Welcome to dEViATED. We provide PC trainers, cheats, mods and game trainers and a gamehacking forum for discussions and help. We have pc cheats, cheat engine tables and mods for various old and new single player games.

These are some of the latest trainers released by us and supported fully.
Assassin's Creed Rogue Trainer
Grand Theft Auto 5 Trainer



Sign in to follow this  
Followers 0

Signature Scanner

19 posts in this topic

Posted

Please do not spread this application to any other website. This is exclusive for members from this forum.

This application will scan a byte pattern through a certain process and module.

If it succeeds it will return the beginning address of the the given pattern and

the lenght of the given pattern.

USAGE/NOTE:

1) Select your process and press Set button

2) Select a DLL if needed

3) Enter your signature byte per byte seprated by a space.

4) Press the scan button and wait, result will show up and the lenght

of your pattern

Example:

The xlive memory bypass pattern (Found by Psych) is:

8B EC 83 EC 20 53 56 57 8D 45 E0 33 F6 50 FF 75 0C 8B F9

Writing these bytes into the Signature Pattern box will search for this pattern

through the selected process/module. If it succeeds it returns the address in memory

where this pattern starts. Also it will return the lenght of the given pattern.

Make sure you always write 2 numbers for every byte. Do not use a 0 in front of it

like: 0FF. Just a plain byte XY where x and y must be a hex number (0 TO F).

The Xlive button will try to patch the memory checks that xlive does. This does not

disable any debugging code, just the memory check. If you don't know what this is then

don't even use it. Make sure your game does use xlive, eventough I've implement checks

to not patch if the xlive.dll is not found.

The "No Module/Refresh" button will refresh the module's list. If you want to scan the

module of the EXE itself, then just press the button to make it blank. Blank means it

will scan from the base of the EXE itself.

Enjoy!

v1.0: 19:23 27/06/2010

-----------------------

No extra notes for this release, because it's the first one :).

dvt-sgscn.rar

Share this post


Link to post
Share on other sites

Posted

Wow nice little snippet you got there. I will test it later on. To see how fast it is. Cause else the source code can be really handy for me to put it inside the trainers ^^

Share this post


Link to post
Share on other sites

Posted

This is actually a release without the source code. Just the application.

I would really appreciate if you could test it. Also try the xlive patcher, if it works.

Thanks

Share this post


Link to post
Share on other sites

Posted

Just tested it. And guess what, as expected.. works like a charm :D

gimme gimme gimme :)

Share this post


Link to post
Share on other sites

Posted

You can implement this two ways in your trainer. One would be to inject a dll, and read the memory directly and use a scan function to search your signature. A second method is to just use ReadProcessMemory and compare your signature through this way.

But I failed many times trying to figure out a good and fast method. And I'm still not confident it will work 100%. There's always something that fails for some reason. I spent hours sometimes on a small bug, really frustrating. But hopefully it will work good enough now.

Share this post


Link to post
Share on other sites

Posted

Yeah I know what you mean. I also managed to make a scanner. But I dont think 5 minutes for each signature is handy :)

Share this post


Link to post
Share on other sites

Posted

Yeah I know what you mean. I also managed to make a scanner. But I dont think 5 minutes for each signature is handy :)

Just an idea:

If the trainer is opened for the first time do a search and save what you found in a file.

When it's run again check if the bytes in the file are still in the same place (save the place too in the file).

If not run the search again.

Share this post


Link to post
Share on other sites

Posted

Well my idea was to put it in trainers. Cause then the trainer wont need to update on every single game patch. If you know what I mean. :)

Share this post


Link to post
Share on other sites

Posted

Nice APP!, i am sure it would come in handy

Share this post


Link to post
Share on other sites

Posted

Very nice. In case you used C/C++ you can add these lines to make the controls use the theme of the operating system, not that it makes any difference but I just hate the way those controls look so out of style :)


#pragma comment(linker,"/manifestdependency:\"type='win32' name='Microsoft.Windows.Common-Controls' ""version='6.0.0.0' processorArchitecture='X86' publicKeyToken='6595b64144ccf1df' language='*'\"")

Share this post


Link to post
Share on other sites

Posted

Hehe Sorry Aspras this time I really didn't focus on looks at all :).. And it's done in asm, I'll keep that in mind if I update it in the future.

1 person likes this

Share this post


Link to post
Share on other sites

Posted

it's not working anymore. 3.4.18.0 - my xlive version. Proces EFLC.exe/module xlive.dll/sig pattern 8B EC 83 EC 20 53 56 57 8D 45 E0 33 F6 50 FF 75 0C 8B F9/and then i clickXlive button. after a secont game crash. Thats funny- when i used only trainer i could play half a minute with working trainer, but then game crash crash.

Share this post


Link to post
Share on other sites

Posted

Yeah Microsoft released a new version of Games for Windows Live couple of days back. Guess they finally managed to change the signature patern :)

Share this post


Link to post
Share on other sites

Posted

Aw, BAD NEWS!. Guess we will see a halt in trainers for sometime.

Share this post


Link to post
Share on other sites

Posted

Yeah Microsoft released a new version of Games for Windows Live couple of days back. Guess they finally managed to change the signature patern :D

Nah, the bypass still works. The problem is the patcher.

Patcher c2 cc 00 90 90 <--wrong

Should be c2 0c 00 90 90 or c2 0c 00 without the nops

I use a different method for this, just jump the function.

@kemicza

Outof curiosity, why wouldnt you just hardcode the byte sequence and xlive module in the source.

From what i gather, the app only patches the integrity check. So pasting the pattern and choosing the xlive module isnt really needed. More work for the lazy people like me!

Share this post


Link to post
Share on other sites

Posted

kemicza is no more, left the team.

Share this post


Link to post
Share on other sites

Posted

Darn! oh well

I'll probably post up my scanner with the source. Its C# though. From reading your posts, you luv the old C# lol jk

With noob coding, just how i like it :D

Share this post


Link to post
Share on other sites

Posted

kemicza is no more, left the team.

wonder why someone with so much skill left the one and only

best place to hangout on the net

Share this post


Link to post
Share on other sites

Posted

wonder why someone with so much skill left the one and only

best place to hangout on the net

 

Some friendships aren't meant to last forever i guess, we were really close and he made this place amazing but he left for good after our fight over a stupid title. I did try to get him back but he has made his decision. Just dig old titles and you'll know which fight i am talking about (or were they in private forums can't remember)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0