CoSMOS Gamehacking Tool

Page 7 of 11   •  First Page  •  Previous Page  •   Next Page  •   Last Page
Signup or Login to Post
  CoSMOS | Advanced 5.0 Beta Released
  • Current rank: 1 Star. Next Rank at 100 Posts.
    Send a message to BeSpecialFegget
    ELITE
    BeSpecialFegget posted on Jul 14, 2019 1:27:44 PM - Report post
     
    quote:
    originally posted by 0x90

    1. Download Cosmos Advanced 5.1.3
    2. Start Sniper Elite V2, attach Cosmos to it
    3. Open diassembly => go to address 'SniperEliteV2.exe' and place a breakpoint on it.
    4. Go back ingame
    5. Let me know if the game crashes / freezes or not

    That works fine.
    The problem is:
    I look for the value (health) take damage, regenerate etc.
    If i got the right adress that sets my health, i do a rightclick on that Value and use the function: "Find out what accesses this address" to write a AOB script for GodMode.
    As soon as i use the Function, i get asked if i want to attach the debugger.
    As i press YES, the game just freeze and crash.
    Thats the main problem here that does not happen with CoSMOS using the same procedure.

    I rlly like the interface of COSMOS and would really like to use it, but that just make it impossible

  • Trainer Maker
    Send a message to 0x90
    STAFF
    0x90 posted on Jul 14, 2019 2:42:41 PM - Report post
     
    I understand your point. I just wanted to see if there is a general problem with the debugger (on attaching) or a handling breakpoint issue. It turns out to be the last. The v5 doesn't have any debug tools inbuilt so it would be hard to automatically get me some useful information. v6 has debug tools for the debugger but it's not released yet.

    Something else you can give a try is to open up notepad, attach Cosmos to it, search for a constantly changing value (simple do a 4 bytes / int search, and then changed for rescans) and do a 'find out what access' like you did with your health in sniper elite. See if it crashes / freezes notepad too.

    I would be curios if this is a game related issue which I perhaps can reproduce on my machine as well or if its a machine related issue that on your machine handling breakpoints fails in general.

    //edit: Have you checked the log in cosmos, is there anything useful in it?

    [Edited by 0x90, 7/14/2019 2:49:19 PM]
  • Current rank: 1 Star. Next Rank at 100 Posts.
    Send a message to BeSpecialFegget
    ELITE
    BeSpecialFegget posted on Jul 14, 2019 3:44:28 PM - Report post
     
    quote:
    originally posted by 0x90

    I understand your point. I just wanted to see if there is a general problem with the debugger (on attaching) or a handling breakpoint issue. It turns out to be the last. The v5 doesn't have any debug tools inbuilt so it would be hard to automatically get me some useful information. v6 has debug tools for the debugger but it's not released yet.

    Something else you can give a try is to open up notepad, attach Cosmos to it, search for a constantly changing value (simple do a 4 bytes / int search, and then changed for rescans) and do a 'find out what access' like you did with your health in sniper elite. See if it crashes / freezes notepad too.

    I would be curios if this is a game related issue which I perhaps can reproduce on my machine as well or if its a machine related issue that on your machine handling breakpoints fails in general.

    //edit: Have you checked the log in cosmos, is there anything useful in it?

    [Edited by 0x90, 7/14/2019 2:49:19 PM]

    Notepad works just fine when i try it.

    Heres the log: (the log is of another game, but the error is the same as in any other game)
    (Crash at "00:42:01: DEBUG -> Initial BP!"

    00:40:53: Cosmos loading finished in: 00:00:01.2944097
    00:41:20: Process Handler: Enumerating processes...
    00:41:20: Process Handler: Time enumerating processes: 159ms
    00:41:23: Successfully attached to ToT Summertime
    00:41:23: Time enumerating modules: 3ms
    00:41:24: Symbolhandler: Enumerating symbols...
    00:41:24: Time enumerating memory regions: 10ms
    00:41:24: Symbolhandler: Finished! Time enumerating symbols: 378ms
    00:41:24: Mono: Enumerating mono assemblies...
    00:41:25: Mono: Finished! Time enumerating mono assemblies: 737ms
    00:41:29: New scan started
    00:41:30: Scan finished in: 00m 00s 724ms
    00:41:30: Time preparing scan results: 6ms
    00:41:36: New scan started
    00:41:36: Scan finished in: 00m 00s 008ms
    00:41:36: Time preparing scan results: 0ms
    00:42:01: Time enumerating modules: 1ms
    00:42:01: DEBUG -> Initial BP!
    00:42:01: Couldn't get the thread context. Failed at SuspendThread with 0x5
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    00:42:14: Couldn't get the thread context. Failed at SuspendThread with 0x9C

  • Trainer Maker
    Send a message to 0x90
    STAFF
    0x90 posted on Jul 15, 2019 2:16:34 AM - Report post
     
    0x9C is ERROR_SIGNAL_REFUSED so the target process refused it. Since Cosmos Advanced does not force admin mode (unlike CE) I assume you didn't launched it as admin manually yourself? If this is true can you try launching cosmos as administrator and try it again?
  • Current rank: 1 Star. Next Rank at 100 Posts.
    Send a message to BeSpecialFegget
    ELITE
    BeSpecialFegget posted on Jul 15, 2019 9:03:28 AM - Report post
     
    quote:
    originally posted by 0x90

    0x9C is ERROR_SIGNAL_REFUSED so the target process refused it. Since Cosmos Advanced does not force admin mode (unlike CE) I assume you didn't launched it as admin manually yourself? If this is true can you try launching cosmos as administrator and try it again?

    Running as admin, same problem.
    I guess the real crash problem is the "Couldn't get the thread context. Failed at SuspendThread with 0x5" part. As the game freezes it pops up in the log, the rest just comes up right after the game closes.

    17:59:31: Cosmos loading finished in: 00:00:01.5841361
    17:59:48: Process Handler: Enumerating processes...
    17:59:48: Process Handler: Time enumerating processes: 288ms
    17:59:50: Successfully attached to ToT Summertime
    17:59:50: Time enumerating modules: 4ms
    17:59:50: Symbolhandler: Enumerating symbols...
    17:59:50: Time enumerating memory regions: 15ms
    17:59:51: Symbolhandler: Finished! Time enumerating symbols: 692ms
    17:59:51: Mono: Enumerating mono assemblies...
    17:59:51: Mono: Finished! Time enumerating mono assemblies: 537ms
    17:59:57: New scan started
    17:59:59: Scan finished in: 00m 01s 259ms
    17:59:59: Time preparing scan results: 20ms
    18:00:05: New scan started
    18:00:05: Scan finished in: 00m 00s 011ms
    18:00:05: Time preparing scan results: 0ms
    18:00:19: Time enumerating modules: 1ms
    18:00:20: DEBUG -> Initial BP!
    18:00:20: Couldn't get the thread context. Failed at SuspendThread with 0x5



    *That part of the log generates when the game closes so after the crash*
    18:01:16: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C
    18:01:17: Couldn't get the thread context. Failed at SuspendThread with 0x9C

  • Trainer Maker
    Send a message to 0x90
    STAFF
    0x90 posted on Jul 15, 2019 9:58:31 AM - Report post
     
    No the 0x5 is expected (or to be correct, it's rather not unexpected). It can happen when accessing a closed thread. It also happens on my machine while debugging works fine. The lots of 0x9C however are definitely not expected. Something refuses Cosmos to get the thread context. Without further debug information it's hard to say what's causing it. I'll investigate it and try to reproduce it.

    What AV are you using? And which OS?

    [Edited by 0x90, 7/15/2019 9:59:42 AM]
  • Current rank: 1 Star. Next Rank at 100 Posts.
    Send a message to BeSpecialFegget
    ELITE
    BeSpecialFegget posted on Jul 15, 2019 10:12:58 AM - Report post
     
    quote:
    originally posted by 0x90

    No the 0x5 is expected (or to be correct, it's rather not unexpected). It can happen when accessing a closed thread. It also happens on my machine while debugging works fine. The lots of 0x9C however are definitely not expected. Something refuses Cosmos to get the thread context. Without further debug information it's hard to say what's causing it. I'll investigate it and try to reproduce it.

    What AV are you using? And which OS?

    [Edited by 0x90, 7/15/2019 9:59:42 AM]

    i am using Bitdefender (but everything is turned off)
    OS is Windows 10

  • Trainer Maker
    Send a message to 0x90
    STAFF
    0x90 posted on Jul 15, 2019 10:30:36 AM - Report post
     
    Bitdefender is known to cause a lot of unexpected issues, even when disabled and whitelisted. To be sure this isnt one of it I would recommend uninstalling it, reboot try it again and the issue still appears then just reinstall Bitdefender.

    Nevertheless I've now downloaded the game again and tested it with the health address. As you can see the debugger is working and that I also get the 0x5 error once after initial BP got hit. But I've also noticed that the game is 32bit, which makes the debugger a little bit more unstable because Cosmos is a 64bit application and unmanaged structures from 32bit game process needs to be converted into 64bit and vice versa.

    I dont know what the other unity engine game it was you were trying it with but by chance is it also a 32bit process? You can check this when opening the taskmanager. 32bit processes have this "(32 Bit)" notation behind their name. Notepad on Windows 10 is a 64bit process. Can you try it on a 64bit game please

Page 7 of 11   •  First Page  •  Previous Page  •   Next Page  •   Last Page
Signup or Login to Post
All times are (GMT -06:00) Central Time (US & Canada). Current time is 2:08:43 AM