Results 1 to 2 of 2
  1. #1
    Dwar
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Posts
    2,222
    Thanks Thanks Given 
    211
    Thanks Thanks Received 
    2,230
    Thanked in
    292 Posts
    Rep Power
    10

    [Cheat Engine] Stealth Plugin for CE 5.6

    StealthEdit
    Generic integrity check(crc) bypass for ce 5.6

    Here is the stealthedit plugin for cheat engine. With some fiddling you can use it to bypass integrity checks

    How to setup:
    In cheat engine 5.6 go to settings->plugins and click add.
    Then find stealthedit.dll and add it to the plugin list.
    Check the checkbox left of it to enable it and click ok to exit the settings screen

    And make sure you've configured your bios to ALLOW the no-execute ability

    How to use:
    -On the run-
    Rightclick the page you want to stealthedit, and choose stealthedit. It will then automatically make an adjusted copy of the current page and configures the driver part to let executions of the original code go to the copy

    -Auto assembler-
    The stealthedit plugin adds a new auto assembler command.

    stealthedit(name, address, size)

    How it works internally:
    It hooks the pagefault and breakpoint interrupt and marks the specified memory region as non-executable
    When process execution enters the affected page a pagefault will be rissen and the driver will then adjuist eip to the copy
    When the execution leaves the copy it enters in a int3 field, which indicates the driver to exit the copy and return based on the location the int3 instruction happened.

    The copy isn't 100% exact. For example instructions that jump beyond the int3 fields get rewritten so they jump to the original code

    Known problems:
    The copy stealthedit makes isn't always 100% perfect (it's based on automated disassembling and adjusting the calls, if the instructions arn't aligned properly, errors can/will occur). In case that you detect a problem (app/game crashes) inspect the copy of the memory and see what went wrong, and try to fix them yourself. Either making a full adjusted copy yourself, or just fixing the small incosistencies (e.g the first few/last instructions)

    The auto assembler script part can come in use here, as name will be seen as the address of the copy, so you can use that to write the copy yourself

    Please register or login to download attachments.

    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

  2. #2
    chidiebere
    chidiebere is offline
    Guest
    Join Date
    2012 Dec
    Posts
    1
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0

    thanks for the plugin man :)

    ive been looking everywhere for this plugin with no luck. so wanted to express my gratitude <3

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •