[Release]Bypass aIW’s ACI without even 1 line of programming! + Updated Info
First things first, this is a penetration testing article! So don’t be a noob’s ass!
As I’m leaving MW2 (pc version) forever, I’ve decided to release my private method of bypassing ACI here, for 2 main reasons.
The main reason is that, I, personally, learned a lot from people of -censored- community, so this time, maybe (I really hope so) other programmers/hackers in this community learn something new from me. By saying that I didn’t mean that I’m a 1337 or so, I have a long long way to reach the 1337 level of hacking, but you know, a problem shouldn’t get solved twice ;D
The method I’m going to teach doesn’t need even one line of programming or hex editing a single byte either! But it works! And that’s important. By this I wanted to tell everyone that, sometimes we don’t need to kill ourselves to bypass an anti-cheat! Sometimes we need something called “Creativity”! that is hell more important than coding skills at my view.
Whom I’m releasing this for?
To all those “beg”ers and noobs, I ain’t releasing this for you! Cheating for me at least, is just something called *F U N*! I’ve never ever used a cheat in a public match to annoy or bother other players; I develop my private cheats to satisfy myself as a programmer/hacker. And I’m releasing this to show other people like me, how we can hack a multiplayer game when we have actual source of its servers! Not to gain respects or anything else! Hope this statement showed my will of releasing this.
What is the purpose of this tutorial?
This tut, will show how to easily switch back to older aIW clients. And just for the record, an older client == bypassing ACI! ;D
Ok, nuf said, here is the actual tutorial:
1) A build of IWNetServer which can be found in two different ways:
a) You can obtain a copy of its source and build it here: alteriwnet - alterIWnet - Google Project Hosting
b) Or you can download mine, which is pre-compiled, and a little tweaked in performance and it’ll accept all older versions of aIW clients, below.
2) AlterIW 1.3.37a++ downgrade patch, available below. (Indeed you can use any of those older clients! But I’m using this particular version in my tut.)
3) A firewall which has the ability to block all inbound/outbound packets of a specific application from/to a specific IP address (not a range!)
4) IQ over 60! This is your responsibility! I can’t give you a download link for this one!
Step 1 (Make your old and new client ready):
You should have two different versions of the game. One is the fully updated client and the other one is the older client which in my tut, the older one, is 1.3.37a++.
If you have two HDDs, keep every of these copies in a separate HDD. You know, for R/W speed stuff.
To downgrading your fully updated client, just copy *EVERY FOLDER* in your fully updated aIW directory to their new place, then copy everything you see in my 1.3.37a++ downgrade patch next to your new copied folders.
So now you have two separate aIW installations, one is the 1.3.37a++ and the other one is fully updated IW4M1.
Step 2 (Block the old client to reach master server):
Block iw4mp.exe,iw4mp.dat and steam_api.dll of your 1.3.37a++ client to reach 126.96.36.199
This is the IP address of aIW’s master server. Which is server.alterIW.net.
I’m not going to teach you how to block a specific application to reach a specific IP address! This is your responsibility! But DO know that if you did everything right, when you wanna launch your 1.3.37a++ client, it’ll tell you that the master server is down. But if you did it wrong you’ll get “This build of MW2 is no longer valid for online play.” And you should install 1.3.37a++ again!
So double check that you did everything right in this step by launching your 1.3.37a++ client before proceeding to the next step!
Step 3 (Launch your fully updated client):
As the title says! Launch your fully updated IW4M1 and wait for its console to shows you your LSPXUID. This means that you’ve got authenticated with master server!
Step 4 (Launch your build of IWNetServer):
Again, as title says! You didn’t get it! We’re going to run a master server for ourselves! That’s it. If you’re using my version of IWNetServer, you should run it as an administrator.
Step 5 (Configure your older client to work with our master server):
This is as easy as pie! Just open up your 1.3.37a++’s alteriwnet.ini in notepad and in front of the `server=` write `127.0.0.1` instead of server.alteriw.net
Then open up iw4mp.cfg of your 1.3.37a++ and double check that update/upload options are disabled. (0 values)
Step 6 (Run your older client!):
Ok, this is it! Run your older client and it’ll tell you that the 127.0.0.1 is not officially supported by the alter team. So what? Of course you should hit ok
When it comes up, it’ll bring up the full glory of our lovely 1.3.37a++ again!
Why this method works?
It’s simple! Cuz aIW only use LSP to authenticate us! So every other game which uses things like LSP, can get penetrated with this method.
I’m an anti-cheat programmer, what I should do to prevent this method?
As I said in preface, this is a penetration testing article. So it’s obvious that I’ll provide a way to prevent this. Here we go, this is what I think:
1) You can double check status of your authenticated player every 2~3 mins or so. It’ll blow up their cover. Cuz the first client is not in game but the second one is!
2) Port scanning! The first client is connecting to master server with port 28960 but player is playing with its port 28961! It’s really obvious that something is wrong!
enjoy! proof of the method is the pics at the first of the topic and this one:
It seems that we have a misunderstanding here! this is not a cheat! this is my private method of bypassing ACI! the cheat in the pictures is not mine! it's sph4ck's lovely EXT ESP 5.2 with aIW offsets!
DO NOT Close the fully updated client after entering a dedicated server! you'll face a "Steam Auth Failed"
Some hints and updated info:
1) As this method requires two instances of the MW2 running in the same machine, if you have a poor PC , you’ll get lagged during playing on the old client. So it’s highly recommended that you lower the graphics of your new IW4M1 client to its minimum and set its dimensions as well (on most cases the lowest dimension possible is 640x480)
2) Some hacks/cheats needs title of the MW2 window to inject themselves to the game. So I recommend you change the title of your new IW4M1 client to something else. If you don’t know how to do this, try Googling an app called “Window Title Changer”
Or use this Auto Hot Key scripts to change its title:
3) If you don’t like your 1.3.37a++ client’s borders, you can use this Auto Hot Key script to destroy its borders (you must change the title of your M1 client first!):
WinSet, Style, -0xC00000, alterIWnet
4) This method as presented in the article, won’t work with matchmaking stuff. But its applicable to matchmaking as well. Use some creativity! It’s a lil bit complicated but it’s applicable
5) If you want to start learning how to write cheats for MW2, the M1 client is not really suitable for starters or learning purposes. I highly suggest switching back to 1.3.37a client. You can find its downgrade patch somewhere around the net
6) For the devs: if you want to use lowest resources as possible, download a d3d9.dll proxy dll around the net, go to its present methods declaration area (both normal and swapchain), and make em return NULL. This will disable DX presenting stuff
so what you are doing is playing with CoMpMstr's Iw4m1 patch (which by the way is the only reason ************ has been able to use COD6esp)
and using a second client to authenticate the *signal* so the downgraded client gets to keep all the good data or something...
rather desperate measures really....
anyway thank CoMpMstr for allowing you sorry asses to cheat, without him you'd be stuck with 0/20 K/D
This is a copt & paste, the thing is, I was the author of this method. This method has been working for me since 9/19/11 and thought I'd upload the method one day.
Discovers a crappy way around something 4 months ago, wont post it on both forums even though he's the author.. Seems legit
Seriously, you have like 5 released hacks (or, those threads were deleted) where you just repacked someone else's hack with compsters hack patch and then claimed that you had made a whole new hack that's undetectable-.-'