HOW ANTI-CHEAT BYPASSES WORK

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
at some point during the process of learning game hacking everyone reaches a massive roadblock eventually you try to hack a game that is protected by an anti-che you get banned a few times and you eventually find out that you're going to need a bypass today we're going to talk about these anticheats and how to get around them but before we do that this video is sponsored by brilliant.org when it comes to hacking games you have to get your hands dirty with a bunch of math and computer science some of these Concepts can be quite complicated but there is a fun and easy way to learn more about them Brilliance is the best way to to interactively learn maths science and computer science they have thousands of excellently curated lessons which take you from beginner to Advanced topics effortlessly with new lessons added monthly maybe you're not sure where to start with programming their new thinking and code course will have you designing simple programs that solve relevant real world problems right away in their natural interactive fashion so whether you're a student or a professional you can try everything brilliant has to offer free for a full 30 Days by visiting brilliant.org or by clicking on the link in the description down below the first 200 of you will get 20% of brilliant's annual premium subscription thanks for listening and let's get back to the video before we can talk about creating a bypass first we have to discuss what cheats are and how anti-cheats attempt to stop them cheats can be many things from esps to aimbots to money hacks but one thing they all have in common is that they need to read and write process memory at some point to apply set hacks conversely the job of basically any anti-che is to stop random programs from having access to a game's memory space let's begin with the basic example of an internal cheat internals are extremely powerful because they are loaded directly into the game's process and therefore have complete memory access in order to load an internal though we need an injector which Maps our DL file into the game's memory space a simple way that an anti-che might detect this would be to iterate over the list of loaded modules belonging to the game if the antiche finds a module that is not supposed to be there the game has been tampered with games could also hook the load Library function from Windows to block all injections simple right well well not really because there are legitimate reasons to inject DLS into games for example the Steam and Discord overlays are basically internal cheats that hook rendering functions furthermore if you record with OBS game captures OBS is actually injecting a dlll into the game to record it even if the game blocks all dlll injection like csgo started doing a few years ago there are still ways for cheaters to get around this with manual mapping the idea behind manual mapping is that we emulate the load Library function from Windows but with a very important difference we selectively do not add the code which puts our dlll into the loaded module list of the program this also bypasses the load Library hook that I mentioned earlier because we never have to call that function I hope this shows that a bypass is not an object or a project or just straight up magic anything that gets you and your cheat around an anti-che is considered a bypass there is basically an infinite amount of bypasses it just takes some skill experience luck and creativity to find them anyway let's move into the external realm as things get a little a little bit more interesting there the easiest way to access A Game's memory from your own process would be to open a handle to the game with the highest privilege level once you have the handle you can literally use the read and WR process memory functions from the windows API to obviously manipulate the game's memory there's quite a large problem though this is literally the simplest way to do it and therefore it is also the easiest for an anti-che to detect fortunately user mode anti-cheats cannot detect read or write memory operations but what they can do is stop you from getting a handle to the game they do this by hooking the open process function from Windows and blocking any handles that you're trying to create if you're inexperienced with the kernel and have to stay in user mode one way to get around this is by hijacking another processor's legitimate handle to the game and using that handle to do your memory operations but this will only work for user mode anti sheets because kernel anti sheets have a lot more privilege and therefore a lot more opportunity to detect your hacks since we are on the topic of Kernel mode and user mode anti- cheets let's take a moment to go over the differences a user mode antiche is like any other program it doesn't have very much privilege over your computer as a whole these anti cheets usually do simple operations like Integrity checks on the game's files to stop people from Simply bite patching the game files on their disk these anti cheets are also famous for something called Signature detection this is a very simple way of detecting Cheats by generating a unique signature that represents the cheats binary file then constantly scanning your game or the game's files for said signature there might be many thousands of these signatures in a database somewhere and if one is found in your client you get a ban because you're cheating if you've been in the community for long enough you might remember a meme called Junk code this is where pter would full cheats with random useless code with the sole purpose of changing the signature of their cheats in theory this works but in practice your compiler would just optimize all the junk code out creating no difference in your binary finally the last important way that these anti-cheats detect cheaters is by hooking common Windows API functions used in cheats I already mentioned a few of these for example hooking load library to block injections or hooking open process to stop Hackers from creating handles to the game moving on to Kernel anti cheets these do everything that user mode anti cheets do and more simply put a kernel antiche is a driver that's going to monitor your entire system with most of its attention focused on the game it's protecting kernel anti cheets can very easily completely block all the techniques that we use in user mode they do this by registering callbacks on system objects through the OB register callbacks function in the kernel this will send a notification to their driver about every object manager event that's taking place they can simply check if the process in question is their game and if it is they will strip the read and write privileges from the handle that you are trying to open this is why if you try open a handle or even inject a dlll into a kernel protected game it simply won't work in fact it's very unlikely that you would even get a ban because they didn't even let you begin cheating in the first place now don't get the wrong idea if the anti-che developers are incompetent there will certainly be ways to get around their colel antiche from user mode but that's going to require a bunch of reverse engineering research and Ingenuity the easiest way to get around a kernel antiche is to actually enter the kernel Yourself by programming your own kernel driver I've already made a video on the topic of drivers and why you need them to bypass anti cheets so I'll leave a link in the description down below and you can go check that out when you're done here but the basic idea is that you need to Fight Fire with Fire a decent kernel antiche will make it almost impossible for you to hack from user mode by creating your own driver you'll be able to directly access kernel functions which gives you a lot more opportunity to bypass the antiche just like how the antiche has more opportunity to detect your cheats when it's in the kernel all the cheats that I've mentioned up to this point have been what we call software cheats you program an application which runs in the same operating system as your game you then exploit the operating system to gain access to said game but what if I told you it doesn't have to be like this there's another type of cheat that exists we call them Hardware cheats instead of exploiting the operating system what if we could exploit the hardware that the operating system runs on well let me introduce you to something called d dma dma stands for direct memory access it's a technology that was made basically to bypass the CPU to give you an example think of plugging an ethernet cable into your computer at any time that cable might be transferring gigabits of data from the internet into your system in the old days your CPU would have to process each and every bit of that data taking up precious CPU Cycles dma allows your network card to directly place the data into your system without the CPU effectively making the operation more efficient Hardware cheats require you to buy a d device and you'll also need a separate computer to run the cheats on you can plug the dma box into your computer via pcie and then you can also plug the box into a separate computer with USB this will allow your second computer to read and write to the first computer's memory where you're running the game with this setup there are literally no cheats running on your system they're all running on a separate computer that a software antiche simply cannot detect anyway ladies and gentlemen thanks for watching the video I hope you enjoyed it as always be sure to check out my socials down below and a massive shout out goes to the following patrons you guys are awesome leave any comments or suggestions down below and until next time cheers and peace out
Info
Channel: cazz
Views: 429,920
Rating: undefined out of 5
Keywords: csgo, bunnyhop, bhop, bhopping, external, csgo hack, tutorial, csgo hack tutorial, free csgo hack, csgo cheat, csgo tutorial, how to code, hacks csgo, wall hacks, hack, aimbot, csgo aimbot, skin changer, 2022, imgui, esp, legitbot, overlay, external overlay, hacking, cheat, learn, hacker, game hacker, game, cheats, cazz, cpp, hacks, pro, reclass, ghidra, engine, games, c++, C++, menu, dear, 2023, kernel, windows, driver, bypass, anti, anticheat, pattern, sig, scan, aiming, cs, assistance, hook, hooking, x86, eac, battleye
Id: 81PsbDKhoBY
Channel Id: undefined
Length: 8min 18sec (498 seconds)
Published: Fri Nov 03 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.