Log in

View Full Version : sXe injected


syl
May 8th, 2007, 08:15
hi

i wanted to disassemble http://www.sxe-injected.com sXe injected (an anti-cheat program for stand-alone counter-strike releases no-steam) in order to understand why it's not working with vista.
Of course i think that's because of execryptor (PEiD shown that for sxe 2.7 but with sxe 3.3 it's saying "nothing" used on exe or perhaps because of the driver used for anti-cheat. But i wanted to have your idea.
Also, i want to precise that http://www.sysersoft.com syser and Olly cannot even or can just not really load the exe.
With OllyDbg i tried the "advanced" plugin to break on new TLS callback because i'm pretty sure that's the technique used (but i think there is another in the wild related with PE checks). So well my question is :
* can we be sure that execryptor was used on sXe
* what to do after breaking on TLS callback while loading in Olly

disavowed
May 8th, 2007, 09:32
You can use http://www.microsoft.com/downloads/details.aspx?familyid=bd02c19c-1250-433c-8c1b-2619bd93b3a2&displaylang=en to try to find reasons for Vista incompatibilities.

deroko
May 8th, 2007, 17:39
It is because of driver and has nothing to do with execryptor. And for the record cheating in online game such is Counter-Strike is lame...

LLXX
May 9th, 2007, 01:52
Quote:
[Originally Posted by syl;65518]perhaps because of the driver used for anti-cheat
If you've been following the news on Vista's driver facism, you'd find that is the likely cause.

syl
May 9th, 2007, 15:23
but if someone could redirect me on tuts for TLS callbacks, it would be really great, i'm not a cheater, just want to learn.

Quote:
[Originally Posted by LLXX;65530]If you've been following the news on Vista's driver facism, you'd find that is the likely cause.


i'm using vista 32 bit.

JMI
May 9th, 2007, 16:43
I'll repeat what I posted in a recent post:

The reason the Diety created the internet and search engines was so people could find information about subjects that interested them.

How about YOU do the searching, as it ways in the FAQ, if you had actually bothered to read it!!!!! Why can't YOU put "TLS callbacks and tuts" (without the quotation marks) and try various combinations of those terms and see what YOU find???? Why do WE have to satisfy YOUR lack of effort by assuming you are completely helpless and taking YOU by the hand and leading YOU what what you should have searched for YOURSELF???

Do you get it now? If not, then ACTUALLY READ THE FAQ, and maybe you will become clear to you.

Regards,