Posted: Post subject: UCE Making Step By Step. (Found this awhile ago)
Hello i found this post awhile ago so i don't know if it still works.
Credits:
RollingDice
Code:
Ok lets begin.
1. Things you will need.
- CE Source (24th May 2006)
- DDK Link by Dark Byte
- Delphi 7 Link 1 (Both links are the same)
- Delphi 7 Link 2 (Both links are the same)
- A List of the changes (Make one and find the detected strings)
- Actual Search & Replace (Keygen attached below)
(Opional, but great help, highly recommended)
2. Making the DBK32.sys
2a. Locate and open Driver.dat in the main CE Source with notepad and replace the following variables.
Ok the next steps you have to be very careful or you will screw it up!
3. Replace the detected strings.
3a. Now we locate and open "dbk32.dpr" in the dbk32 Directory with Delphi.
Then we open the "Project Manager" under "VIEW" and expand "dbk32.dll" and double click on "DBK32functions" to open it.
Replace the following in DBK32functions.
CEDRIVER52 >>> Whatever1 (This is the original CEDRIVER53)
DBKProcList51 >>> Whatever2 (This is the original DBKProcList53)
DBKThreadList51 >>> Whatever3 (This is the original DBKThreadList53)
Now we will replace all those mentioned strings to something else in
dbk32.dpr (dbk32 Directory), DBK32functions (dbk32 Directory), newkernelhandler.pas (main directory).
Like so.
VQE ---> Whatever4
OP ---> Whatever5
OT ---> Whatever6
NOP ---> Whatever7
RPM ---> Whatever8
WPM ---> Whatever9
VAE ---> Whatever10
(These are just some examples, change as according to the detected strings)
Now save all and close all.
Next use the replace function and Search for "whole words only", ORIGIN select "Entire Scope". And you replace
ie. GetSDTShadow
Only replace GetSDTShadow and not GetSDT or TGetSDTShadow.
***Another method is to use Actual Search & Replace to replace all those strings in the files.
In the "file> settings> Editor" Browse and select "C:\Program Files\Borland\Delphi7\Bin\delphi32.exe"
Then under the "OPTIONS" Tab "tick" "include Subfolders".
Then Under "MASKS" you enter
"newkernelhandler.pas; DBK32functions.pas; DBK32.dpr" (";" seperates them)
Like so.
Ok once the editing is done, lets move on.
3b. Save the newkernelhandler.pas, DBK32functions.pas, DBK32.dpr in new names.
With newkernelhandler.pas, DBK32functions.pas and DBK32.dpr opened in Delphi. Go "FILE> Save As".
(These are only my changes, you can change to other names)
DBK32.dpr >>> Whatever.dpr (according to my change list "Whatever.dll")(Save in dbk32 folder)
You will see that the "library DBK32;" has been changed to "library Whatever;"
DBK32functions.pas >>> Whateverfunctions.pas (Save in dbk32 folder)
After this you will see that Whatever.dpr's "uses" and Project Manager, DBK32functions.pas will be changed to whateverfunctions.pas.
NewKernelHandler.pas >>> WhateverHandler.pas (Save in Main folder)
Now save all and close all.
Now we search and replace the following in all files (Including Subfolders)
dbk32.sys >>> Whatever.sys
dbk32.dll >>> Whatever.dll
Now open Whatever.dpr in Delphi, you compile Whatever.dll.
Go "Project> compile whatever" or Ctrl+F9.
Its ok to get "Hint" or "Warning", but if you get "Error" go recheck your steps again, coz you have made a mistake or forgot to change something somewhere.
If you do not get any Errors, your Whatever.dll will be at the main CE Source Directory.
3c. Next use "search in files" include subfolders and search for "myhook"
Rename the myhook in CEHook.dpr and hypermode.pas only to Whatever54.
Now open up CEHook.dpr in CEHook Directory with Delphi
(Note:For Borland users, you need to delete/comment out "system;" under "uses")
Then Compile it.
3d. Next open up stealth.dpr in the stealth Directory with delphi and just compile it. Nothing to change.
3e. Now open up cheatengine.dpr in the main directory with Delphi.
(Note: Make sure the cheatengine.dpr you opened is from the main directory and not DEU, NLD or RUS directory!)
Go to the Project Manager and look for newkernelhandler.pas and
CeFuncProc.pas and open both up.
And save them as:
newkernelhandler.pas >>> Whateverhandler.pas (Replace "Yes")
CeFuncProc .pas >>> Whatever56.pas
Save all and close all.
Next we search in all files (Do not include subfolders) and search for newkernelhandler and CeFuncProc, then change them to
newkernelhandler >>> Whateverhandler (EXCEPT for Newkernelhandler.pas)
CeFuncProc >>> Whatever56
3f. Next its value strings(hex)
* 00400000
* 7fffffff
* 80000000
Change them all using Find in Files (include subfolders)
Use replace. (Note do only change the values, leave the "$" alone)
Note: You must change it to a different value! Not into letters/names!
Eg:+2 from the value (Do not use -, as some may get errors)
Use your windows calculator, select "View> Scientific>", select "HEX"
Enter the values. Then select "Dec". Then you + "any value".
Then you change it back to "Hex" and use this value for these changes.
3g. Now use Search in all files (Do not include subfolders) and change the following names.
3h. Now we use Search in all files (Do not include Subfolders)(*.pas only) and change the following. (Be careful and pay extra attention to this)
CheatEngine >>> WhateverEngine (DO NOT REPLACE in cheatengine.bpg)
cheat engine >>> Whatever Engine
3i. Now Open cheatengine.bpg in the main directory. And in the Project Manager, open MainUnit and you should see the following (The GUI).
If somehow you could not find the MainUnit "body" (The GUI) as shown in the above SS, but you can see it under "Windows", go to "Object Inspector" and make sure "MainForm" is selected and look for "Left" and enter "228" and press ENTER. Now the body should pop out.
Now if you have done step 3g properly, you should see that scanvalue and the rest will be changed to Whatever58 and so on.
So just double check it to make sure, there is no need to change the captions.
And as for those Labels with "ProtectMe2", "crash me" and so on, you can just click it and delete the caption only (Do not delete the whole thing), and it will be gone.
Optional
For Versions Options, go to as shown in the below SS. Untick "include version info in project" If you do not want it.
Optional (Some may get detected if you do not change this)
In the Options, go to Application, here you can change the Application Title, Help File and Icon.
Optional
As for the Settings and About section, in the Project Manager open up "formsettingsunit" and "aboutunit".
Click on the sections you want to change and change the captions only.
(Do give some credits for Dark Byte for his Source code)
3j. Now you compile "cheatengine.exe".
But 1st make sure you are in "cheatengine.exe" as shown below!
If it says "trainerwithassembler.exe" not found.
Go to your CE Source folder, "Right click" anywhere (Empty space) and select "New Text File" and name it "trainerwithassembler.exe". Done.
(If you somehow have problem making it, I've uploaded an empty trainerwithassembler.exe below.)
You will find errors like these two examples below.
(There are more, change them to their new names accordingly)
systemcallsignal.exe (systemcallsignal.dpr in SystemcallRetriever folder)
Note:Systemcallretriver.exe uses "newkernelhandler". When we save our edited newkernelhandler.pas to Whateverhandler at step 3b. We will have both edited files in our main source directroy, so no worries.
Systemcallretriever.exe(change anything if needed)
(Systemcallretriever.dpr in SystemcallRetriever folder)
Kernelmoduleunloader.exe
(Kernelmoduleunloader.dpr in "dbk32\Kernelmodule unloader" folder)
4a. Other stuff. (Note: Make a copy of your edited source before you proceed)
- Changing project group name.
Open cheatengine.bpg from the main directory, then "save as" Whateverengine.bpg in the main directory. Close and open it again to test it.
- Change the cheatengine.exe name.
Open cheatengine.bpg from the main directory and "Right click" on cheatengine.exe and select "View Source" like so.
Then you save Cheatengine.dpr as Whateverengine.dpr.
(Note: I done this before, but this time when I do this, I close it and when I open it again, I get a "Unable to find Resource Only DLL Projects. Please enter the correct directory for the parent project." But if I cancel it, its still working. Still working this out.)
Then you compile the Whateverengine.exe.
4b. So now you have these files below, make a new folder and place them in the folder.
- WhateverEngine.exe (Cheatengine.exe)
- driver.dat
- Whatever.sys (dbk32.sys)
- Whatever.dll (dbk32.dll)
- stealth.dll
- cehook.dll
- systemcallsignal.exe
- Systemcallretriever.exe
- Kernelmoduleunloader.exe
Ok, the worst is over. Pad yourself at the back for a job well done. Cool
5. The testing part. Also the last part.
5a. Settings. (These are the settings I used)(Save all progams and files before you proceed)
Be responsible.
HACK WITH CARE AND RETURN THE MOBS BACK TO NORMAL BEFORE YOU LEAVE
5b. Testing for detection. (Save all progams and files before you proceed)
(I can't remember very clearly, I read this from John's tut, correct me if I got this wrong)
A word from ROLL
To find out which part is detected, follow the steps:
1. Run your CE, close it. Run maplestory.exe. If reboot, dbk32.sys (DBKKernel/) is detected.
2. Remove dbk32.sys and dbk32.dll. Run CE, run maplestory, if reboot, user interface is detected.
3. What else can be detected? Obviously it's the dbk32.dll
Last edited by pkerkid on ; edited 1 time in total
systemcallsignal.exe (systemcallsignal.dpr in SystemcallRetriever folder)
Note:Systemcallretriver.exe uses "newkernelhandler". When we save our edited newkernelhandler.pas to Whateverhandler at step 3b. We will have both edited files in our main source directroy, so no worries.
Systemcallretriever.exe(change anything if needed)
(Systemcallretriever.dpr in SystemcallRetriever folder)
Kernelmoduleunloader.exe
(Kernelmoduleunloader.dpr in "dbk32\Kernelmodule unloader" folder)
4a. Other stuff. (Note: Make a copy of your edited source before you proceed)
- Changing project group name.
Open cheatengine.bpg from the main directory, then "save as" Whateverengine.bpg in the main directory. Close and open it again to test it.
- Change the cheatengine.exe name.
Open cheatengine.bpg from the main directory and "Right click" on cheatengine.exe and select "View Source" like so.
Then you save Cheatengine.dpr as Whateverengine.dpr.
(Note: I done this before, but this time when I do this, I close it and when I open it again, I get a "Unable to find Resource Only DLL Projects. Please enter the correct directory for the parent project." But if I cancel it, its still working. Still working this out.)
Then you compile the Whateverengine.exe.
4b. So now you have these files below, make a new folder and place them in the folder.
- WhateverEngine.exe (Cheatengine.exe)
- driver.dat
- Whatever.sys (dbk32.sys)
- Whatever.dll (dbk32.dll)
- stealth.dll
- cehook.dll
- systemcallsignal.exe
- Systemcallretriever.exe
- Kernelmoduleunloader.exe
Ok, the worst is over. Pad yourself at the back for a job well done. Cool
5. The testing part. Also the last part.
5a. Settings. (These are the settings I used)(Save all progams and files before you proceed)
Be responsible.
HACK WITH CARE AND RETURN THE MOBS BACK TO NORMAL BEFORE YOU LEAVE
5b. Testing for detection. (Save all progams and files before you proceed)
(I can't remember very clearly, I read this from John's tut, correct me if I got this wrong)
A word from ROLL
To find out which part is detected, follow the steps:
1. Run your CE, close it. Run maplestory.exe. If reboot, dbk32.sys (DBKKernel/) is detected.
2. Remove dbk32.sys and dbk32.dll. Run CE, run maplestory, if reboot, user interface is detected.
3. What else can be detected? Obviously it's the dbk32.dll
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Back to top
