Im trying to debug ACO with Cheat Engine but whenever I do my game crash, due to EAC (EasyAntiCheat)
I would like to know how woud one do to bypass ACO's EasyAntiCheat please....
PS: What Im trying to do exactly is mod the bow headshot damage. Im pretty sure there's a variable called HeadShotDamageMultiplier (seen in .forge game files and CE scans) which controls this but I cant determine more ithout debugging
EDIT: simply changing debugging method in CE settings to "VEH debugger" fixed it for me.
Please close thread
EDIT2 : I actually managed to do what I initially wanted, just put below script in CE (only tested in 1.1.1 steam version)
Spoiler
{ Game : ACOdyssey.exe
Version:
Date : 2018-12-20
Author : 52fak
This script does blah blah blah
}
[ENABLE]
aobscanmodule(INJECT,ACOdyssey.exe,F3 0F 10 47 44 F3 0F 59) // should be unique
alloc(newmem,$1000,"ACOdyssey.exe"+27D5BDD)
label(code)
label(multHeadshot)
registersymbol(multHeadshot)
label(return)
newmem:
code:
movss xmm0,[rdi+44]
mulss xmm0, [multHeadshot]
jmp return
multHeadshot:
dd (float)9.5
INJECT:
jmp newmem
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db F3 0F 10 47 44
unregistersymbol(INJECT)
unregistersymbol(multHeadshot)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "ACOdyssey.exe"+27D5BDD
"ACOdyssey.exe"+27D5BB6: 8D 0C C5 F8 FF FF FF - lea ecx,[rax*8-00000008]
"ACOdyssey.exe"+27D5BBD: 48 8B 83 AC 02 00 00 - mov rax,[rbx+000002AC]
"ACOdyssey.exe"+27D5BC4: 48 8B 3C 01 - mov rdi,[rcx+rax]
"ACOdyssey.exe"+27D5BC8: 48 85 FF - test rdi,rdi
"ACOdyssey.exe"+27D5BCB: 74 39 - je ACOdyssey.exe+27D5C06
"ACOdyssey.exe"+27D5BCD: 45 84 C0 - test r8l,r8l
"ACOdyssey.exe"+27D5BD0: 74 0B - je ACOdyssey.exe+27D5BDD
"ACOdyssey.exe"+27D5BD2: 48 8B CB - mov rcx,rbx
"ACOdyssey.exe"+27D5BD5: E8 46 DE FF FF - call ACOdyssey.exe+27D3A20
"ACOdyssey.exe"+27D5BDA: 0F 28 C8 - movaps xmm1,xmm0
// ---------- INJECTING HERE ----------
"ACOdyssey.exe"+27D5BDD: F3 0F 10 47 44 - movss xmm0,[rdi+44]
// ---------- DONE INJECTING ----------
"ACOdyssey.exe"+27D5BE2: F3 0F 59 43 78 - mulss xmm0,[rbx+78]
"ACOdyssey.exe"+27D5BE7: F3 0F 59 C1 - mulss xmm0,xmm1
"ACOdyssey.exe"+27D5BEB: F3 0F 59 C6 - mulss xmm0,xmm6
"ACOdyssey.exe"+27D5BEF: 48 8B 7C 24 40 - mov rdi,[rsp+40]
"ACOdyssey.exe"+27D5BF4: 0F 28 74 24 20 - movaps xmm6,[rsp+20]
"ACOdyssey.exe"+27D5BF9: 48 83 C4 30 - add rsp,30
"ACOdyssey.exe"+27D5BFD: 5B - pop rbx
"ACOdyssey.exe"+27D5BFE: C3 - ret
"ACOdyssey.exe"+27D5BFF: F3 0F 10 70 24 - movss xmm6,[rax+24]
"ACOdyssey.exe"+27D5C04: EB 82 - jmp ACOdyssey.exe+27D5B88
}
Version:
Date : 2018-12-20
Author : 52fak
This script does blah blah blah
}
[ENABLE]
aobscanmodule(INJECT,ACOdyssey.exe,F3 0F 10 47 44 F3 0F 59) // should be unique
alloc(newmem,$1000,"ACOdyssey.exe"+27D5BDD)
label(code)
label(multHeadshot)
registersymbol(multHeadshot)
label(return)
newmem:
code:
movss xmm0,[rdi+44]
mulss xmm0, [multHeadshot]
jmp return
multHeadshot:
dd (float)9.5
INJECT:
jmp newmem
return:
registersymbol(INJECT)
[DISABLE]
INJECT:
db F3 0F 10 47 44
unregistersymbol(INJECT)
unregistersymbol(multHeadshot)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "ACOdyssey.exe"+27D5BDD
"ACOdyssey.exe"+27D5BB6: 8D 0C C5 F8 FF FF FF - lea ecx,[rax*8-00000008]
"ACOdyssey.exe"+27D5BBD: 48 8B 83 AC 02 00 00 - mov rax,[rbx+000002AC]
"ACOdyssey.exe"+27D5BC4: 48 8B 3C 01 - mov rdi,[rcx+rax]
"ACOdyssey.exe"+27D5BC8: 48 85 FF - test rdi,rdi
"ACOdyssey.exe"+27D5BCB: 74 39 - je ACOdyssey.exe+27D5C06
"ACOdyssey.exe"+27D5BCD: 45 84 C0 - test r8l,r8l
"ACOdyssey.exe"+27D5BD0: 74 0B - je ACOdyssey.exe+27D5BDD
"ACOdyssey.exe"+27D5BD2: 48 8B CB - mov rcx,rbx
"ACOdyssey.exe"+27D5BD5: E8 46 DE FF FF - call ACOdyssey.exe+27D3A20
"ACOdyssey.exe"+27D5BDA: 0F 28 C8 - movaps xmm1,xmm0
// ---------- INJECTING HERE ----------
"ACOdyssey.exe"+27D5BDD: F3 0F 10 47 44 - movss xmm0,[rdi+44]
// ---------- DONE INJECTING ----------
"ACOdyssey.exe"+27D5BE2: F3 0F 59 43 78 - mulss xmm0,[rbx+78]
"ACOdyssey.exe"+27D5BE7: F3 0F 59 C1 - mulss xmm0,xmm1
"ACOdyssey.exe"+27D5BEB: F3 0F 59 C6 - mulss xmm0,xmm6
"ACOdyssey.exe"+27D5BEF: 48 8B 7C 24 40 - mov rdi,[rsp+40]
"ACOdyssey.exe"+27D5BF4: 0F 28 74 24 20 - movaps xmm6,[rsp+20]
"ACOdyssey.exe"+27D5BF9: 48 83 C4 30 - add rsp,30
"ACOdyssey.exe"+27D5BFD: 5B - pop rbx
"ACOdyssey.exe"+27D5BFE: C3 - ret
"ACOdyssey.exe"+27D5BFF: F3 0F 10 70 24 - movss xmm6,[rax+24]
"ACOdyssey.exe"+27D5C04: EB 82 - jmp ACOdyssey.exe+27D5B88
}