need pb info
•
20 Jul 2007, 20:12
•
Journals
Hey,
Could someone with good knowledge of anticheat techniques, punkbuster and etpro anticheat (and some spare time and good will) please contact me? Anti-debugging and secure programming skills are also welcome.
You can also write as comments to this thread answers to these questions:
1) how do cheats work / what kind of cheats are there?
2) how does pb / etpro anticheat work?
3) what kind of cheats are caught 100%
4) I once played with a cheater and he got kicked by pb, but like 20 mins after he connected to the server. Why so late?
5) Are there uncaught cheats that do not have external executables?
If you know someone who could help answer these questions, you can send him the link to the journal and ask him send me an e-mail or something. Techinical websites are also welcome (but no
NC pls)
Thx
Could someone with good knowledge of anticheat techniques, punkbuster and etpro anticheat (and some spare time and good will) please contact me? Anti-debugging and secure programming skills are also welcome.
You can also write as comments to this thread answers to these questions:
1) how do cheats work / what kind of cheats are there?
2) how does pb / etpro anticheat work?
3) what kind of cheats are caught 100%
4) I once played with a cheater and he got kicked by pb, but like 20 mins after he connected to the server. Why so late?
5) Are there uncaught cheats that do not have external executables?
If you know someone who could help answer these questions, you can send him the link to the journal and ask him send me an e-mail or something. Techinical websites are also welcome (but no
NC pls)Thx
http://forum.boozze.be/viewforum.php?f=29
http://www.crossfire.nu/?x=user&mode=view&id=2049
although yawn does interact with ET, it does not need to consider the cheating chapter, neither the "secure app" chapter. but indeed, it's a good starting point
*new privet hax has born...*
dont help him :~>
how can you almost lol :~>
1) Cheats for ET include wallhacks, aimbots, no damage feedback, and many other minor things. They work by injecting code into the game which often modifies existing game functions.
2) Not really sure about ETPro anticheat, but it is nothing remarkable. PunkBuster scans the running game and any background processes for known hacks or hack-ish code.
3) Cheats that PB looks into and adds detection for will be caught, that usually includes hacks that modify any PunkBuster functions. That's one of the problems with Nexus being so easily undetectable, it's open source and it doesn't really directly affect PunkBuster.
4) PB issues normal IP/guid bans, such as the one you experienced, which can be fairly easily circumvented, but it may also hardware ban someone, which is quite a bit harder to get around for your average cheater.
5) I don't believe any cheats for ET are "external executables". They are usually in the form of DLLs which are 'hooked' onto the game process using a generic DLL injector.
But why is it not enough having the running process searched for any unknown dlls ? Or once injected, the dll can not be traced back?
I'm not really sure about the details of the ETPro and PB anti-cheat systems, since I haven't seen the code for ETPro and I don't work for PB, but I can tell you why they don't work. ETPro cheat detection is contained within the ET executable, so the hacker can simply create their own modified version of the anticheat function and redirect the original function call to their modified one using something like the detours library for windows. This modified function would remove cheat detection and furthermore could do some other things like spoof your ETPro GUID. As for PunkBuster, I'm a bit less certain, but from what I know it only scans for hacks that are known to it, so for a hack to be detected it must be sent to their research and development team. With hacks like Nexus which don't attempt to be "PB undetectable", only can specific versions (of the 100s of Nexus versions out there) be detected, or else the .pk3 files that are included with the hack.
Still, I could be wrong about a few things, so talk with the people who mess with this stuff more regularily at the ETPro forums. I think one of the first things they'll tell you is that it's a lot harder to stop cheats than to make them.
Imo the way to stop cheats is by stopping any DLL injection method on the ET.exe process. There are such programs available (check http://www.diamondcs.com.au/processguard/index.php?page=attack-modification and http://www.kerio.co.uk/manual/kpf/en/ch12s01.html )but it seems such thing is pretty fucking hard to code ( http://dspace.lib.fcu.edu.tw:8080/dspace/bitstream/2377/3598/1/ce07ics002006000144.pdf ) A powerfull enough company like punkbuster should focus some efforts into this direction.