Maybe I somehow did not put it correctly, well, I’m doing anti-cheat, and I want to screen the game, but when I see a screen with a cheat, the cheat menu is not displayed in the screenshot. How can this be circumvented, is it necessary to intercept any f-ii, how to proceed? Thank you in advance!
Closed due to the fact that the essence of the question is incomprehensible by the participants αλεχολυτ , Regent , gbg , user194374, cheops July 16, '16 at 12:58 .
Try to write more detailed questions. To get an answer, explain what exactly you see the problem, how to reproduce it, what you want to get as a result, etc. Give an example that clearly demonstrates the problem. If the question can be reformulated according to the rules set out in the certificate , edit it .
- 2Unfortunately, we all have libastral buggled here - we do not know which game you are screening. Convey in another way. - gbg
|
1 answer
If the game is written in "directX" (90% of all games) and the cheat intercepts the "Present" method and displays menu elements through it, but most likely it is, then all the screenshots you will be doing will be done between the "BeginScene" methods and "EndScene", and then a method will be called that changes buffers in places (aka "Present"), it has a cheater and draws a menu, it turns out that the menu is drawn after drawing all the game objects and calling your screenshots))) and therefore, it is not displayed on your screenshots, what is the way out?
Checking for substitution of the original function Presenta or EndScene, if the function is replaced then there will be a jump instruction to the place where the cheater menu will be drawn, then the original function will be called, removing the signature of the original function will not make it difficult for you at all, it is simple, it’s another thing flashed and intercepted by the pointer that goes from the game to the directX interface, there is already a dynamic memory and it is almost impossible to burn it.
Playing a windowed mode and taking a screenshot of the desktop, but it’s so clean from hopelessness if, for the most advanced cheaters do so, load their module into the game, create a child window, initialize a separate directX interface and draw everything there.
In general, the screenshoter is not the best option to track the cheater, you need to catch changes in the game client itself, but here, too, the grandmother said for two, if the cheat is built in the image and likeness of your game engine, then you will not track changes in the game and the cheater will go with impunity "cheat"))), well, you can compare the maximum of the reference (the maximum value that can be) the values of lives, armor, restoration of running there, etc. etc.
I do not offer ready-made anti-cheat types such as FF, EAC, PB - because they are very expensive for the average person, but you can take a complex look at the problem of cheating, for example, a screenshot of the game client’s scan to change the memory + put an anti-debugger + check the client for the presence of extra modules (dll), check the list of system processes for downloaded applications and their modules like "ida", "olly", etc. In general, if you sit down and think, you can invent a lot of things))
UPD:
From the video, the same trouble as with the screenshots to make a video fraps, well, or another video recording program, shouts, yes shouts !!!, just like the cheater draws his menu))), well, not exactly, more difficult and professional (if desired, the source can be found on the githaba), so this is how the program for recording video works - it takes a "screenshot" of the game frame, if you can call it that and then encodes it in the video, the cheater's menu is drawn after this "screenshot", here it is not visible, there are two nuances that are in your favor - 1. If the game is “recorded in windowed mode” (notes amb have desktop !!! everything to be seen), then read the menu will be visible. 2. Hook fraps, well, or another application for recording video from the game strongly conflicts with the "cheater hook" and the game may crash.
UPD2:
What to do in this case? I don't know for sure, is there a good anti-cheat "EAC" paid or free? most likely paid, it is better to clarify at the office, so it perfectly protects against the introduction of external modules into the application, in your case it is KSGO, try it, look at the setting of this anti-cheat on YouTube, as a result, cheaters will not be able to directly change the memory of the game, as well as implement in client modules) that will give excellent protection.
Duracell Duracell
1,223 2 gold marks 7 silver marks 22 bronze marks
- Since I am doing anti cheat for one tournament, you can ask everyone to do a windowed mode, since essentially a simple option. I do anti-cheat for the game CS: GO, because there is very much like to cheat. But it is interesting, basically there are cheats on WH, and how do I know the changes in the in-game process, since I am not very friendly with it, but I really want to learn how to use it all properly. In fact, I need to do some kind of universal way. And by the way, it became very interesting when shooting a video, neither WH, etc. is visible either. What is it like? They also replace the same f-ii? Thanks for the detailed answer)) - HackMemory pm
- @HackMemory, updated your answer in connection with your question, because it didn’t fit in the comment - Duracell
- Yes, let's clarify. So let's say my anti-cheat, it's like an addition to the EAC, and everyone is getting around the cheaters, I did something, I take videos from the screen, send them to my server. I’m looking there, but I can bypass everything, too, I want to find all the detours that exist. I got the idea to just take a screenshot of the game, but even here they win. What should I do then? I need to read something like that earlier and check for substitution, right? - HackMemory
- @HackMemory, damn it is interesting how they bypass it ... On the account of what to do - screenshots the game, check the place that the cheaters are hitting, to understand what kind of place you are looking at the youtube.com/… directive on creating the hook and you will understand everything at once, What place to check in the module "d3d9.dl" and then with a normal pattern find scan the client's memory? but damn if there is an eac then you need to make it so that it starts the game client and then no one can download anything to the client and this will be the best defense - Duracell
|