Solved How can i bypass a Debug Check

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

luminousgamerz

Newbie
Full Member
Nov 17, 2015
11
232
0
So in this game if you try and debug it there is a function that manages to crash you. Now the only way i would of thought i could find the function would be to debug it but that is impossible because when i try to do that the game crashes.
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,118
78,998
2,392
Try setting the Cheat Engine Debugger to VEH in the Settings. If that doesn't work, you must reverse engineer the game and find what is detecting your debugger. Then you will have to either bypass the detection by not tripping it's detection method or by patching it.

https://guidedhacking.com/threads/how-to-get-started-with-anticheat-bypass.9882/

You can learn more here:
An Anti-Reverse Engineering Guide
https://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf
 
Last edited:

luminousgamerz

Newbie
Full Member
Nov 17, 2015
11
232
0
Rake;43877 said:
Try setting the Cheat Engine Debugger to VEH in the Settings. If that doesn't work, you must reverse engineer the game and find what is detecting your debugger. Then you will have to either bypass the detection by not tripping it's detection method or by patching it. You can learn more here:
https://www.codeproject.com/Articles/30815/An-Anti-Reverse-Engineering-Guide
https://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf
So my friend told me it works in page permission hooks and what the game is doing is checking the page permissions. Is there a way around this?
 

luminousgamerz

Newbie
Full Member
Nov 17, 2015
11
232
0
Rake;43877 said:
Try setting the Cheat Engine Debugger to VEH in the Settings. If that doesn't work, you must reverse engineer the game and find what is detecting your debugger. Then you will have to either bypass the detection by not tripping it's detection method or by patching it. You can learn more here:
https://www.codeproject.com/Articles/30815/An-Anti-Reverse-Engineering-Guide
https://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf
So my friend told me it is doing page permission hooks by checking the page permissions. Is there a way around this?
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,118
78,998
2,392
Ok even if ik how it works how can i find the function to stop it via ida?
You have no clue what you're doing. Please learn to hack on games without anti-debug and anti-cheat. Then when you're smart enough, you can bypass anti-cheat
 

_kappa

Newbie
Full Member
Jun 24, 2016
31
478
4
When I attack anti debugging techniques, I try to test out the waters by switching breakpoint types, software/hardware/memory breakpoints. If one of these methods work without switching the debugger type, the technique has to be breakpoint related. If it's the other way around, the technique is related to the debugger type. If you don't want to reverse the target, you could read up on popular anti debugging techniques and guess your way from there.

Some Functions:
IsDebuggerPresent
CheckRemoteDebuggerPresent
NtQueryObject
NtQuerySystemInformation
NtSetInformationThread
NtContinue
CloseHandle
GenerateConsoleCtrlEvent
OutputDebugString
...

Some Flags:
Trap-flag
IsDebugged
NtGlobalFlag
Heap-flag
...

If none of these anti debugging techniques are used, you will need to learn how your current debugger works. This is for being able to check each debugging related API that the target can use as an anti debug technique in the case of your debugger.
 
Last edited:

luminousgamerz

Newbie
Full Member
Nov 17, 2015
11
232
0
OMFG ik exactly how it works and what it is doing but don't know how to find it like i have been saying since the start of the thread but no one has been paying attention!
 

r4z0r

Coder
Meme Tier VIP
Jul 21, 2016
246
2,678
13
OMFG ik exactly how it works and what it is doing but don't know how to find it like i have been saying since the start of the thread but no one has been paying attention!
If u know exactly what ur doing why are you asking something? Btw _kappa gave u lots of hints...
 

_kappa

Newbie
Full Member
Jun 24, 2016
31
478
4
Start of by learning the basics of guard pages (https://msdn.microsoft.com/en-us/library/windows/desktop/aa366549(v=vs.85).aspx). The way your target most likely detect your debugger is from your software breakpoints. If a write occurs to a read-only page, it's permissions are changed to read+write. The fault handler will then return the faulting instruction, thus detecting your breakpoint.

Overcoming this problem:
1. Learn about the fault handler mechanism to disable its detection.
2. Don't use software breakpoints.
 
Last edited:
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods