-
Reverse POE client anti-cheat
Anyone (know someone) actively working on reversing the POE client anti-cheat ?
Feel free to PM.
-
https://www.ownedcore.com/forums/mmo...ostmortem.html (Path of Exile Anti-Cheat Postmortem)
From what we know of 3.0 (or higher), it basically gets downloaded on demand by the server, does its thing, then immediatlly unloads and responds back to the server. There was someone who was looking into dumping the anti-cheat, but they got tired of waiting for the payload to be delivered to them.
-
Is PushedX still active?
No one else working on post-3.0 AC reversing (publicly, on OC) ?
-
Originally Posted by
thefrobel
Is PushedX still active?
No one else working on post-3.0 AC reversing (publicly, on OC) ?
I would doubt that he is still active, but you can always try to PM him. As far as I know, nobody is publicly working on reversing the AC. We aren't even sure that the anti-cheat is in use right now. Also, because it is delivered on-the-fly, without a patch, they can modify their AC whenever they want.
As far as we know, their anti-cheat can only run within the confines of the game, and from the assumptions we've made based on the thread I linked and previous detections... we should in theory be relatively safe while running PoE with limited permissions (the limited user method).
-
Member
If the anti-cheat runs within the confines of POE game. is it possible for them to detect background running .exe's or .ahk's on my machine?
-
Originally Posted by
Mandatory
If the anti-cheat runs within the confines of POE game. is it possible for them to detect background running .exe's or .ahk's on my machine?
If you run PoE with sufficient permissions to do that, then yes. If you run it as a limited user, then probably not.
-
Member
Originally Posted by
Sychotix
If you run PoE with sufficient permissions to do that, then yes. If you run it as a limited user, then probably not.
sufficient permissions. is that when you run it as admin?
does it run with sufficient permissions by default?
-
You'd have to specifically set it to run as a limited user.
General permission as well as running as Admin allow for enough permissions for any windows process to read processes in memory / etc
https://www.ownedcore.com/forums/mmo...ited-user.html (Run PoE as a limited user)
-
Post Thanks / Like - 2 Thanks
Sychotix,
pbot (2 members gave Thanks to thefrobel for this useful post)