StarCraft 1.18.1.1396

[IcyPurpose99]

StarCraft 1.18.1.1396 Classic Version


Anyone else notice that as soon as you try to scan the game crashes and blizzard error pops up? It appears to me as if they already added anti-cheat measures so you cannot scan the memory of the old game, which is strange considering in the StarCraft II they just encrypted it. I guess based on the fact that encryption is too hard to add to a old game they seem to have added some kind of memory blocker.

[IcyPurpose99]

Just got 1.18.3 to check what you mean.

Did some research and it turns out they supposedly added a "Modern anti-cheat" be as it may this Anti-cheat is strong. It won't let you edit values, browse memory, or even attempt to scan in-game. Now i was able to do a random number scan while in main menu without a crash, but even if you attempt to scroll through the list of values that the scan returns. The game crashes.

This is quite impressive, but also a shallow move by blizzard. Can't even cheat single player, and not even care much for StarCraft 2 cheating since it was actually useless.

Yeah I just got it myself, and I use to be 1.16, but now...gosh.

[IcyPurpose99]

The culprit is ClientSdk.dll, that's where the "goodies" are. And they use same Battle.net.dll techniques to shield process (anti: INT3, HWBP, all kinds of other interrupts, RDTSC, OpenProcess, etc.). Will see if my tricks still do the job up to a certain point

would love to know how to bypass that sucker.

[IcyPurpose99]

I'd love to know as well.. on Windows 10 I got a backup Windows XP on another HDD, will give it a go

Does the operating system make a difference in getting past the block?

[IcyPurpose99]

Kind of. Makes a difference navigating through the x86 code

Any progress on getting past it?

[floowsnaake]

Hey

i got it working but with AM for now

Also note that im not that good with memory editing i mostly use Macros combined with Reading games memory that's why i use AHK or AutoTI

picture:


more info:
[Link]
[Link]
[Link]

[IcyPurpose99]

StarCraft Remastered is out lol

[IcyPurpose99]

Free of charge and looking like SC2?

No its the original updated with graphics and supports common systems. And has a painful anti cheat system lol

[SneakyOne]

Has anyone figured any tools or a way to use Cheatengine in this game? It seems to block writing to it. The debuggers in Cheatengine either cannot inject or the game closes when attached to.

It appears it can be worked on due to the screenshot above but there is no posting how to get the game to allow you to write to it and debug it?

I was hoping to relive those old days with mega skirmishes against AI with unlimited resources!

[SneakyOne]

The culprit is ClientSdk.dll, that's where the "goodies" are. And they use same Battle.net.dll techniques to shield process (anti: INT3, HWBP, all kinds of other interrupts, RDTSC, OpenProcess, etc.). Will see if my tricks still do the job up to a certain point

Hmm..

I renamed

ClientSdk.dll

to:

ClientSdk.dll2

while the game was at main menu. Windows allowed that, without problems. So the .dll isn't even loaded at the main menu. Also, at main menu, you can attach to game without debugger, but any writes (for instance to NOP an instruction) are blocked.

So I don't know exactly what ClientSdk.dll is doing that you discovered, but it appears to be that the shielding of the process, or detecting stuff, or preventing injection, are all occurring without clientsdk.dll being loaded (before it's loaded). It's like a page guard is in place but there's no way to write over it or something. I also used cheatengine to enumerate the .dll's but ClientSdk.dll isn't one of the .dll's that is loaded while at main menu.

Maybe I missed something?

[IcyPurpose99]

They did a good job to prevent cheating for single player.

[SneakyOne]

It's the same protection EAC uses, stripping handles access from the shielded process (that's why you can't debug via VEH, as injection fails) as well as several executable code integrity checks There's a reason I wrote a big-ass PDF explaining the cheat system in SC2. Same applies here, just use it as a starting point. What you should know is Blizzard focuses on the few possible injection points related to various cheats. They didn't think to protect other things though

So blizzard is using kernel level, malware like, driver like EAC is doing? And battle.net.dll is what is blocking the writes? What driver is doing this?
Where is the pdf you mentioned? Thanks for the replies.

[IcyPurpose99]

I'd love to learn how to get past it and read the pdf file...

[IcyPurpose99]

I may have not expressed myself clearly: the PDF I wrote doesn't explain how to skip the anti-cheat system, but how the actual in-game cheat system works. Starting from that you can devise at least 3 ways to achieve several of them (e.g.: God Mode can be done in several ways, without touching their integrity checks; the straight forward way of hooking unit health routine -- which is what most people go for -- is checked).

PDF's linked hereby: [Link].

BR,
Sun

Oh I know how to do that stuff, I was thinking, it would explain how to deal with the more difficult anti-cheating/memory block systems how to bypass/debug them properly.

[pharaon]

is it possible to inject dll file to it as macro ?