New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GamePass / XBox / Windows Store support #116
Comments
We just use cheat engine I'm pretty sure. @varedz and @ph0t0shop can help you better. |
As a start, I was able to find the memory address of the Menu/Lobby/Started enumeration. The next hurdle is working backwards from there to find the offset of the game client. I'm looking at the code here: I see that it is dereferencing a series of pointers. I assume a pointer to the game client is stored in a static field, so it lives at a fixed memory offset. And then you traverse through several heap-allocated objects from there dereferencing pointers. Are there any tricks or tools to do the reverse, going from the memory offset I discovered above back to the offset of the client? Or is my approach fundamentally wrong, and I should be taking a different approach? |
Hey there, I'm working on support for these new versions coming out, although priority will always start with Steam. Thanks for the inquiry. |
There are some major complications with Microsoft Store, unfortunately as of this time, I don't believe I'll be able to support it. |
Are you able to elaborate at all on the nature of the complications? |
Sure. So unfortunately Microsoft Store's protection to their folders are very insane. I'm unable to access any files, and the capture cannot read the hash of the file due to insufficient permissions. |
I can confirm their drm is ridiculous. Everything about every game
installed is encrypted and not accessible even with admin rights.
…On Sat, Dec 19, 2020 at 2:03 PM varedz ***@***.***> wrote:
Sure. So unfortunately Microsoft Store's protection to their folders are
very insane. I'm unable to access any files, and the capture cannot read
the hash of the file due to insufficient permissions.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#116 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AFKLEXXUSNJCTCD36ZLZAR3SVUBKVANCNFSM4VCCKJKA>
.
|
I tried my best, there was simply not much I could do. |
I've hit the same limitation, so instead of reading a hash of the binary, I'm reading the version number from their appx manifest. Despite the encryption, I'm still able to read memory of the running process. If I can figure out the right memory offsets, I should be able to associate them with the version number, right? I'm using PowerShell's Here's some related code I'm working on where I use powershell to get a version number. |
Already aware of that, although we use hash because cracked versions share the same version number in the analytics. |
Do cracked versions install via the same Appx mechanism? Does Windows give us a way to prove that the Among Us process comes from a legitimately installed Windows Store version of the game? |
I believe they do, and I don't believe there's a better way to better detect a legitimate process of the game. |
As well without access to the game files, stats would have to be disabled for Microsoft Store, there are just simply to many complications with it. |
Alright, in conclusion we would like to support Microsoft Store version, but we simply cannot. AmongUsClient - 0x21D0EA0 EDIT -- These pointers are not tested and I'm unsure if they will work or not. |
I understand; thanks for sharing. |
i don't mean to sound rude. is Epic Games supported yet? as you mentioned your priority is Steam > Epic Games > Microsoft store. |
Epic games is supported as of 82867ea |
I'm trying to figure out the memory offsets for the Windows Store / XBox / GamePass edition of the game. I'm using Artmoney to figure out the memory offsets. Are there any tricks or tools used to figure them out?
The text was updated successfully, but these errors were encountered: