General
Reply With QuoteI've never worked with it, but I think you're working backwards.
Start from the protectee and see how it interfaces with gameguard. You'll probably be lead to a call via a static variable which will have the address of the imported routine loaded into it via GetProcAddress, dig around in there. Fasdoj sodghdfjg Once I get more time(hopefully the coming weekend) I can write an applied reverse engineering section in my article(In my sig)
Which reminds me, I should have a section in there about delay-loaded libraries.
Thread: [HELP]GameGuard
Results 1 to 8 of 8
-
04-11-2011 #1Member
- Join Date
- Mar 2011
- Gender
- Posts
- 134
- Reputation
10- Thanks
- 65
- My Mood
-
[HELP]GameGuard
Uhm , Anyone Knows what is the main DLL of GameGuard?
just like in warrock international hackshield its EhSvc.dll
anyone knows it?
------------------------------------------------------
I think its wrong section
-Busted-
-
04-12-2011 #2MPGH God IV
- Join Date
- Jan 2007
- Gender
- Location
- Posts
- 8,858
- Reputation
- 381
- Thanks
- 1,823
- My Mood
-
There are two types of tragedies in life. One is not getting what you want, the other is getting it.
If you wake up at a different time in a different place, could you wake up as a different person?
-
The Following 3 Users Say Thank You to radnomguywfq3 For This Useful Post:
Hell_Demon (04-12-2011),kibbles18 (05-08-2011),whit (04-12-2011)
-
04-12-2011 #3Banned
- Join Date
- Mar 2011
- Gender
- Location
- Posts
- 935
- Reputation
-41- Thanks
- 55
- My Mood
-
Why would you want to know? want to craps a friends game? delte like about 5-6 DLLS and that should do it.
-
04-12-2011 #4Some l33t h4x0r.
- Join Date
- Apr 2010
- Gender
- Location
- Posts
- 8,858
- Reputation
3438- Thanks
- 101,670
- My Mood
-
Oh gawd. That better be sarcasm, otherwise,
Originally Posted by **********
Donate:
BTC: 1GEny3y5tsYfw8E8A45upK6PKVAEcUDNv9
Handy Tools/Hacks:
Extreme Injector v3.7.3
A powerful and advanced injector in a simple GUI.
Can scramble DLLs on injection making them harder to detect and even make detected hacks work again!
Minion Since: 13th January 2011
Moderator Since: 6th May 2011
Global Moderator Since: 29th April 2012
Super User/Unknown Since: 23rd July 2013
'Game Hacking' Team Since: 30th July 2013
--My Art--
[Roxas - Pixel Art, WIP]
[Natsu - Drawn]
[Natsu - Coloured]
All drawings are coloured using Photoshop.
--Gifts--
[Kyle]
-
04-12-2011 #5Banned
- Join Date
- Mar 2011
- Gender
- Location
- Posts
- 935
- Reputation
- -41
- Thanks
- 55
- My Mood
-
So its noticable
-
04-12-2011 #6Dual-Keyboard Member
- Join Date
- Mar 2011
- Gender
- Posts
- 325
- Reputation
- 101
- Thanks
- 411
- My Mood
-
GameMon.des - a separate process which interfaces with the npgamelib via named pipe.
If your game doesn't implement CSAuth2, all you need to do is nop a call to CreateProcess and maybe a few other checks. Luckily for you, CSAuth2 is extensively documented.
Anyways, most people use custom implementations of GetProcAddress.Last edited by Fovea; 04-12-2011 at 02:16 PM.
-
04-12-2011 #7MPGH God IV
- Join Date
- Jan 2007
- Gender
- Location
- Posts
- 8,858
- Reputation
- 381
- Thanks
- 1,823
- My Mood
-
That too, if they do you need to break on read of the libraries export tables. Or just look for calls close to LoadLibraryA(which can have a custom implementation too.) In thus case you could look for APIs to allocate large memory sections. Originally Posted by Fovea
I always thought that the game would interface with external GG related processes and drivers via a GameGuard dll. It makes sense in a design prospective to do.Last edited by radnomguywfq3; 04-12-2011 at 06:56 PM.
There are two types of tragedies in life. One is not getting what you want, the other is getting it.
If you wake up at a different time in a different place, could you wake up as a different person?
-
04-25-2011 #8Expert Member
- Join Date
- Apr 2011
- Gender
- Posts
- 565
- Reputation
- 10
- Thanks
- 225
- My Mood
-
so what is the main .dll of gameguard?