Unable to attach debugger menu

User Tag List

Results 1 to 13 of 13
  1. #1
    Hopps's Avatar Private
    Reputation
    22
    Join Date
    Mar 2010
    Posts
    7
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Unable to attach debugger

    Heroes of the Storm crashes when I attempt to attach cheat engine's debugger to it, if anyone knows a way around this I'd love to know.

    - Hopps

    Unable to attach debugger
  2. #2
    TOM_RUS's Avatar Legendary
    Reputation
    914
    Join Date
    May 2008
    Posts
    699
    Thanks G/R
    0/52
    Trade Feedback
    0 (0%)
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

  3. #3
    Torpedoes's Avatar ★ Elder ★ Doomsayer
    Authenticator enabled
    Reputation
    1147
    Join Date
    Sep 2013
    Posts
    956
    Thanks G/R
    148/415
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Would like to kindly request this be moved to the shiny new exploits section. Also wondering if anyone's made any progress on this. That steam anti-debug DLL didn't appear to work. But I'm also not sure what I'm doing yet.
    Last edited by Torpedoes; 05-13-2015 at 03:27 PM.

  4. #4
    TOM_RUS's Avatar Legendary
    Reputation
    914
    Join Date
    May 2008
    Posts
    699
    Thanks G/R
    0/52
    Trade Feedback
    0 (0%)
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    The above thing definitely worked fine back in Alpha, not sure this is still a case.
    Edit: hidden threads still here, but they added something else that makes game crash when debugger is attached.
    Last edited by TOM_RUS; 05-13-2015 at 07:50 PM.

  5. #5
    Torpedoes's Avatar ★ Elder ★ Doomsayer
    Authenticator enabled
    Reputation
    1147
    Join Date
    Sep 2013
    Posts
    956
    Thanks G/R
    148/415
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by TOM_RUS View Post
    Hidden threads still here, but they added something else that makes game crash when debugger is attached.
    Just to be sure, were you injecting the above DLL as-is into heroes at launch? Or did you modify it and attach it to something else?

  6. #6
    TOM_RUS's Avatar Legendary
    Reputation
    914
    Join Date
    May 2008
    Posts
    699
    Thanks G/R
    0/52
    Trade Feedback
    0 (0%)
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Torpedoes View Post
    Just to be sure, were you injecting the above DLL as-is into heroes at launch? Or did you modify it and attach it to something else?
    I have custom launcher that works like blizzards HeroesSwitcher.exe, it injects the DLL as is.

  7. #7
    Torpedoes's Avatar ★ Elder ★ Doomsayer
    Authenticator enabled
    Reputation
    1147
    Join Date
    Sep 2013
    Posts
    956
    Thanks G/R
    148/415
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Small update, I extended that Steam Anti-Anti-Debug DLL to detour both IsDebuggerPresent and CheckRemoteDebuggerPresent as well. The game imports and makes use of IsDebuggerPresent but not CheckRemoteDebuggerPresent. Unfortunately this didn't solve anything, and furthermore, my test account got a 72 hour suspension as soon as I tried it. I tried it on another account, no suspension yet so it must have been triggered by all the analysis I was performing in the past two days. Either way I'm out of ideas for reversing this game for now, I'll try again in a little while. Blizzard has definitely upped their game though.

    UPDATE 1: Made a few more additions to the DLL. Based on this and this. I used NtQueryInformationProcess to get the PEB and make sure BeingDebugged stays zero. I also detoured it to ignore the ProcessDebugPort request (which the game calls a lot). All in all I was able to get the debugger working on the login and menu screen. In game it continues to fail, Blizzard really doesn't want us debugging mid-game but we're inching closer.

    UPDATE 2: ...and my second test account got suspended. I'm gonna go do something more productive now
    Last edited by Torpedoes; 05-19-2015 at 12:20 AM.

  8. #8
    Torpedoes's Avatar ★ Elder ★ Doomsayer
    Authenticator enabled
    Reputation
    1147
    Join Date
    Sep 2013
    Posts
    956
    Thanks G/R
    148/415
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    So guess what everyone... Turns out that everything we did with detouring and injecting DLL's was pointless. You can debug the game easily with Cheat Engine using VEH mode (Edit > Settings > Use VEH Debugger) - defaults for everything else. I suspect other debuggers have similar options. Now quite frankly I have no idea what this option does or how it works but I read about it on the Cheat Engine forums for another game and it happens to work for Heroes as well. Obviously use this on test accounts only, though I haven't been banned yet. If you manually place breakpoints the game will crash as per usual but at least you can step through once before restarting the game. If anybody has more info about VEH mode, please let me know.

  9. #9
    Midi12's Avatar Contributor
    Reputation
    90
    Join Date
    Sep 2012
    Posts
    182
    Thanks G/R
    6/13
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    92izii !

  10. Thanks Torpedoes (1 members gave Thanks to Midi12 for this useful post)
  11. #10
    thewisp's Avatar Private
    Reputation
    6
    Join Date
    Jun 2015
    Posts
    3
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Torpedoes View Post
    So guess what everyone... Turns out that everything we did with detouring and injecting DLL's was pointless. You can debug the game easily with Cheat Engine using VEH mode (Edit > Settings > Use VEH Debugger) - defaults for everything else. I suspect other debuggers have similar options. Now quite frankly I have no idea what this option does or how it works but I read about it on the Cheat Engine forums for another game and it happens to work for Heroes as well. Obviously use this on test accounts only, though I haven't been banned yet. If you manually place breakpoints the game will crash as per usual but at least you can step through once before restarting the game. If anybody has more info about VEH mode, please let me know.
    thank you for the useful post! I tried a bit and I found that using INT3 instead of HW would allow continue debugging even after the first break.

  12. #11
    Torpedoes's Avatar ★ Elder ★ Doomsayer
    Authenticator enabled
    Reputation
    1147
    Join Date
    Sep 2013
    Posts
    956
    Thanks G/R
    148/415
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by thewisp View Post
    thank you for the useful post! I tried a bit and I found that using INT3 instead of HW would allow continue debugging even after the first break.
    Thanks for the info, I'll have to try it next time I'm reversing the game.

  13. #12
    Torpedoes's Avatar ★ Elder ★ Doomsayer
    Authenticator enabled
    Reputation
    1147
    Join Date
    Sep 2013
    Posts
    956
    Thanks G/R
    148/415
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Unfortunately Blizzard put in protection against VEH and KernelMode debugging in training+ games. Looks like we'll need to find some alternative ways of reversing this game, unless anybody has some suggestions.

  14. #13
    thewisp's Avatar Private
    Reputation
    6
    Join Date
    Jun 2015
    Posts
    3
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Torpedoes View Post
    Unfortunately Blizzard put in protection against VEH and KernelMode debugging in training+ games. Looks like we'll need to find some alternative ways of reversing this game, unless anybody has some suggestions.
    the alternative way is to reverse SC2 instead of heroes. since SC2 will always need to support editor, it always needs to be usable without battle.net.

Similar Threads

  1. Does Blizzard ban for attaching Debugger
    By masteramoebe in forum WoW Memory Editing
    Replies: 6
    Last Post: 11-17-2016, 10:44 AM
  2. [How-To] Attaching Debugger
    By masteramoebe in forum MMO Exploits|Hacks
    Replies: 0
    Last Post: 11-15-2016, 11:19 AM
  3. Replies: 2
    Last Post: 07-14-2013, 11:52 PM
  4. Replies: 1
    Last Post: 02-27-2011, 11:11 AM
  5. "unable to validate version"
    By Conflag in forum World of Warcraft General
    Replies: 3
    Last Post: 12-15-2006, 09:19 PM
All times are GMT -5. The time now is 08:19 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search