|
|
Post by meatsafemurderer on Apr 18, 2020 4:35:14 GMT 10
As of 01/10/20 (European date formatting) so far as I can tell the integrity check has been removed and this is no longer needed. I will leave the original post here for posterity. Big thank you to Capcom for removing the check whilst getting rid of Denuvo.
As some of you may know Capcom decided to add a code integrity check to RE3 to ensure that people don't...cheat?...presumably? Whenever loading a savegame or starting a new game (and possibly periodically throughout play) the game checks to ensure it has not been screwed with. This makes stuff like the fix for zombies animating at a low framerate at longer distances a bit of a pain to use as they required using something like REframework, which is imcompatible with DX12 and even DX11 wrappers like REShade and 3Dmigoto. Well...NO LONGER! To disable this disease at its root open up re3.exe in your favourite hex editor and navigate to 0xA7D059 (thank you to Fullbuster23 for finding the updated offset!) and change it from 75 to EB, yup a nice easy one byte change! For those interested in what this does under the hood, it changes a jne instruction (conditional jump if not equal) to jmp (unconditional jump), thereby bypassing the code resposible for flipping a boolean when the integrity check fails, leaving the game totally unaware that you've been eating...um...I mean editing its guts.
|
|
Majini Killer
Posts: 247 
|
Post by Fullbuster23 on Apr 18, 2020 6:05:58 GMT 10
As some of you may know Capcom decided to add a code integrity check to RE3 to ensure that people don't...cheat?...presumably? Whenever loading a savegame or starting a new game (and possibly periodically throughout play) the game checks to ensure it has not been screwed with. This makes stuff like the fix for zombies animating at a low framerate at longer distances a bit of a pain to use as they required using something like REframework, which is imcompatible with DX12 and even DX11 wrappers like REShade and 3Dmigoto. Well...NO LONGER! To disable this disease at its root open up re3.exe in your favourite hex editor and navigate to 0xA74B49 and change it from 75 to EB, yup a nice easy one byte change! For those interested in what this does under the hood, it changes a jne instruction (conditional jump if not equal) to jmp (unconditional jump), thereby bypassing the code resposible for flipping a boolean when the integrity check fails, leaving the game totally unaware that you've been eating...um...I mean editing its guts. Thanks for share it!! Just a question am I doing it right? 
|
|
Posts: 22
|
Post by SkacikPL on Apr 18, 2020 6:17:03 GMT 10
The whole thing is probably a byproduct made for REsistance to give it at least baseline security which is missing the mark entirely because anyone who would want to cheat would probably do it via runtime memory manipulation rather than modding the files themselves.
Or at least i try to give them blind benefit of a doubt of trying to counteract cheating without having done a single bit of research into how cheating is actually done, rather than being just assholes to genuine modders.
|
|
|
|
Post by meatsafemurderer on Apr 18, 2020 6:17:16 GMT 10
Thanks for share it!! Just a question am I doing it right? Yup, that's the one! 
|
|
|
|
Post by blake on Apr 18, 2020 11:03:55 GMT 10
This is for RE3R only right? Not including resistance?
|
|
|
|
Post by meatsafemurderer on Apr 18, 2020 15:23:47 GMT 10
This is for RE3R only right? Not including resistance? I would assume so. I guess there's a small chance (really very, very small) that the exact same jump just happens to be at the exact same offset in REsistance's .exe...I honestly couldn't tell you though, I've not poked around in REsistance with a debugger and disassembler...and I'm not going to. I would also hope that a competitive online only game like REsistance would have rather more protection in place than just an easily defeated integrity check.
|
|
|
|
Post by cymatix on Apr 20, 2020 22:39:43 GMT 10
This is awesome, I went ahead and added your instructions to the guide for full FPS animations. I'm curious as to how you navigate the hex to find the relevant data? I'm guessing that you use cheat engine with trial & error method? Really nice work in any case!
|
|
|
|
Post by meatsafemurderer on Apr 21, 2020 5:54:25 GMT 10
This is awesome, I went ahead and added your instructions to the guide for full FPS animations. I'm curious as to how you navigate the hex to find the relevant data? I'm guessing that you use cheat engine with trial & error method? Really nice work in any case! Thank you! There is some trial and error involved but not as much as you might think. Cheat Engine has a couple of other tricks up its sleeve. It has a built in assembly viewer, which lets you view the x86 assembly code hidden behind the confusing wall of hexidecimal...although assembly isn't particularly user friendly either, just better than hex, and a built in debugger that, among other things, can watch for writes to specific addresses. Once you know where the boolean is located in memory you can intentionally trigger an integrity check failure while cheat engine's debugger watches on and that will give you the address of the assembly instruction that flipped the boolean. From there it's a matter of understanding and modifying the assembly to bypass that instruction in some form. You can either nop (a "do nothing" instruction) the write instruction itself, but that's kind of dirty IMO, or you can change the jump / comparison so that it always behaves like the check passed, the write instruction is never reached and the boolean is never flipped.
|
|
|
|
Post by Sleeping on May 13, 2020 7:46:20 GMT 10
Noob question, how can I find that specific line in notepad++?
|
|
Posts: 1,504
Original Join Date: Dec 29, 2011
|
Post by V on Jun 3, 2020 12:18:52 GMT 10
Hey uhm, the .exe just updated for me. Should I still replace the byte with EB? 
|
|
|
|
Post by meatsafemurderer on Jun 3, 2020 12:44:05 GMT 10
Hey uhm, the .exe just updated for me. Should I still replace the byte with EB? The offset will need to be updated. I've got the update and will get to it shortly Edit: Done, new offset is 0xA56A99, instructions remain otherwise identical.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Jul 21, 2020 9:52:05 GMT 10
Can this integrity check thing be done to Revelations 2? I have spent days sesrching for a solution for using a custom savegame downloaded from the Internet. Please, help.
|
|
Posts: 3
|
Post by escopy on Jul 22, 2020 10:48:20 GMT 10
Hi meatsafe, looks like the .exe has changed again. you have the new values or have any instructions on how to get the offsets ourselves when it updates?
|
|
Posts: 3
|
Post by escopy on Jul 26, 2020 7:03:46 GMT 10
Nevermind, false alarm. was at the wrong line item
|
|
|
|
Post by regi on Jul 30, 2020 6:41:01 GMT 10
|
|
Is this correct?