CarbonNeuron
commented
3 years ago We just use cheat engine I'm pretty sure. @varedz and @ph0t0shop can help you better.
Closed cspotcode closed 3 years ago
CarbonNeuron
commented
3 years ago We just use cheat engine I'm pretty sure. @varedz and @ph0t0shop can help you better.
cspotcode
commented
3 years ago As a start, I was able to find the memory address of the Menu/Lobby/Started enumeration. The next hurdle is working backwards from there to find the offset of the game client. I'm looking at the code here:
I see that it is dereferencing a series of pointers. I assume a pointer to the game client is stored in a static field, so it lives at a fixed memory offset. And then you traverse through several heap-allocated objects from there dereferencing pointers. Are there any tricks or tools to do the reverse, going from the memory offset I discovered above back to the offset of the client? Or is my approach fundamentally wrong, and I should be taking a different approach?
varedz
commented
3 years ago Hey there, I'm working on support for these new versions coming out, although priority will always start with Steam. My priority is always going to be Steam -> Epic Games -> Microsoft Store But after every update should take roughly 30 minutes to get to your version.
Thanks for the inquiry.
varedz
commented
3 years ago There are some major complications with Microsoft Store, unfortunately as of this time, I don't believe I'll be able to support it. If there are any changes, I will inform you.
cspotcode
commented
3 years ago Are you able to elaborate at all on the nature of the complications?
varedz
commented
3 years ago Sure. So unfortunately Microsoft Store's protection to their folders are very insane. I'm unable to access any files, and the capture cannot read the hash of the file due to insufficient permissions.
neswii
commented
3 years ago I can confirm their drm is ridiculous. Everything about every game installed is encrypted and not accessible even with admin rights.
On Sat, Dec 19, 2020 at 2:03 PM varedz notifications@github.com wrote:
Sure. So unfortunately Microsoft Store's protection to their folders are very insane. I'm unable to access any files, and the capture cannot read the hash of the file due to insufficient permissions.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/denverquane/amonguscapture/issues/116#issuecomment-748518694, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFKLEXXUSNJCTCD36ZLZAR3SVUBKVANCNFSM4VCCKJKA .
varedz
commented
3 years ago I tried my best, there was simply not much I could do.
cspotcode
commented
3 years ago I've hit the same limitation, so instead of reading a hash of the binary, I'm reading the version number from their appx manifest. Despite the encryption, I'm still able to read memory of the running process. If I can figure out the right memory offsets, I should be able to associate them with the version number, right?
I'm using PowerShell's Get-AppxPackage cmdlet, but there is probably a dotnet API if you don't feel like spawning an external process.
Here's some related code I'm working on where I use powershell to get a version number. https://github.com/ottomated/CrewLink/pull/422
varedz
commented
3 years ago Already aware of that, although we use hash because cracked versions share the same version number in the analytics.
cspotcode
commented
3 years ago Do cracked versions install via the same Appx mechanism? Does Windows give us a way to prove that the Among Us process comes from a legitimately installed Windows Store version of the game?
varedz
commented
3 years ago I believe they do, and I don't believe there's a better way to better detect a legitimate process of the game.
varedz
commented
3 years ago As well without access to the game files, stats would have to be disabled for Microsoft Store, there are just simply to many complications with it.
varedz
commented
3 years ago Alright, in conclusion we would like to support Microsoft Store version, but we simply cannot. I'm going to be closing this now but before I do if you would like the pointers I've acquired I will give them to you. Although, I will not be continuing support for Microsoft Store version.
AmongUsClient - 0x21D0EA0 GameData - 0x21D0E60 HudManager - 0x1D50138 GameStartManager - 0x1D6C3F8 ServerManager - 0x1D557D8 GameOptions - 0x21D0DF8
EDIT -- These pointers are not tested and I'm unsure if they will work or not.
cspotcode
commented
3 years ago I understand; thanks for sharing.
chamchamchomp
commented
3 years ago i don't mean to sound rude. is Epic Games supported yet? as you mentioned your priority is Steam > Epic Games > Microsoft store. and no mention of support on the updates.
CarbonNeuron
commented
3 years ago Epic games is supported as of 82867eaf4a96abada8d343f74b18801e9a14a682
I'm trying to figure out the memory offsets for the Windows Store / XBox / GamePass edition of the game. I'm using Artmoney to figure out the memory offsets. Are there any tricks or tools used to figure them out?