Page 1 of 4 123 ... LastLast
Results 1 to 10 of 32
  1. #1
    Dwar
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Posts
    2,222
    Thanks Thanks Given 
    211
    Thanks Thanks Received 
    2,230
    Thanked in
    292 Posts
    Rep Power
    10

    [Delphi] Undetectable Cheat Engine step by step tutorial

    Undetectable Cheat Engine (UCE) step by step tutorial

    Note: Words in light blue should be payed attention to. They are side notes and important tips. KEEP THEM IN MIND!!
    Keep a piece of paper and pen, or a word document in handy. Write down EVERY change in string because this will be VERYY useful later on.


    2. Creating DBK32.sys
    2A. Changing the basics and manipulating //hideme

    Find driver.dat in your main CE Source and open in notepad. Change the following:

    Note: through out my TUT. I used the string "c4n0n" in my screen shots. This word has been detected so please don't use it. Be creative and think of any word you want. Note that my example below "string" has also been detected so don't use that either. This is where the piece of paper plays its first role. Write these changes down!!

    • CEDRIVER53 >> string1
      DBKProclist53 >> string2
      DBKThreadList53 >> string3
      dbk32.sys >> string.sys


    2B. Locate+open DBKDrvr.c in the DBKKernel folder. Open with notepad and use the find function. Find "hideme". Skip the first one and go to the second one. It will say "//hideme (Driver Object)". Uncomment it (That means take away the //).
    Caution: This may cause the Blue Screen of Death for some people.



    [thumb]http://img694.imageshack.us/img694/7122/42881299.png[/thumb]
    2C. Open SOURCES and sources.ce within the DBKKernel folder with notepad and replace:
    "TARGETNAME=DBK32" to "TARGETNAME=string"

    2D. Now we will compile String.sys (DBK32.sys). Go to your DBKKernel directory and copy the address.

    After that, open up Windows XP Free Build. I use this simply because I use WindowsXP. A lot of people like to use Windows 2000 Free Build. It's your choice which one you want to use. For noobs, if you cant find it go to:

    Start > All Programs > Development Kits > Windows DDK > Build Environment > Windows XP > Windows XP Free Build Environment

    When it is open.. Type "cd" (no quotes) then press space bar and then right click and paste the path to your DBKKernel folder as seen in screen shot 1. You should get something like the 2nd Screen Shot. After that press enter. If your DDK is not in the same drive as your Cheat Engine folder, then type in the drive your CE folder is in (If you don't know what I'm talking about, or both of them are in the same hard drive then just ignore what I said about typing in the drive. Now Type in "ce" as in screen shot 3 and then press enter. Hopefully you will get something like the last screen shot

    [thumb]http://img340.imageshack.us/img340/1751/90775842.png[/thumb]
    If all is good and well. It should say "7 files compiled. 1 Executable built." And viola! String.sys or whatever you named it will be in your main CE directory.

    3. Replacing Detected Strings
    Note: The following is one of the most tedious steps. Don't rush through it or you'll screw up.

    Locate+open "dbk32.dpr" in your dbk32 folder with Delphi 7(screenshot1 below). Go to View>Project Manager and expand "dbk32.dll". Double click on "DBK32functions" to open it (screenshot2 below). Replace the following in DBK32functions. Perhaps use the find method to make things easier?
    • CEDRIVER52 >> String1(This is the same thing as CEDRIVER53)
    • DBKProcList51 >> String2 (This is the same thing as DBKProcList53)
    • DBKThreadList51 >> String3 (This is the same thing as DBKThreadList53)

    Done? Ok save all and close all.

    Open up Actual Search and Replace. Go to "File > Settings > Editor" go through your folders and find your delphi32.exe. It will most likely be under "C:Program FilesBorlandDelphi7Bindelphi32.exe" Press ok

    Under options tab, check mark the box that says "include subfolders". Keep in mind where this box is because it will be used later in this tut.

    Under "Masks" enter: newkernelhandler.pas; DBK32functions.pas; DBK32.dpr

    Under "Path" put in your main Cheat Engine directory.

    Last but not least, tick the box under Mask that says "whole words". In my replace field, I used the word "c4n0n". Instead of c4n0n, fill it in with whatever word you want. Whenever you press modify, you are modifying a file, NOT a line.

    Note: REMEMBER!! THERE IS AN UNDO BUTTON IN CASE YOU MESS UP!!(its the curved arrow on the right side.)

    so for example change:
    • VQE >> string4[/font]
    • OP >> string5[/font]
    • OT >> string6[/font]
    • and so forth... until you finish the word DBKGetDC

    In green is a list of detected strings that you want to change. Feel free to tell me if I missed any. This is where your piece of paper/word document comes in play again!! Write down whatever you change these words to!

    list of detected strings


    3B. Now we will get to saving newkernelhandler.pas, DBK32functions.pas, and DBK32.dpr in new names.

    Open the above 3 named files in Delphi. Newkernelhandler is found in your main directory. The other 2 files are found in your DBK32 folder. Once opened. Go File > Save As.

    ???‚¬?? DBK32.dpr >> String.dpr (Save in dbk32 folder. Also you will see that "library DBK32" has changed to "library string")

    ???‚¬?? DBK32functions.pas >> Stringfunctions.pas (Save in dbk32 folder. In Project Manager, DNK32functions.pas will change to stringfunctions.pas)

    ???‚¬?? New KernelHandler.pas >> Stringfunctions.pas (Save in main CE folder.)

    Save all and close all.

    Now search and replace the following in all files. Set mask as " *.* ". (Include Subfolders)

    ???‚¬?? dbk32.sys >> string.sys
    ???‚¬?? dbk32.dll >> string.dll

    Now open string.dpr in Delphi. We will compile string.dll. Go Project > compile string. Its fine if you get [Warning] or [Hint] but its NOT ok if you get [Error]. If you get error then recheck your steps.

    [thumb]http://img835.imageshack.us/img835/2315/92572150.png[/thumb]
    If you got no errors, then string.dll will be in your main CE folder.

    3C. Making CEHook

    Use Actual Search and Replace again. Search for myhook (Include subfolders)

    Rename myhook in the files CEHook.dpr and hypermode.pas ONLY. myhook >> string54

    Now open CEHook.dpr with Delphi. This file is in the CEHook folder. We will need to comment out "system;" under "uses". In order to comment out. Add " // " before "system". After commenting it out. Compile It.

    3D. Creating Stealth - Open up stealth.dpr within your Stealth directory and compile it. There's nothing to change. (Yay! lol)


    3E. Renaming NewKernelHandler and CeFuncProc

    Open up cheatengine.dpr from your Main CE folder. Go to project manager and open up NewKernelHandler.pas and CeFuncProc.pas Again "File > Save As". Save into main CE folder.

    ???‚¬?? NewKernelHandler.pas >> StringHandler.pas (replace? Yes!)

    ???‚¬?? CeFuncProc.pas >> String55.pas

    Save and close. Use search and replace and search for NewKernelHandler and CeFuncProc (do not include subfolders). Mask is "*.*???‚¬??

    ???‚¬?? NewKernelHandler >> Stringhandler (change in all files EXCEPT for Newkernelhandler.pas)
    ???‚¬?? CeFuncProc >> String55

    3F. Changing value strings (hex values)

    The values we will be changing here are 00400000 , 7FFFFFFF, 80000000. We are changing them into different values, NOT into letters/names.
    We will be using the basic windows calculator. Go to Start > Run > type in "calc" OR you can just go to your calculator under Accessories. Either way, just open up calculator. Once it opens press View > Scientific > Hex

    Enter one of the above values. Then click Dec add a number (ex. +5. Do not use the minus sign.) Then change back to Hex and you will get your new value! Use Search and Replace and replace the values. (Include subfolders) Mask is *.* Below I +5 to my values. You can add any number you want. You don't have to use 5.

    ???‚¬?? 00400000 >> 00400005

    ???‚¬?? 7FFFFFFF >> 80000004

    ???‚¬?? 80000000 >> 80000005

    3G. Changing words within the CheatEngine GUI

    Now search again (Do not include subfolders) and change:

    ???‚¬?? nextscanbutton >> String56

    ???‚¬?? scanvalue >> String57

    ???‚¬?? scanvalue2 >> String58

    ???‚¬?? ScanType >> String59

    ???‚¬?? VarType >> String60

    ???‚¬?? newscan >> String61

    ???‚¬?? ScanText >> String62

    ???‚¬?? syndic.com/ce >> myspace.com (you can change it to any website =D)

    3H. Now use search again (Do not include subfolders). Your mask will be *.pas change the following:

    ???‚¬?? CheatEngine >> StringEngine

    ???‚¬?? cheat engine >> String Engine

    3I. Configuring the Cheat Engine GUI

    Open cheatengine.bpg from main CE directory. Using Project Manager, open MainUnit which is under Cheatengine.exe. Double clicking on it will make the Cheat Engine GUI pop up.

    In the GUI, look for the words "scan type" and "value type" faded in grey. Click on the drag down box next to scan type. Here we are just checking if you changed your strings correctly. After clicking the drop down menu box. Look to the left of the screen under Object Treeview and Object Inspector. Hopefully under Object Treeview, String59 is highlighted. Now look at Object Inspector and scroll down until you see "name". Hopefully right next to it, there is a box that says String59 also.

    If you did this step correctly repeat it with value type.

    Finally, click on the labels "ProtectMe2" and "crash me" which are next to the red pointer on the GUI. Click on them and look inside Object Inspector. Go to "caption" and delete the words there. So basically, ProtectMe2 and Crash Me are still there BUT we can't see them!!

    Here are some optional things that you can do in order to personalize your UCE =] wooh!! They are the words in pink. If you do not want to personalize your UCE then skip down to the next step.

    Changing Version Info. - Select Cheatengine.exe in Project Manager and "right click > Options". Click "Version Info" tab. If you do not want anything at the bottom to show, untick the box that says "include version.....???‚¬?? Other than that, you can also edit the words at the bottom like Company Name and File Description.

    Changing Application Name, Help File and Icon. - Click the tab "Application" and from there, stuff is pretty self explanatory.

    Changing Settings and About section. - In Project Manager, open up the files "formsettingsunit" and "aboutunit". Click on the things that you want to edit and change the captions in Object Inspector. (Give credz to Dark Byte for making this source).

    3J. Comping cheatengine.exe

    View project manager and click on the drop down menu. Make sure Cheatengine.exe is selected and NOT cheatengine.DEU / NLD / RUS

    Minimize Delphi real quick, and with windows explorer, go to your main CE folder. Right click in any empty space and select New > Text Document. Rename the file as "trainerwithassembler.exe" Done.

    Now go back to Delphi and compile. Here is the other long step (but on the brighter side... YOU ARE VERY CLOSE TO FINISHING!!).

    After you attempt to compile, you WILL get errors. The first will be

    [Error] autoassembler.pas (531): Undeclared identifier: 'KernelAlloc'

    Hopefully you wrote down your changes on a piece of paper like I had asked. Look back at that paper and change KernelAlloc to whatever you changed it to. In this tut, I changed KernelAlloc to String50.

    Compile again. You will get another error. Fix it and compile again. Keep doing this until you no longer have any errors. This is a long step, BUT it is a key step!!

    4. Finishing Touches

    4A. Compiling Needed Files for UCE

    Open Delphi.
    • With Delphi open systemcallsignal.dpr in SystemcallRetriever folder. Compile
    • Open Systemcallretriever.dpr in SystemcallRetriver folder (you will get some errors so change them)
    • Kernelmoduleunloader.dpr in dbk32kernelmodule unloader folder

    4B. Other Stuff

    Note: First off. Make a copy of your edited source before you proceed in case you mess up.

    Now open cheatengine.bpg from the main directory then "save as" stringengine.bpg in main directory. Close it.

    Reopen cheatengine.bpg from the main directory and "right click" on cheatengine.exe and select "view source"

    Save cheatengine.dpr as stringengine.dpr then compile it and you will get StringEngine.exe. !! <-- that???‚¬?„?s your CE exe. The name cheatengine.exe in your Projectmanager should change to stringengine.exe. (LOL sorry i kinduh messed up the screenshot below)

    4B. Hopefully you have all these files now.

    Make a new folder and toss them all in.
    • stringengine.exe
    • driver.dat
    • string.sys
    • string.dll
    • stealth.dll
    • cehook.dll
    • systemcallsignal.exe
    • systemcallretriever.exe
    • kernelmoduleunloader.exe


    Now you just have to test it.

    5. Testing Your UCE

    5. Testing. Open your CE. Change the settings according to these pictures provided by LilHustla of gameguardattackers. I was too lazy to take my own screenshots, and these settings worked for me. So give thanks to him!






    Save the settings and then click the green flashy thing in the top left corner. CreatProcess > MapleStory.exe. Once it has been opened, it will be in your process list. While its gameguarding, click on the Maplestory.exe in your process list and press OK.

    IF reboot. Then dbk32.sys is detected. Remove it. IF detected again dbk32.dll detected. Remove. IF deteced AGAIN, just play around. I can't help you from there.
    Author: ndk721
    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

  2. #2
    aldoduju
    aldoduju is offline
    Guest
    Join Date
    2011 Mar
    Posts
    1
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    when I'm compiling sys giving this error!

    you can help me, I'm using windows seven + source cheatengine5.3
    Last edited by aldoduju; 2011-04-02 at 04:20 AM.

  3. #3
    Pb600
    Pb600 is offline
    New member
    Join Date
    2011 Jul
    Posts
    6
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    Oh nice thanks, i need know another language but java ;/ i know alot of java but this language don't interact much with OS ;/

  4. #4
    gm3x
    gm3x is offline
    Member-in-training gm3x's Avatar
    Join Date
    2011 Feb
    Location
    Rio Grande, RS - Brazil
    Posts
    92
    Thanks Thanks Given 
    4
    Thanks Thanks Received 
    56
    Thanked in
    16 Posts
    Rep Power
    0
    Dwar this way to use CE can expire or crash with some update?
    Because a guy in AIKABR reinforced 70's itens do +11 with this tutorial, using packet monitor of CE, I wanna make something simmilar^^

    Thanks, don't forget that I love u

  5. #5
    raiodourado
    raiodourado is offline
    Member-in-training raiodourado's Avatar
    Join Date
    2010 Dec
    Location
    Brazil
    Posts
    164
    Thanks Thanks Given 
    102
    Thanks Thanks Received 
    62
    Thanked in
    53 Posts
    Rep Power
    0
    dwar, you have some tutorial to create a dextrap?
    if possible show me the link

  6. #6
    gm3x
    gm3x is offline
    Member-in-training gm3x's Avatar
    Join Date
    2011 Feb
    Location
    Rio Grande, RS - Brazil
    Posts
    92
    Thanks Thanks Given 
    4
    Thanks Thanks Received 
    56
    Thanked in
    16 Posts
    Rep Power
    0
    Quote Originally Posted by gm3x View Post
    Dwar this way to use CE can expire or crash with some update?
    Because a guy in AIKABR reinforced 70's itens do +11 with this tutorial, using packet monitor of CE, I wanna make something simmilar^^

    Thanks, don't forget that I love u
    And, I'm having a problem that google couldn't help me.

    I'm step of que string.sys, my ddk cannot create it, it gives me a message talking about the ddkdrvr.obj, saying not found.

    I've seen many questions about this problem but no solutions.

  7. #7
    annnnndre
    annnnndre is offline
    Senior Member annnnndre's Avatar
    Join Date
    2011 Jul
    Location
    By your side, let's the game begin'
    Posts
    336
    Thanks Thanks Given 
    118
    Thanks Thanks Received 
    177
    Thanked in
    87 Posts
    Rep Power
    0
    Posting to alert about some tags problem in Post, and to thank about this. i'm searching for this, and know I find, and I can study more about Cheat Engine, and maybe, create my Cheat Engine *--*

    Really thank you.
    Cool Forum.

  8. #8
    gm3x
    gm3x is offline
    Member-in-training gm3x's Avatar
    Join Date
    2011 Feb
    Location
    Rio Grande, RS - Brazil
    Posts
    92
    Thanks Thanks Given 
    4
    Thanks Thanks Received 
    56
    Thanked in
    16 Posts
    Rep Power
    0
    Compiled sys, renamed strings to gm3x1, gm3x2 etc. Replaced, compiled everything, no errors (except the showed in tutorial), step by step, backups for every step...

    Well, with the configuration above, I opened it to attach on AIKABR and it restarted my PC.
    I'm sure that I've made everything perfect, I've made the CE in 2,5 hours, after 5 testing attempts, ce is perfect, tested in other games with cheat tabs, but on Aika it has been detected.

    I suggest Aika players to don't try this tutorial, if someone made it undetectable by xtrap of AIKABR, tell me how, because following every word of this tutorial xtrap detected...

  9. #9
    Dwar
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Posts
    2,222
    Thanks Thanks Given 
    211
    Thanks Thanks Received 
    2,230
    Thanked in
    292 Posts
    Rep Power
    10
    Quote Originally Posted by gm3x View Post
    every word of this tutorial xtrap detected
    Try to pack your UCE with UPX or Yoda. xTrap always send to the server sigs for every unknown app or library on your machine (as well as your machine name, your admin name and other private information)
    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

  10. #10
    gm3x
    gm3x is offline
    Member-in-training gm3x's Avatar
    Join Date
    2011 Feb
    Location
    Rio Grande, RS - Brazil
    Posts
    92
    Thanks Thanks Given 
    4
    Thanks Thanks Received 
    56
    Thanked in
    16 Posts
    Rep Power
    0
    Quote Originally Posted by Dwar View Post
    Try to pack your UCE with UPX or Yoda. xTrap always send to the server sigs for every unknown app or library on your machine (as well as your machine name, your admin name and other private information)
    Not worked Dwar, packed exe with Yoda, stays the same, reboot PC when open UCE.

Page 1 of 4 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •