Very simple. Write a dll that creates a messagebox in the main thread. While the messagebox is up, the execution of engine.exe is on hold, so you can attach olly.
Hello, i have noticed quite a bit of anti-reverse engineering added in to CA, the one i'm having trouble with is the privilege level of CA, it seems to elevate itself to system level or something...whenever i try to attach (or get any process info) it gives me Access Denied even when run as administrator
Any ideas for how to elevate ollydbg or make it able to attach to engine.exe?
[EDIT]
accidentally put it in the wrong section, if a mod could move plox
Last edited by qwerty01; 09-08-2011 at 08:07 PM.
Very simple. Write a dll that creates a messagebox in the main thread. While the messagebox is up, the execution of engine.exe is on hold, so you can attach olly.
already tried that
it seems they check for (or attempt to attach) another debugger before running engine -- it doesn't run correctly, and nothing is unpacked
I've noticed that you cannot attach it after all it's anti-hack stuff loads...
you can't patch something that controls control flow...
but it sounds like it'd be too much work to bypass it =/
But you need Egnine.exe for some addresses
No I do not make game hacks anymore, please stop asking.