Pages

Senin, 04 Oktober 2010

cara buat cheat engine sendiri bagian 2

Setelah menyelesaikan semua tahapan di awal, kini saatnya untuk melakukan editing pada string yang menyebabkan CE dikenali oleh GG.


3 a. Bukalah file dbk32.dpr yang berada dalam folder dbk32 dengan menggunakan delphi. Kemudian pilih menu view>Project Manager klik lah pada dbk32.dll sehingga muncul dbk32function. Lakukan double klik pada file tersebut kemudian carilah :

CEDRIVER53 = Whatever1 (same thing as CEDRIVER53)
DBKProcList53 = Whatever2 (same thing as DBKProcList53)
DBKThreadList53 = Whatever3 (same thing as DBKThreadList53)
dbk32.sys = Whatever.sys



3 b. Bukalah ASR (Actual Search and Replace), Pilih menu File > Settings > Editor. Carilah file “delphi32.exe” dan OK (umumnya file delphi32.exe berada pada “C:\Program Files\BorlandDelphi7\Bin\delphi32.exe”


Kemudian pilih tab ‘Option’, pilih “include subfolders”.
Masukkan pada kotak “Masks” –> newkernelhandler.pas; DBK32funcionts.pas; DBK32.dpr
Pilih lah folder utama cheat engine pada kotak “Path”, dan pilih “whole words” yang berada dibawah kotak path


carilah string berikut ini dan ubahlah (lebih baik di copy dalam notepad terlebih dulu, karena di bagian berikutnya akan digunakan lagi)

VQE = Whatever4
OP = Whatever5
OT = Whatever6
NOP = Whatever7
RPM = Whatever8
WPM = Whatever9
VAE = Whatever10
CreateRemoteAPC = Whatever11
ReadPhysicalMemory = Whatever12
WritePhysicalMemory = Whatever13
GetPhysicalAddress = Whatever14
GetPEProcess = Whatever15
GetPEThread = Whatever16
ProtectMe = Whatever17
UnprotectMe = Whatever18
IsValidHandle = Whatever19
GetCR4 = Whatever20
GetCR3 = Whatever21
SetCR3 = Whatever22
GetSDT = Whatever23
GetSDTShadow = Whatever24
setAlternateDebugMethod = Whatever25
getAlternateDebugMethod = Whatever26
DebugProcess = Whatever27
StopDebugging = Whatever28
StopRegisterChange = Whatever29
RetrieveDebugData = Whatever30
GetThreadsProcessOffset = Whatever31
GetThreadListEntryOffset = Whatever32
GetDebugportOffset = Whatever33
GetProcessnameOffset = Whatever34
StartProcessWatch = Whatever35
WaitForProcessListData = Whatever36
GetProcessNameFromID = Whatever37
GetProcessNameFromPEProcess = Whatever38
GetIDTCurrentThread = Whatever39
GetIDTs = Whatever40
MakeWritable = Whatever41
GetLoadedState = Whatever42
ChangeRegOnBP = Whatever43
DBKSuspendThread = Whatever44
DBKResumeThread = Whatever45
DBKSuspendProcess = Whatever46
DBKResumeProcess = Whatever47
KernelAlloc = Whatever48
GetKProcAddress = Whatever49
Protect2 = Whatever50
test = Whatever51
useIOCTL = Whatever52
DBKGetDC = Whatever53

Selesai replace detected string, pembuatan CE sendiri telah selesai 30%
Diposting oleh nurrohman hakim di 05.30
Label:

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)