Senin, 09 Maret 2009

Replace Detected String (Bag1)





Replace Detected String (Bag1)

Setelah menyelesaikan semua tahapan di awal, kini saatnya untuk melakukan editing pada string yang menyebabkan CE dikenali oleh GG.

3 a. Bukalah file dbk32.dpr yang berada dalam folder dbk32 dengan menggunakan delphi. Kemudian pilih menu view>Project Manager klik lah pada dbk32.dll sehingga muncul dbk32function. Lakukan double klik pada file tersebut kemudian carilah :

    CEDRIVER53 = Whatever1 (same thing as CEDRIVER53)
    DBKProcList53 = Whatever2 (same thing as DBKProcList53)
    DBKThreadList53 = Whatever3 (same thing as DBKThreadList53)
    dbk32.sys = Whatever.sys

Gambar 6

Simpan dan tutup delphi nya

3 b. Bukalah ASR (Actual Search and Replace), Pilih menu File > Settings > Editor. Carilah file “delphi32.exe” dan OK (umumnya file delphi32.exe berada pada “C:\Program Files\BorlandDelphi7\Bin\delphi32.exe”
Gambar 7

Kemudian pilih tab ‘Option’, pilih “include subfolders”.
Masukkan pada kotak “Masks” –> newkernelhandler.pas; DBK32funcionts.pas; DBK32.dpr
Pilih lah folder utama cheat engine pada kotak “Path”, dan pilih “whole words” yang berada dibawah kotak path
Gambar 8

carilah string berikut ini dan ubahlah (lebih baik di copy dalam notepad terlebih dulu, karena di bagian berikutnya akan digunakan lagi)

    VQE = Whatever4
    OP = Whatever5
    OT = Whatever6
    NOP = Whatever7
    RPM = Whatever8
    WPM = Whatever9
    VAE = Whatever10
    CreateRemoteAPC = Whatever11
    ReadPhysicalMemory = Whatever12
    WritePhysicalMemory = Whatever13
    GetPhysicalAddress = Whatever14
    GetPEProcess = Whatever15
    GetPEThread = Whatever16
    ProtectMe = Whatever17
    UnprotectMe = Whatever18
    IsValidHandle = Whatever19
    GetCR4 = Whatever20
    GetCR3 = Whatever21
    SetCR3 = Whatever22
    GetSDT = Whatever23
    GetSDTShadow = Whatever24
    setAlternateDebugMethod = Whatever25
    getAlternateDebugMethod = Whatever26
    DebugProcess = Whatever27
    StopDebugging = Whatever28
    StopRegisterChange = Whatever29
    RetrieveDebugData = Whatever30
    GetThreadsProcessOffset = Whatever31
    GetThreadListEntryOffset = Whatever32
    GetDebugportOffset = Whatever33
    GetProcessnameOffset = Whatever34
    StartProcessWatch = Whatever35
    WaitForProcessListData = Whatever36
    GetProcessNameFromID = Whatever37
    GetProcessNameFromPEProcess = Whatever38
    GetIDTCurrentThread = Whatever39
    GetIDTs = Whatever40
    MakeWritable = Whatever41
    GetLoadedState = Whatever42
    ChangeRegOnBP = Whatever43
    DBKSuspendThread = Whatever44
    DBKResumeThread = Whatever45
    DBKSuspendProcess = Whatever46
    DBKResumeProcess = Whatever47
    KernelAlloc = Whatever48
    GetKProcAddress = Whatever49
    Protect2 = Whatever50
    test = Whatever51
    useIOCTL = Whatever52
    DBKGetDC = Whatever53

Selesai replace detected string, pembuatan CE sendiri telah selesai 30%

Diposting oleh di
Label:

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)