dekoda-uc
commented
1 month ago this would be an easy way:
const char* image_name = "r5apex.exe";
LOG("name_hash: %p\n", *(QWORD*)(image_name));Closed itsRythem closed 1 month ago
dekoda-uc
commented
1 month ago this would be an easy way:
const char* image_name = "r5apex.exe";
LOG("name_hash: %p\n", *(QWORD*)(image_name));
itsRythem
commented
1 month ago that appears to give a different result as the value that is returned for apex is 0x7265726f6c707865 while what you provided gives 7290897223831860594
dekoda-uc
commented
1 month ago Try a little harder, please
const char* image_name = "r5apex.exe";
LOG("name_hash: %llx\n", *(QWORD*)(image_name));correction: %llx
apex is: 0x652e786570613572
itsRythem
commented
1 month ago ty
The EFI cheat uses PsGetProcessImageFileName to get "image file names" and checks if the process is running i think? However i want to expand this for other games, but i cannot seem to find where these values are obtained. In the apex cheat, it checks for "0x7265726f6c707865" where did you obtain this? Dumping the value of all processes with the win api function GetProcessImageName returns the games path. Please help, thank you.