Why You NEED a DRIVER (for hacking games)

Corrections:

- Socket communication isn't bad because of speed. Rather, it requires a system thread which is easily detectable.

- MmCopyVirtualMemory is detected.

- Manually mapping your driver is not a "free" or perfect solution to mapping your driver. Buying a certificate is obviously not undetectable either. Public communication methods are certainly detected as well.

Some advice from Sariaki:

"If i had to start over right now i would start by reversing the devirtualized battleye driver, thinking of a comm method myself and then going straight to the next step, thinking of a way to inject without getting detected"

cazz

Would love to see how those companies would react if we were to install kernel level system loggers...

iglobrothers

i've always wanted to understand how drivers work, thank you!

ooheureka

Exactly what a cheat dev was telling me. If the cheat you are using has an undetectable driver that hasnt been picked up by anti cheat and only one person uses it. You have an undetecable cheat.

xTenzSlays

at this point anti-cheats are basically becoming spyware

breakinggames

For anyone wondering : yes the QR-Code at 1:23 is a Rickroll.

_loxymore_

Little correction: Ring 0/the kernel is NOT the most privileged part of your computer, Ring -2/the IME or AMD PSP is.

xfadead

never understood how anyone would happily allow Anti-Cheat or even Cheats to run at kernel level and trust them.

flexyjerkov

what an excellent video on fighting back against invasive software. Well done.

rohansampat

You’re videos are informative and concise. Many game hacking related videos are made by people that don’t know how to explain what they are doing (usually because they are copy and pasting)

xCPC

"The Windows Kernel is public and very well understood" as someone who interacts with the guys who write kernel cheats regularly, i can tell you right now that "well understood" is not a descriptor most of them would use for the windows kernel. I regularly hear stories about guys using poorly or completely undocumented functions that tbey found by scouring decompiled code and header files. Otherwise, great video 👍

miles

now obviously, the future of cheating in video games is in machine learning. You don't even need access to the game AT ALL to read the image data from screen, where an advanced deeply trained AI can interpret imagery and adjust mouse inputs accordingly. Super simple but there's currently nothing that can be done on a system level to prevent these cheats (that have been out there for years, you may even have encountered them but they are usually so subtle yet effective it get's called "smurfing")

hiiambarney

Would love to see a video on DMA devices, I read a post about using a virtual machine/ second s PC + a DMA device and found it very interesting as it avoids HWID bans.

Karltyyy

2:40
It should be noted, as a random piece of Windows History/Trivia. That the OS Controlling RAM Access was first done in Windows NT. And has been more or less this way since XP. 95, 98 and ME did not follow this convention. But XP and new Windows Versions do.

hegyak

1:20 This isn't entirely true graphics drivers can be recovered in windows it's called "Timeout Detection and Recovery (TDR)" and it's pretty cool IMO.

SuperTortise

sockets are easily deteceted, for some games people use a rasperberry with port W (wifi) so it can recieve info directly from your wifi and then you configure it to seem as your mouse. But you will still need to make a bypass to make the rasperberry invisible (make it so it seems its not connected to any socket, normally it will be connected to the USB-3.0 socket)

pitubul

Low level security with video game examples, your channel is a gold mine!

wlockuz

The biggest issue I have with Kernel level anti-cheat software is when it remains active even when I do not ACTIVELY PLAY the game.

Vash.Baldeus

I mean, the absolute ultimate cheat driver would be a separate machine that you could connect HDMI/DisplayPort to, and two usb ports to. It'd fudge a display, keyboard, and mouse, and since there's no way for any in-machine program to prove that those signals aren't legit since nothing in the machine itself is being modified.

And I wouldn't be surprised if they came out with an A.I. that could subtly adjust your actual inputs to improve your game. Since some anti-cheats rely on seeing either unrealistic inputs, or a sudden change in input styles. So, an A.I. program that could slowly adjust your inputs more and more would be indetectable to it.

goldenfloof

So many people in these comments just wanting to get cheats lol with no interest in learning anything.

So sad, such little effort. They would be so easy to give malware to. They will download anything you give them and run any batch file you want just because they want to feel better at the game than they are. We optimized games for competitive play in windows (not for any cheating, just tweaks to windows to make it not shit), and kids would literally do anything we gave them. My friend gave someone a bat file that was mostly gibberish obfuscated and it had a command somewhere in the middle to check all drives for fortnite and uninstall it. Most harmless thing but the kid really saw it uninstalled, reinstalled it, and did this 4 more times before asking why it wasn't working.

If you did anything worse than that it is just so easy. It is sad. But we need to be aware of the danger in these communities because people who cheat for malicious reasons are often willing to also do malicious things to people.

felicityc