORD, :DWORD
Tools_MoveString proto :DWORD, :DWORD
Tools_GetDeviceContext proto :DWORD

.data?

	hdcDevice	dd ?
	hWindow 	dd ?

.code


Tools_PatchMemory proc	 lpOffset:DWORD, lpData:DWORD, lpLen:DWORD
   ; Patches specific memory locations of variable length.

	LOCAL lpOld:DWORD

	; Give write permissions to the memory location.
	invoke VirtualProtect, lpOffset, lpLen, PAGE_EXECUTE_READWRITE, addr lpOld

	.if (eax != 0)

	    ; Write our data and return to the old permissions.
	    invoke RtlMoveMemory, lpOffset, lpData, lpLen
	    invoke VirtualProtect, lpOffset, lpLen, lpOld, addr lpOld

	.endif
	ret

Tools_PatchMemory endp


Tools_SetHook proc   lpFrom:DWORD, lpTo:DWORD
   ; Sets up a jump to our internal code.

	LOCAL lpJump:DWORD

	push ecx
	push ebx
	mov ecx, lpFrom
	mov ebx, lpTo
	add ecx, 05h
	sub ebx, ecx
	lea ecx, lpJump
	mov byte ptr [ecx], 0E9h
	mov dword ptr [ecx+1], ebx
	invoke Tools_PatchMemory, lpFrom, addr lpJump, 5
	pop ebx
	pop ecx
	ret

Tools_SetHook endp


Tools_MoveString proc	lpDest:DWORD, lpSource:DWORD
   ; Moves and terminates a string in memory.

	push ecx
	push ebx
	push edx
	mov ebx, lpDest
	mov ecx, lpSource
	.while (byte ptr [ecx] != 00h)
		mov dl, byte ptr [ecx]
		mov byte ptr [ebx], dl
		inc ecx
		inc ebx
	.endw
	mov byte ptr [ebx], 00h
	pop edx
	pop ebx
	pop ecx
	ret

Tools_MoveString endp


Tools_GetDeviceContext proc   szWindow:DWORD
   ; Returns and stores a device context.

	push eax
	mov eax, szWindow
	invoke FindWindow, 0, eax
	invoke GetDC, eax
	mov hdcDevice, eax
	pop eax
	ret

Tools_GetDeviceContext endp
If you want to work together, we are working on Battleye Bypass, EAC Bypass, etc...
Discord: Xetal#8135

I am an not an extreme expert neither... Ever since the ring0 anti cheats came about, the whole hobby became not fun, and very time consuming...

SoppingClam
Noobzor
Noobzor
Posts: 8
Joined: Fri Aug 12, 2022 1:17 pm
Reputation: 1

Re: [BUYING] anti debugger or table for SC II

Post by SoppingClam »

Hi guys, I am happy to release my version for Online matches only. It is unable to be detected by any cheat detectors and it never will be possible.

However, I will disable anything to do with speed changes and anything that could get people banned by being greedy. Such as auto build and attack feature. Since, I have created it for every current map.

Basically, ability to show what the enemy is building, units, unit overall worth, removed fog of war, current live use of resources, show any chat discussions from the enemy team, mouse clicks. Also, when attacking units there are 3 options to have units move to dodge rockets etc. It also reflects with increases to on your overall APM. Just have to have the units highlighted

I Also, can enable a feature for recommended counters or basically an auto build and win conditions that are map specific that run live. After 200 games tested in Diamond + I have a 100% success rate. With no one suspecting a thing.

My only concern is, is people get caught using it incorrectly, or tell people it ruins it for everyone else this would annoy me. Therefore, would like to release it to people that have contributed here.

I do not want any money for it. That said, if you want me to individually provide it to you and give hints, happy to do so if you donate to a charity like the salvation army.

Post Reply

Who is online

Users browsing this forum: asmodeusPT, frankieyim, qwertyuiop111asd