Application Crash on like 5 or 7 Files. about uwpdumper HOT 15 CLOSED

Tool I used was Process Hacker.

You maybe should add a Option like "-pause" so people can decide to pause process or not. Maybe pausing can cause issues on other.

from uwpdumper.

I haven't been able to download the game myself to test this and see what is going on with those particular but does it always crash on the particular file you are talking about? Can you post the dumper log up to the point of the crash?

from uwpdumper.

Just a heads up, the Key to dump is, to Pause the Process. It seems there is a Detection for Injection :)

from uwpdumper.

hi!
I have the same issue with sea of thieves, I think there is a protection and it sucks...
did you find any solution?

from uwpdumper.

Hey.

For me It is random Sometimes already app.xml

98% IT Crash on SoT-Game.exe and 1% above Error and 1% on File 7-8 which is a PAK file.

PAK File ist also Huge a few GB. Can Post Log later.

As I wrote Game is basically free with 14 day Trial of "Game Pass" Can Post Log later.

Some people say it use TruePlay some don't. TruePlay Protect Memory which can be disabled :D

from uwpdumper.

http://prntscr.com/iwzz2a

After it Crash the Game.

from uwpdumper.

Thanks for the insight. I haven't had the time to research a way to get the dumper to inject undetectable into some of the latest UWP games out there but if pausing the process seems to work then I might be able to just get UWPDumper to suspend all the threads of the process during the course of a dump so none of its detection checks run during the extraction.

Any insight on how you paused the process to get it to dump so I can add similar code to UWPDumper? I'm thinking of just calling SuspendThread on all the other non-dumping threads , dumping, and then ResumeThread once its all done.

from uwpdumper.

I figured that too yea. Suspending all threads when it is in the middle of other critical tasks could cause the game or software to crash in the process of dumping. Eventually I'll add a --pause option so that the UWPInjector can suspend all the target process's threads except the dumper thread and I'll keep this issue open until it's done and so others can use your info for others to take as reference. 👍

from uwpdumper.

First time using github projects but I'll add it to the Todo.

from uwpdumper.

Process Hacker uses "NtSuspendProcess(processHandle);"

from uwpdumper.

I tried to stop the process with cheat engine with the speedhack and it didnt' work, i dont know how cheat engine's speedhack works but don't use their method
but Process Hacker works perfectly, thank you

(by the way, the .pak files of Sea of thieves are unfortunatly encrypted, I dont think that there is a solution for that :/)

from uwpdumper.

Do you mean the the EFS encryption is preserved after the dump or do you mean the game engine itself has its own archive protection.

from uwpdumper.

Unreal engine paks use AES this is separate from the UWP protection
Read under core of this changelog
https://docs.unrealengine.com/en-us/Support/Builds/ReleaseNotes/4_16

from uwpdumper.

The Key is in a Module from WindowsStore. People reported, that the Game loads a DLL from the Windows Store, which has a Key, generated on your AccountID. Not sure how accurate is this, but people didn't found any Key in the SoT-Game.exe (there was before, but not anymore)

from uwpdumper.

nvm

from uwpdumper.