Update v2020.9.22s

[v0idp]

• updated il2cpp funcs/types
• deobfuscated all necessary funcs/types

solves issue #16 and #12

[caiocinel]

This pull stops most functions from working.

[v0idp]

This pull stops most functions from working.

whopsie, I just tried radar and was quick with the test. can you ellaborate on what didn't work ? EDIT: Seems like I did a major fuck-up in the de-obfuscation. For some reason getting player data seems to work just fine tho.

[caiocinel]

This pull stops most functions from working.

whopsie, I just tried radar and was quick with the test. can you ellaborate on what didn't work ?

Me and some friends are taking a look at what I could do.

This last commit is important for the current version, it could be done in a different pull to avoid problems.

[caiocinel]

You can also move the "if (IsInGame ())" to the beginning of the "RenderRadar" function, this will avoid the empty radar at the beginning of the game.

[mlucap]

Using this branch, calling a meeting crashed the game. Also a few things don't seem to work. But it did inject which is a step in the right direction

[v0idp]

Radar hack seems to work fine for me. Tested it in a few rounds. But we definitely need to get that obfuscation problem solved

[nitreojs]

so, without these changes, cheat didnt work: i downloaded the dll from UnknownCheats, injected using Process Hacker 2 (LoadLibrary), pressed Delete - crash. tried also Kirin injector (ManualMap, as i understood), pressed Delete - crash. then i understood - new 2020.9.22 version is just obfuscated and cheat cannot do anything about it cuz not updated, then i downloaded visual studio, downloaded the repository, inserted your changes and whoosh - cheat injects! didnt try it out, gonna test the cheat next hour or smth like that

[sanderDijkxhoorn]

Yeah 22s is not working for me with 9s with the version that is publicly released works perfect

[nitreojs]

radar works fine, but other functions dont... even Mark Impostors dont work! didnt try anything about chat, but i think it wont work either; cant vote off, kick, murder players, i can teleport to users but then interface is broken at all!; rainbow colors 4 all & random clothes arent working too; modifiers arent working; changing color aint working too; completing tasks is working, lol! chat spamming aint working... ban points are resetting but i have no idea what is this...

[v0idp]

radar works fine, but other functions dont... even Mark Impostors dont work! didnt try anything about chat, but i think it wont work either; cant vote off, kick, murder players, i can teleport to users but then interface is broken at all!; rainbow colors 4 all & random clothes arent working too; modifiers arent working; changing color aint working too; completing tasks is working, lol! chat spamming aint working... ban points are resetting but i have no idea what is this...

yes had some tests today to. Was happy that tasks is working still and Radar and showing players too. Not sure what happened but maybe duplicate functions thanks to the obfuscation which do nothing to trap us ? Some proper de-obfuscation would probably help but I'm not an expert on that field.

[nitreojs]

btw what if i will build current master repository and play in 2020.9.9? will all functions work?

[v0idp]

btw what if i will build current master repository and play in 2020.9.9? will all functions work?

no. different offsets and pointers

[nitreojs]

that makes sense

[nitreojs]

so you (we) (somebody) are going to try to fix that by deobfuscating or what? i'll try to understand something and try something out

[v0idp]

I don't have time to do more than the manual work I did previously so if anyone got the time and expertise to do so feel free to write a proper deobfuscator and func/type names restorer

[domints]

Actually I compiled your version and it fails to inject into my Among Us, .22 version from Steam. Legitimate. On injection I get error: ChristWareAU.dll caused an Access Violation (0xc0000005) in module ChristWareAU.dll at 0023:1f5001aa.

Stack trace: Stack Trace of Crashed Thread 6220: 0x1F5001AA (ChristWareAU) [C:\Projects\ChristWareAmongUs\user\D3D11Hooking.cpp:78] GetD3D11PresentFunction 0x1F50AF7F (ChristWareAU) [C:\Projects\ChristWareAmongUs\user\main.cpp:669] Run 0x7629F989 (KERNEL32) BaseThreadInitThunk 0x77B374B4 (ntdll) RtlGetAppContainerNamedObjectPath 0x77B37484 (ntdll) RtlGetAppContainerNamedObjectPath

What is more, original version from this repository's master also crashes game for me in the same way, just with different module address.

EDIT: Also, by default linker is mad at me because it can't resolve symbol _D3D11CreateDeviceAndSwapChain@48. It gets fixed when I add #pragma comment(lib, "d3d11.lib") in the main.cpp, between the line 4 and 5. Might it be caused by different version of DirectX? My Windows 10 machine is almost freshly installed, not more than month ago, latest build, everything's updated.

[caiocinel]

Actually I compiled your version and it fails to inject into my Among Us, .22 version from Steam. Legitimate. On injection I get error: ChristWareAU.dll caused an Access Violation (0xc0000005) in module ChristWareAU.dll at 0023:1f5001aa.

Stack trace: Stack Trace of Crashed Thread 6220: 0x1F5001AA (ChristWareAU) [C:\Projects\ChristWareAmongUs\user\D3D11Hooking.cpp:78] GetD3D11PresentFunction 0x1F50AF7F (ChristWareAU) [C:\Projects\ChristWareAmongUs\user\main.cpp:669] Run 0x7629F989 (KERNEL32) BaseThreadInitThunk 0x77B374B4 (ntdll) RtlGetAppContainerNamedObjectPath 0x77B37484 (ntdll) RtlGetAppContainerNamedObjectPath

What is more, original version from this repository's master also crashes game for me in the same way, just with different module address.

EDIT: Also, by default linker is mad at me because it can't resolve symbol _D3D11CreateDeviceAndSwapChain@48. It gets fixed when I add #pragma comment(lib, "d3d11.lib") in the main.cpp, between the line 4 and 5. Might it be caused by different version of DirectX? My Windows 10 machine is almost freshly installed, not more than month ago, latest build, everything's updated.

Change to Release to compile.

Debug have this problem.

[domints]

@caiocinel I've changed to release after I saw mention in other issue and it fixed the build issue, but it didn't fix the Access Violation issue, unfortunately.

[v0idp]

@caiocinel I've changed to release after I saw mention in other issue and it fixed the build issue, but it didn't fix the Access Violation issue, unfortunately.

Do you have an anti virus stopping your from memory temporing

[domints]

Nope, the only antivirus I have is Windows Defender. It refuses to accept the DLL from UnknownCheats (until I manually unquarantine it), but doesn't make any problems with changing the memory of for example HoMM 3. Also, shlifedev/AmongUsMemory project works like a charm (it also works on the memory) but it doesn't inject DLLs and doesn't have any DirectX hooks.

[v0idp]

Nope, the only antivirus I have is Windows Defender. It refuses to accept the DLL from UnknownCheats (until I manually unquarantine it), but doesn't make any problems with changing the memory of for example HoMM 3. Also, shlifedev/AmongUsMemory project works like a charm (it also works on the memory) but it doesn't inject DLLs and doesn't have any DirectX hooks.

I'm pretty sure it's a windows antitemparing or bios setting that prevents your from injecting the dll. access violation basically just means the memory region was protected and the injection was blocked due to missing writing permissions. that's very unusual and should never happen without an antivirus blocking it.

[coolnickname]

Do you have any resources on how you reverse engineered the functions in this PR? I know most of them are wrong, but since some work it might just require a little trial and error.

[ExtraConcentratedJuice]

Nope, the only antivirus I have is Windows Defender. It refuses to accept the DLL from UnknownCheats (until I manually unquarantine it), but doesn't make any problems with changing the memory of for example HoMM 3. Also, shlifedev/AmongUsMemory project works like a charm (it also works on the memory) but it doesn't inject DLLs and doesn't have any DirectX hooks.

I'm pretty sure it's a windows antitemparing or bios setting that prevents your from injecting the dll. access violation basically just means the memory region was protected and the injection was blocked due to missing writing permissions. that's very unusual and should never happen without an antivirus blocking it.

He injected the cheat successfully, it's just that the cheat crashed when attempting to access a pointer to some garbage memory address

[v0idp]

Do you have any resources on how you reverse engineered the functions in this PR? I know most of them are wrong, but since some work it might just require a little trial and error.

I took earlier dumps and compared them to the new one, looked for similiar or in this case for the exact same structures and found out what the obfuscated names they were. apparently there are some duplicates or something else has changed which broke a few things. basically did that all manually.

Nope, the only antivirus I have is Windows Defender. It refuses to accept the DLL from UnknownCheats (until I manually unquarantine it), but doesn't make any problems with changing the memory of for example HoMM 3. Also, shlifedev/AmongUsMemory project works like a charm (it also works on the memory) but it doesn't inject DLLs and doesn't have any DirectX hooks.

I'm pretty sure it's a windows antitemparing or bios setting that prevents your from injecting the dll. access violation basically just means the memory region was protected and the injection was blocked due to missing writing permissions. that's very unusual and should never happen without an antivirus blocking it.

He injected the cheat successfully, it's just that the cheat crashed when attempting to access a pointer to some garbage memory address

Oh I get it now. I'm not really sure why this would happen tho. Only using the pointers given by the inspector

[domints]

@v0idp Would you maybe be so kind and compile dll on your PC and provide it to me somehow? That could show if that's something during compilation or in runtime. I saw that in UnknownCheats author of the lib mentiones he had problems with DirectX on his friends' PCs, but he allegedly solved them. Maybe not well enough :)

[v0idp]

@v0idp Would you maybe be so kind and compile dll on your PC and provide it to me somehow? That could show if that's something during compilation or in runtime. I saw that in UnknownCheats author of the lib mentiones he had problems with DirectX on his friends' PCs, but he allegedly solved them. Maybe not well enough :)

I uploaded it for you here: https://www.file-upload.com/wmh9heetybri

[domints]

@v0idp Would you maybe be so kind and compile dll on your PC and provide it to me somehow? That could show if that's something during compilation or in runtime. I saw that in UnknownCheats author of the lib mentiones he had problems with DirectX on his friends' PCs, but he allegedly solved them. Maybe not well enough :)

I uploaded it for you here: https://www.file-upload.com/wmh9heetybri

Thank you, it worked. Then, I guess that must be something during the compilation phase. Wrong DirectX version linked or something...

[altoms]

yo @v0idp how u use il2cppinspector on new version among us assembly-Csharp?

mine always doesn't work like "sequence contains no matching elements"

[illuminator3]

@v0idp Would you maybe be so kind and compile dll on your PC and provide it to me somehow? That could show if that's something during compilation or in runtime. I saw that in UnknownCheats author of the lib mentiones he had problems with DirectX on his friends' PCs, but he allegedly solved them. Maybe not well enough :)

I uploaded it for you here: https://www.file-upload.com/wmh9heetybri

Would you mind providing a workupload/mediafire link? Your link opens a page with tons of p*n ads and I almost accidentally installed a fcking media player lol