Hi,
After a half year I'm giving up.
I can't bypass Starcraft II anti-debugger mechanics.
I really need help of a professional.
I buy a table, or the knowledge how to bypass the anti-debugger.
The only benefit of my hard work is; I'm better at using Cheatengine.
via PM. Discord,. etc.
I'm not a scamming scum bag on the internet, I will greatly pay you for your work.
[BUYING] anti debugger or table for SC II
-
- Table Makers
- Posts: 83
- Joined: Sun Nov 10, 2019 5:02 pm
- Reputation: 139
Re: [BUYING] anti debugger or table for SC II
..you and the whole world. The game's strong feat isn't the anti-debug, but the obfuscated code.
Re: [BUYING] anti debugger or table for SC II
This is very sad actually. How desperate can someone be to buy cheats for a specific video game?
-
- Table Makers
- Posts: 83
- Joined: Sun Nov 10, 2019 5:02 pm
- Reputation: 139
Re: [BUYING] anti debugger or table for SC II
[Before you read this you should know I invest several hours every day in memory hacking]
Hi,
Well Warden is since 1.15.2 integrated in Starcraft I (17.01.2008, and starcraft II release in 2010 ) and still there where memory hacks eze available because the internal value was at this time not encrypted.
At my current research its not 100% sure that Warden crashes the game when you attach the debugger.
There were tables from 2019 with unlimited resources, god mode etc. so there has to be away arround the anti-debugger.
Yes, it's an obfuscated code, but I still reach to the encrypted values that is effecting my minerals and I can frezze them for unlimitied mineralz, but it's everytime a lot of work untill I reach the correct enrypted values.
SC II stores the collection for the current session, not chaning anything while you're playing.
If you are familar with memory hacking there ways to handle this.
finding the encrypted value (possible) and use "Find out what writes to this address"(Which is not possible, cuz it needs debugger)
backtracing and manipulation the stack is not a big thing, its the fucking anti-debugger that crashes the game.
Many games are using such a method, there are even 16 XOR keys+++ but its possible if you can attach the debugger.
I'm not expierenced enough to write my own cheat bypass for Starcraft II.
I don't even know where to start, or how to collect data about the crashes.
I'm still learning more and more about CE.
-
- Table Makers
- Posts: 83
- Joined: Sun Nov 10, 2019 5:02 pm
- Reputation: 139
Re: [BUYING] anti debugger or table for SC II
Hi,
I am not a bloodsucker like other people who always ask for help, but cannot give anything themselves.
If I can support them with money and they support me with their knowledge, I find it legitimate.
I work every day to get better at Cheatengine.
Since English is not my native language I need some extra time.
The category memory hacking is very large and many functions I do not yet understand one hundred percent, but I am learning.
To write a cheat bypass requires a knowledge of what I can only dream of at the moment.
Re: [BUYING] anti debugger or table for SC II
Seems to me you've already solved it [Link].Insterluda wrote: ↑Fri Apr 10, 2020 2:46 pmI'm not expierenced enough to write my own cheat bypass for Starcraft II.
I don't even know where to start, or how to collect data about the crashes.
I'm still learning more and more about CE.
Re: [BUYING] anti debugger or table for SC II
Hello there friend. I love this game. I remember Zynastor aka Valiant Chaos who made the BEST cheat for sc1 and sc2.
Also, I have dew's source code for sc2's map hack... This method became detected, and it's for wings of liberty. The engine changed alot since.
Back in the day, people launched the game in 32 bits (option inside of b.net launcher), and they loaded the game with Ollydbg. Ollydbg is by far the best debugger in the planet, when it comes to being able to change cpu instructions on the fly while the process is running. Also, they used to use scylla hide plugin to hide the debugger.
Then we used to share warden dumps in d3scene (real website is long gone, the current site is all spam crap for cheats)... Today, you can use Vuno's software to hack if you wish, and there are a few other external ones, like Aina's ... Vuno has a website, but the rest are just obscure hard to find... Vuno is the current best by far, and I have the feeling vuno is valiantChaos with another name, dont quote me on that though.
The code below cam be used with MASM, I hope it helps you to find how the maphack is done, it might help you on what you are looking for when you are able to debug the game:
If you want to work together, we are working on Battleye Bypass, EAC Bypass, etc...
Discord: Xetal#8135
I am an not an extreme expert neither... Ever since the ring0 anti cheats came about, the whole hobby became not fun, and very time consuming...
Also, I have dew's source code for sc2's map hack... This method became detected, and it's for wings of liberty. The engine changed alot since.
Back in the day, people launched the game in 32 bits (option inside of b.net launcher), and they loaded the game with Ollydbg. Ollydbg is by far the best debugger in the planet, when it comes to being able to change cpu instructions on the fly while the process is running. Also, they used to use scylla hide plugin to hide the debugger.
Then we used to share warden dumps in d3scene (real website is long gone, the current site is all spam crap for cheats)... Today, you can use Vuno's software to hack if you wish, and there are a few other external ones, like Aina's ... Vuno has a website, but the rest are just obscure hard to find... Vuno is the current best by far, and I have the feeling vuno is valiantChaos with another name, dont quote me on that though.
The code below cam be used with MASM, I hope it helps you to find how the maphack is done, it might help you on what you are looking for when you are able to debug the game:
Code: Select all
.486
.model flat, stdcall
option casemap: none
include \masm32\include\windows.inc
include \masm32\include\masm32.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
include \masm32\include\gdi32.inc
include \masm32\include\debug.inc
includelib \masm32\lib\masm32.lib
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\gdi32.lib
includelib \masm32\lib\debug.lib
include Tools.inc
include Game.inc
thread_Hotkeys proto :DWORD, :DWORD, :DWORD
thread_Callback proto :DWORD, :DWORD, :DWORD
thread_Hook proto
.data
szWindow db "StarCraft II", 0
.data?
thread_HookID dd ?
thread_HotkeysID dd ?
.code
DllEntryPoint proc hInstDLL:DWORD, lpReason:DWORD, lpReserved:DWORD
; This code is executed when our DLL is loaded.
mov eax, lpReason
.if (eax == DLL_PROCESS_ATTACH)
; Check that the game version is correct.
mov eax, hook_Maphack_01
mov al, byte ptr [eax]
mov bl, byte ptr [h01_Reset]
.if (al != bl)
ret
.endif
; Set up the hooking thread.
invoke CreateThread, NULL, 0, addr thread_Hook, 0, 0, addr thread_HookID
.endif
ret
DllEntryPoint endp
thread_Hotkeys proc nCode:DWORD, wParam:DWORD, lParam:DWORD
; Hotkey callback thread.
push eax
mov eax, lParam
or eax, 00FFFFFFh
.if (nCode == HC_ACTION && eax != 0C0FFFFFFh)
.if (wParam == VK_F5)
.if (mState == 00h)
; Change to full mode.
invoke Tools_PatchMemory, hook_Maphack_01, addr h01_Reset, 6
invoke Tools_PatchMemory, hook_Maphack_02, addr h02_Full, 2
mov mState, 01h
.elseif (mState == 01h)
; Change to shared vision mode.
invoke Tools_PatchMemory, hook_Maphack_01, addr h01_Shared, 6
invoke Tools_PatchMemory, hook_Maphack_02, addr h02_Reset, 2
mov mState, 02h
.elseif (mState == 02h)
; Change to enemy vision mode.
invoke Tools_PatchMemory, hook_Maphack_01, addr h01_Enemy, 6
invoke Tools_PatchMemory, hook_Maphack_02, addr h02_Reset, 2
mov mState, 03h
.elseif (mState == 03h)
; Turn off the maphack.
invoke Tools_PatchMemory, hook_Maphack_01, addr h01_Reset, 6
invoke Tools_PatchMemory, hook_Maphack_02, addr h02_Reset, 2
mov mState, 00h
.endif
.endif
.endif
pop eax
invoke CallNextHookEx, thread_HotkeysID, nCode, wParam, lParam
ret
thread_Hotkeys endp
thread_Hook proc
; Hook setting thread.
; Show the ad.
invoke MessageBox, NULL, CTEXT("CLOSE THIS WINDOW FIRST--Press F5 to activate after closing this window,/"), CTEXT("CLOSE THIS WINDOW TO ACTIVATE"), MB_OK
; Get the device context.
invoke Tools_GetDeviceContext, addr szWindow
; Get the process ID.
invoke FindWindow, 0, addr szWindow
.if (eax == 0)
invoke FindWindow, addr szWindow, 0 ;korean/taiwan client fix
.endif
invoke GetWindowThreadProcessId, eax, 0
.if (eax != 0)
; Set the hotkey hook.
invoke SetWindowsHookEx, WH_KEYBOARD, addr thread_Hotkeys, NULL, eax
; Save our thread handle and sleep.
mov thread_HotkeysID, eax
invoke Sleep, -1
.endif
thread_Hook endp
End DllEntryPoint
Code: Select all
Game_TextOut proto :DWORD, :DWORD, :DWORD, :DWORD
.data
; Maphack state.
mState db 00h
; Maphack hooks.
hook_Maphack_01 dd 00A5C6D9h
hook_Maphack_02 dd 00A5C6DFh
; Maphack data.
h01_Shared db 0B3h, 02h, 90h, 90h, 90h, 90h
h01_Enemy db 0B3h, 03h, 90h, 90h, 90h, 90h
h01_Reset db 8Ah, 1Dh, 0Ch, 2Dh, 5Ah, 01h
h02_Full db 0EBh, 09h
h02_Reset db 3Ah, 1Dh
.code
Game_TextOut proc lpX:DWORD, lpY:DWORD, lpText:DWORD, lpLen:DWORD
; Displays text at specific coordinates in-game.
pushad
mov ebx, hdcDevice
invoke TextOut, ebx, lpX, lpY, lpText, lpLen
popad
ret
Game_TextOut endp
Code: Select all
Tools_PatchMemory proto :DWORD, :DWORD, :DWORD
Tools_SetHook proto :DWORD, :DWORD
Tools_MoveString proto :DWORD, :DWORD
Tools_GetDeviceContext proto :DWORD
.data?
hdcDevice dd ?
hWindow dd ?
.code
Tools_PatchMemory proc lpOffset:DWORD, lpData:DWORD, lpLen:DWORD
; Patches specific memory locations of variable length.
LOCAL lpOld:DWORD
; Give write permissions to the memory location.
invoke VirtualProtect, lpOffset, lpLen, PAGE_EXECUTE_READWRITE, addr lpOld
.if (eax != 0)
; Write our data and return to the old permissions.
invoke RtlMoveMemory, lpOffset, lpData, lpLen
invoke VirtualProtect, lpOffset, lpLen, lpOld, addr lpOld
.endif
ret
Tools_PatchMemory endp
Tools_SetHook proc lpFrom:DWORD, lpTo:DWORD
; Sets up a jump to our internal code.
LOCAL lpJump:DWORD
push ecx
push ebx
mov ecx, lpFrom
mov ebx, lpTo
add ecx, 05h
sub ebx, ecx
lea ecx, lpJump
mov byte ptr [ecx], 0E9h
mov dword ptr [ecx+1], ebx
invoke Tools_PatchMemory, lpFrom, addr lpJump, 5
pop ebx
pop ecx
ret
Tools_SetHook endp
Tools_MoveString proc lpDest:DWORD, lpSource:DWORD
; Moves and terminates a string in memory.
push ecx
push ebx
push edx
mov ebx, lpDest
mov ecx, lpSource
.while (byte ptr [ecx] != 00h)
mov dl, byte ptr [ecx]
mov byte ptr [ebx], dl
inc ecx
inc ebx
.endw
mov byte ptr [ebx], 00h
pop edx
pop ebx
pop ecx
ret
Tools_MoveString endp
Tools_GetDeviceContext proc szWindow:DWORD
; Returns and stores a device context.
push eax
mov eax, szWindow
invoke FindWindow, 0, eax
invoke GetDC, eax
mov hdcDevice, eax
pop eax
ret
Tools_GetDeviceContext endp
Discord: Xetal#8135
I am an not an extreme expert neither... Ever since the ring0 anti cheats came about, the whole hobby became not fun, and very time consuming...
-
- Noobzor
- Posts: 8
- Joined: Fri Aug 12, 2022 1:17 pm
- Reputation: 1
Re: [BUYING] anti debugger or table for SC II
Hi guys, I am happy to release my version for Online matches only. It is unable to be detected by any cheat detectors and it never will be possible.
However, I will disable anything to do with speed changes and anything that could get people banned by being greedy. Such as auto build and attack feature. Since, I have created it for every current map.
Basically, ability to show what the enemy is building, units, unit overall worth, removed fog of war, current live use of resources, show any chat discussions from the enemy team, mouse clicks. Also, when attacking units there are 3 options to have units move to dodge rockets etc. It also reflects with increases to on your overall APM. Just have to have the units highlighted
I Also, can enable a feature for recommended counters or basically an auto build and win conditions that are map specific that run live. After 200 games tested in Diamond + I have a 100% success rate. With no one suspecting a thing.
My only concern is, is people get caught using it incorrectly, or tell people it ruins it for everyone else this would annoy me. Therefore, would like to release it to people that have contributed here.
I do not want any money for it. That said, if you want me to individually provide it to you and give hints, happy to do so if you donate to a charity like the salvation army.
However, I will disable anything to do with speed changes and anything that could get people banned by being greedy. Such as auto build and attack feature. Since, I have created it for every current map.
Basically, ability to show what the enemy is building, units, unit overall worth, removed fog of war, current live use of resources, show any chat discussions from the enemy team, mouse clicks. Also, when attacking units there are 3 options to have units move to dodge rockets etc. It also reflects with increases to on your overall APM. Just have to have the units highlighted
I Also, can enable a feature for recommended counters or basically an auto build and win conditions that are map specific that run live. After 200 games tested in Diamond + I have a 100% success rate. With no one suspecting a thing.
My only concern is, is people get caught using it incorrectly, or tell people it ruins it for everyone else this would annoy me. Therefore, would like to release it to people that have contributed here.
I do not want any money for it. That said, if you want me to individually provide it to you and give hints, happy to do so if you donate to a charity like the salvation army.
Who is online
Users browsing this forum: asmodeusPT, frankieyim, qwertyuiop111asd