Block Blizzard Cheat update?

[lyan123]

Hi,

I think that (or was) the pixelbot isn't(wasn't) detected. So to detect it they have to run an update for the detection.
This update needs to get downloaded so I thought about blocking the updateserver of that in HOSTS.

Can anyone figure out what's the host? Thanks!

[Smitten]

If it was as simple as that, I think every bot developer would have implemented it by now

The update, as far as I'm aware, is downloaded directly through the game client, and delivered along with the actual game data. I could be wrong on this, but my above point stands.

[lyan123]

Well maybe it's not simple to find out where it gets loaded but I think it's logic that if they can't update the AC they can't detect it

[Vulteer]

Are you questioning Blizzard's AC? You think they're that dense to not realize every possible exploit?

[Denuvo]

Are you questioning Blizzard's AC? You think they're that dense to not realize every possible exploit?

Life would be ten times easier of one could just "realize every possible exploit" in a product.

There's no such thing as Flawless.

[Vulteer]

Life would be ten times easier of one could just "realize every possible exploit" in a product.

There's no such thing as Flawless.

It might not be flawless but it sure does better job than other ACs. It really puts VAC to shame.

[Nerdrenx]

It might not be flawless but it sure does better job than other ACs. It really puts VAC to shame.

No it doesn't. Every guy who has a decent cs go hack has their own and play it without any issue. They just don't sell it to prevent lawsuit.

On another note, they would just have to check on launch or everytime you join a game the AC hash and they would know if it's updated or not. - you can bypass that though by patching the fonction who returns the value. Which could be as well protected.. which you could once again bypass, but you could bypass the bypass and so on...

But eventually, it's easierto fool the AC than disabling it.

[Vulteer]

No it doesn't. Every guy who has a decent cs go hack has their own and play it without any issue. They just don't sell it to prevent lawsuit.

On another note, they would just have to check on launch or everytime you join a game the AC hash and they would know if it's updated or not. - you can bypass that though by patching the fonction who returns the value. Which could be as well protected.. which you could once again bypass, but you could bypass the bypass and so on...

But eventually, it's easierto fool the AC than disabling it.

Well of course, captain obvious. Having your own private everything is a million times safer...

[Denuvo]

Personally, I believe that Blizzard's anti cheat's forte is not the AC itself, rather the team behind it.

Since Blizzard has a dedicated anti-hack team, they most likely have the time and budget to spend browsing popular sites that would offer such hacks, obtain them, analyze them and slap whatever is required to detect it in the next update.

After a few weeks of the AC flagging piles of accounts, they start the ban wave. Then you get the godly threads of people claiming they'll hack/sue blizzard.

Just like any other FPS, it's a game of cat and mouse. Warden isn't this godly ethereal being, yet it isn't dust either.

Now, this is all speculation of course. But it is plausible.


Interesting related reads :


Valve CEO Gabe Newell explains how their anti cheat, VAC, temporarily looked for a certain DNS query due to a hack using DRM protection that could easily be found and tagged.
https://www.reddit.com/r/gaming/comm..._vac_and_trust


A person on the Overwatch subreddit explains possibilities of how Blizzard may go about countering cheating, pre-release.
https://www.reddit.com/r/Overwatch/c..._about/cytsmuj


Ram Bhakta, Engineer @ Microsoft, explains Warden/anti cheat(s).
How does Blizzard detect maphacks in Starcraft II? - Quora

There is a whole lot more reading available online, for those that can't/do not want to reverse the software itself and look at how it all works.

[Nein KJ]

If you're trying to make a OW cheat (even though I know you aren't trying to,) the first thing you should scratch out of your list is trying to block blizzard AC update.

That is not about how you go to fight an Anticheat, there are different methods to Bypass it, but blocking an update isn't one of them.

[lyan123]

If you're trying to make a OW cheat (even though I know you aren't trying to,) the first thing you should scratch out of your list is trying to block blizzard AC update.

That is not about how you go to fight an Anticheat, there are different methods to Bypass it, but blocking an update isn't one of them.

AC answers the server "Everything OK here" (encrypted with different values etc.) so you would have to RE it and rebuild the func.
You are right, my skill is way beyond that, I couldn't bypass blizzards AC.

However - I still kinda made a Hack for now. I took the "Korean AHK Bot" and recoded it in delphi (performance is trillion times better) Installed a raw-input global mouse hook, made the most efficient pixelsearch function that is possible for the 4 pixels of the health bar and implemented some nice threading. I did copy the Math to move the mouse but what I changed (that significantly changed the stuttering) was to linear adjust the "rX" value based on how far you are away from the target... I wonder what could they detect? Afaik mouse_event() sends the input directly into the mouse stream, so there is a little chance right?! I also don't believe they monitor the mousemovement and check whether it's weird or so..

Taking the screenshots shouldn't be a factor either so.. what is left? I think only the signatures of ImageSearch from AHK and shit like that and since I am using my own delphi tool I should be fine RITE?

[Nein KJ]

I have no idea how invasive blizzard AC is(no one does), and I haven't looked at the AHK code, cause I'm not interested, but if you're running the hack on a higher level you should be fine.

However, I do think, they will detect "inhuman" mouse movement, so I would try to spoof the mouse events, there are some tools in windows to spoof input event,though i don't know how this would interact with the hack nor how it would register in the game memory, but if you want something safer you should go down that road.

In Linux, this would be so much easier.

[lyan123]

I think programming in a native language, using RAW input is on a lower level than ****ing AutoHotKey LOL