How Hackers Bypass Kernel Anti Cheat

Показать описание

How Hackers Bypass Kernel Level Anti Cheat

For as long as video games have existed, people trying to break those video games for their own benefit have come along with them.
Running at the deepest level of your system, kernel-level anti-cheat has been hailed as the most effective way of stopping cheaters.

So how are they still breaking through?

Chapters:
0:00 External cheating
3:40 Injection
4:10 Into The Kernel
5:05 The danger begins
9:01 Vanguard and friends
10:01 Vulnerable drivers
14:03 Direct memory access

Рекомендации по теме

Комментарии

"do you trust the developer of the game you're playing?"
the entire league community: no but its not gonna stop us

alterranlongbow

DMA users have been caught only because they all used the same driver for their DMA cards. In order to hide the DMA card, it pretends to be a network card, but Vanguard just banned every user that used that one network card. Those who used different drivers (not many) for their DMA didn't get banned.
Edit: Yes that means legit users of that network card did get banned. But when was the last time Riot cared.

morosov

Allat just for most games to still be full of hackers

Vanguard classifies people trying to play on Linux as hackers more often than it does actual hackers, basically because Linux doesn't just let people start writing shit to the kernel because that's stupid

Also, having Vanguard boot up on startup, you know that kinda sounds like a virus

Alcaline-huvu

You know normally I hate kernal level anti-cheat, but maybe I should thank Vanguard for making me quit my 8 year league addiction...

PopeMical

Dude I didn't expect a whole documentary, this is sick

vert

2 Weeks later Crowdstrike killed half the internet. The irony :D

druffel

4:43 - lol that just recently happened with Crowdstrike

blueparagongamer

Honestly with how many more people make cheats vs employees making anticheat, i dont think it will ever be possible to make an uninvasive anticheat that has no workaround, one of my favourite bits of real life lore was when ubisoft (i think it was them at least) put new anti piracy measures in and the guy who cracked it left a note file in his pirated version of the game saying something like "good job with all those months of development, it made my team take about 7 minutes longer to pirate"

Cheaters will always find a way, no matter what

rekscoper

A correction for 2:40 - the cheat shown with Flash having zero cooldown was possible not because of cheating software, but because runes and masteries used to be saved locally on your PC, allowing people to open those files with a text editor and sink 30 mastery points into summoner spell cooldown reduction. This exploit was fixed by moving runes and masteries to be stored server-side.

SleepyFen

Buddy you forgot about the CUDA driver and using it to inject into the memory :) btw DMA and arduino is not patched if you know how to code an anti debug and attach it to your driver you bypass vanguard anyway here u go for the leaks script kiddies enjoy bypassing them all :)

SnapWireOnlyOne

I've stopped playing league after implementing vanguard (linux user) and holy shit, my life got better from that point. I will never return to league

hiiver

For the last question: no, I don't trust Riot and Tencent with my information

SinNombre

Hearing the compilation of cheater screams was music to my ears

Hylofear

Even with (some) PCIe cards out of the picture, there's still so many possible avenues to get memory access, like DMA via Thunderbolt, stealth VMs that obscure their identity and hypothetically SMM if you are able to get in on the hardware OEM's level (which would sit even deeper than UEFI malware). Failing that, your second cheating PC still could act on the video feed to give you super-human reflexes, combined with a modded physical mouse.

DSamp

Client side anti cheat isn't even crucial because Server Side Anti Cheat is way better and can't be just killed or disabled. For example if you want to prevent players from looking through walls just don't send the other Players Position if there not visible or if you have a speed hack the server could just check if this is even possible and just don't let you. Minecraft is a good example because almost all Minecraft Anti Cheats are Server Side, and they work without needing any Client modifications

Rajala_y

The question of balancing user privacy with game integrity is one that developers are simply going to ignore, forever, until large enough percentages of their games' player base collectively boycott the game. As it is, this question won't even appear on their radar of concerns.

matthewdavis

Honestly I repect the bravery of people who played League for more than a couple games and decided
that's the company they trust to not (intentionally or unintentionally) fuck up their system with Kernel level software.

MrAntiKnowledge

Another method I heard about is to run cheat completely "offline", solely based on screen data to control the inputs. No special cards attached, no memory access, nothing. Cheats like this are really limited since what it can see on screen is all it has to work with, but still provide some advantage. As I know, the only way to detect such cheats is scanning for presence of inhuman reaction and impossibly smooth motions in input. As in, behavioral detection.

lainverse

This is why I have been telling my friends for years that serverside anticheat is the future. Kernel level anti cheat is basically an attack vector waiting to be used, because all it takes is an exploit in one and boom, not only can a cheater break the anticheat, but cybercriminals can use it to deploy malware payloads, utilize privilege escalation exploits, etc. Serverside anticheat on the other hand, doesn't run locally and hackers can't even gain black box access to it. Plus, it can be continually refined without cheaters gaining access to it. On top of that, small, specialized AI can be built in order to create and refine heuristics that allow for catching cheaters that otherwise appear to be just skilled at the game when they're really just skilled at toggling their cheats to blend in their cheating with legitimate gameplay. It's probably the best way to win the war against cheaters. Cheaters vs developers will remain a cat and mouse game, but it will give developers a significant advantage in fighting back against cheating.

GLDNRD

the endgame for cheaters is having a robot with a camera pointed at the monitor and using mechanical hands to press buttons on the keyboard and move the mouse around, and the endgame for anti cheat is either AI that just bans people for looking sus, or having thousands of human moderators review replays and ban people for looking sus

itchylol

How Hackers Bypass Kernel Anti Cheat

How Hackers Bypass Kernel Anti Cheat

@PirateSoftware explains kernal level anticheat

This Is How Hackers Bypass Kernel Anti Cheat

Why You NEED a DRIVER (for hacking games)

why riot's new anti-cheat is a HUGE problem.

Kernel Driver Meme #kernel #anticheat #gamehacking

Unveiling the Underground World of Anti-Cheats

How to Bypass Anti-Cheat for MODERN Game Hacking!

How do Anticheats Work?

Hacker's Gave me a Game and I Found a Virus

most dangerous Virus in Windows 10

How to Detect Threads & Bypass Anti-Cheat Detection

The New BIOS Hack That Bypasses Every Antivirus

Kiosk mode Bruteforce Evasion with Flipper Zero

The Dangers of Anti-Cheat Software - ft Genshin Impact

Mr. Robot Sucks

NEVER buy from the Dark Web.. #shorts

OMG😱😱😱😱😱..!!!! Ransomware Menyerang.....

Hacking into Android in 32 seconds | HID attack | Metasploit | PIN brute force PoC

#HITB2023AMS D1T2 - Bypassing Anti-Cheats And Hacking Competitive Games - Rohan Aggarwal

Bypassing Anti-Cheats & Hacking Competitive Games

Linux users be like

When you first time install Kali linux for hacking 😄😄 #hacker #shorts

The Anti-Cheat Situation On Linux ...