maybegreat48
commented
10 months ago Are you hooking 48 89 5C 24 08 57 48 83 EC 20 48 8B B9 18 02? I'll try to fix this in my PR
Closed tyackman closed 10 months ago
maybegreat48
commented
10 months ago Are you hooking 48 89 5C 24 08 57 48 83 EC 20 48 8B B9 18 02? I'll try to fix this in my PR
tyackman
commented
10 months ago Nope. Nothing has been hooked additionally.
tyackman
commented
10 months ago happened again(modified, packed version): [16:29:31.0923931][INFO/QueueDependency.cpp:52] Caught unwanted dependency: RDR2.exe+ADE790
maybegreat48
commented
10 months ago You're somehow breaking the anticheat patch. Can you list some of your changes? This is the function that is being blocked
char __fastcall rage::Security::SigScanLoop(__int64 a1)
{
int v1; // eax
_DWORD *v2; // rdi
__int64 sig_scan_data; // rbx
__int64 v5; // [rsp-10h] [rbp-28h] BYREF
LARGE_INTEGER time_to_scan; // [rsp+20h] [rbp+8h] BYREF
LARGE_INTEGER v7; // [rsp+28h] [rbp+10h] BYREF
LARGE_INTEGER v8; // [rsp+30h] [rbp+18h] BYREF
__int64 v9; // [rsp+38h] [rbp+20h] BYREF
v2 = *(a1 + 0x30);
sig_scan_data = *(*(a1 + 0x28) + 0x798i64);
sub_7FF777F8CCF8(&time_to_scan);
while ( 1 )
{
v1 = rage::Security::ProcessSigScans(sig_scan_data, &time_to_scan);
if ( v1 == 2 )
break;
if ( v1 != 3 )
{
if ( v1 == 1 )
{
QueryPerformanceCounter(&v7);
time_to_scan = v7;
}
QueryPerformanceCounter(&v8);
if ( ((v8.LowPart - time_to_scan.LowPart) * *&script_time_within_frame_in_microseconds) <= 1000.0 )
continue;
}
*v2 = 2;
return 1;
}
v9 = 0i64;
rage::Security::StoreSecureVariable(sig_scan_data, &v9);
v5 = -1i64;
rage::Security::StoreSecureVariable(sig_scan_data + 96, &v5);
*(sig_scan_data + 0xC0) = 1;
*v2 = 3;
return 1;
}It does have an anti-debugger thread running including the use of virtualalloc writewatch and some other common antidebugger memes. I'm calling ThreadHideFromDebugger on the debugger thread as well. Only feature I added to the menu that would remain on when I load the menu would be lawless mode (LAW::_SET_LAW_DISABLED). Ive also included cprlib to the cmake lists and use that for web requests. Binary packed using Themida. And incase u get any intrusive thoughts, no, I'm not selling this, its a meme for my friends and I l0l.
Additionally I have added a ped/composite/treasure chest spawner, player model scale and weather changer but they weren't used at the time of the crashes so I don't think they matter, but here they are anyways...
tyackman
commented
10 months ago Been testing without the anti-debugger and still caught @ RDR2.exe+ADE790. That leaves Themida on the table pretty much... I guess ill test without packing for a while
Edit: Just caught it again, without using Themida. Not sure...
xiaoxiao921
commented
10 months ago You'll have to go further and match horsemenu code 1:1 and bisect all the way back to your current fork
tyackman
commented
10 months ago It happens on unmodified horsemenu as well. RDR2.exe+ADE790. Happens when loading the menu whilst connected to a server.
maybegreat48
commented
10 months ago It happens on unmodified horsemenu as well. RDR2.exe+ADE790. Happens when loading the menu whilst connected to a server.
Yeah, that makes sense. You're supposed to load the menu in SP or the landing page to completely disable the anticheat
tyackman
commented
10 months ago Slow brain moment lol. Thanks m8.
[22:53:27.2553484][INFO/QueueDependency.cpp:52] Caught unwanted dependency: RDR2.exe+27F3254
This is all I got, there was no stack trace, this was also on my modified version, not vanilla horsemenu
Edit: this version was probably packed with themida forgot about that, sorry.