Bypassing anti-cheats

[tdsx]

I'm making a ton of bypasses right now, and I want to get my hands on as many anti-cheats as I can, so please post the source of an anti-cheat or the IP of a server with one. If you're going to post the source, please include both the clientside and serverside code (if you can). Don't mention CAC or HAC, as I'm saving those for later on down the road.<br>
<br>
Below is a list of what I have so far. Some are new, some are old, most are shitty. If the anti-cheat is already on the list, I don't need it unless it's a modified version.<br>
<ul><li style="">Awesome Anti-Cheat Plugin (AACP)</li>
<li style="">Blade Anti-Cheat (BAC)</li>
<li style="">Daz Anti-Cheat (DAC)</li>
<li style="">Fish Anti-Cheat (FAC)</li>
<li style="">GmodZ Anti-Cheat</li>
<li style="">Kevlar</li>
<li style="">LeyAC</li>
<li style="">Sharkey's(?) Anti-Cheat (SAC)</li>
<li style="">Tyler's Anti-Cheat (TAC)</li>
<li style="">Quack Anti-Cheat (QAC)</li>
</ul>Here's the source of the bypasses, but you can't really use them without the module I'm using, which I plan on releasing after I bypass a good amount of ACs. <br>
<br>
<a href="https://pastebin.com/raw.php?i=B174krss" target="_blank" rel="nofollow">https://pastebin.com/raw.php?i=B174krss</a><br>
<br>
Here's the thread for the module in case you wanna know more.<br>
<br>
<a href="https://www.mpgh.net/forum/showthread.php?t=902710&amp;p=10138266&amp;viewful l=1#post10138266" target="_blank">https://www.mpgh.net/forum/showthread.php?t=902710&amp;p=10138266&amp;viewful l=1#post10138266</a>

[FmblJmpprenM8qZh]

Kevlar AC

93.191.11.77:27022
addons/kevlar/lua/autorun/!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!kevlar .lua
addons/kevlar/lua/kevlar/cl_kevlar.lua

[MeepDarknessMeep]

Kevlar AC

93.191.11.77:27022
addons/kevlar/lua/autorun/!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!kevlar .lua
addons/kevlar/lua/kevlar/cl_kevlar.lua

there are already bypasses for this

[Azrius]

uhhh theres a much easier way to bypass this stuff w/ runstring this seems pretty overkill

[tdsx]

uhhh theres a much easier way to bypass this stuff w/ runstring this seems pretty overkill

It's overkill by today's standards, but I'm hoping the standards change. No longer will we have to come up with hacky ways to bypass anti-cheats that can be bypassed by simply never letting them load in the first place, and we can prevent it from loading in the first place with a single line.

It's better to be proactive rather than reactive.

there are already bypasses for this

It's okay, I'll do it anyways.

Code:

--[[
	Kevlar
--]]

if (source:find("cl_kevlar.lua")) then
	net.Receive("lolwut", function()
		for i = 1, 6 do
			if (i <= 4) then
				net.Start("lolwut")
					net.WriteInt(i, 8)
					net.WriteTable({})
				net.SendToServer()
			else
				net.Start("lolwut")
					net.WriteInt(i, 8)
					net.WriteString("N/A")
				net.SendToServer()
			end
		end
	end)

	--[[ 
		I assume this is some sort of global notification 
		that someone was just caught cheating? Whatever,
		not like it hurts to listen for this message.
	--]]

	net.Receive("gotcha", function()
		chat.AddText(Color(0, 100, 255), "[Kevlar] ", Color(255, 255, 255), net.ReadString())
	end)

	return false
end

That should do it, but later on I'll add some realistic cfg and lua folders to spoof the lolwut net message. Right now it just sends empty shit, but obviously you can make it send phony shit.

[D3M0L1T10N]

It's overkill by today's standards, but I'm hoping the standards change. No longer will we have to come up with hacky ways to bypass anti-cheats that can be bypassed by simply never letting them load in the first place, and we can prevent it from loading in the first place with a single line.

It's better to be proactive rather than reactive.



It's okay, I'll do it anyways.

Code:

--[[
	Kevlar
--]]

if (source:find("cl_kevlar.lua")) then
	net.Receive("lolwut", function()
		for i = 1, 6 do
			if (i <= 4) then
				net.Start("lolwut")
					net.WriteInt(i, 8)
					net.WriteTable({})
				net.SendToServer()
			else
				net.Start("lolwut")
					net.WriteInt(i, 8)
					net.WriteString("N/A")
				net.SendToServer()
			end
		end
	end)

	--[[ 
		I assume this is some sort of global notification 
		that someone was just caught cheating? Whatever,
		not like it hurts to listen for this message.
	--]]

	net.Receive("gotcha", function()
		chat.AddText(Color(0, 100, 255), "[Kevlar] ", Color(255, 255, 255), net.ReadString())
	end)

	return false
end

That should do it, but later on I'll add some realistic cfg and lua folders to spoof the lolwut net message. Right now it just sends empty shit, but obviously you can make it send phony shit.

or you can just have a cheat that doesn't get detected in the first place

i am going to ask you again, what are you going to do about random net messages

[tdsx]

or you can just have a cheat that doesn't get detected in the first place

i am going to ask you again, what are you going to do about random net messages

have you not seen the pastebin? I handle all the net messages.

also, here's showing me bypassing kevlar on the russian server @FmblJmpprenM8qZh posted.

[ShitFucks]

Cake Anti Cheat. Fucker detects even my C++ hax

All my client side files for it (I didn't decrypt it, sorry) and the name of the server. I don't have the IP.

Phoenix-RP # Friendly # DarkRP # M9K # TDM # ATMs # 20+ Jobs

[tdsx]

Cake Anti Cheat. Fucker detects even my C++ hax

All my client side files for it (I didn't decrypt it, sorry) and the name of the server. I don't have the IP.

Phoenix-RP # Friendly # DarkRP # M9K # TDM # ATMs # 20+ Jobs

You should've read the thread. I'm not going to bother with ACs like CAC and HAC yet. I'm not committed enough to unjunking the code.

[ShitFucks]

You should've read the thread. I'm not going to bother with ACs like CAC and HAC yet. I'm not committed enough to unjunking the code.

Whoops lol.
I know BlueKirby posted the decrypted code.

[Raple]

Cake Anti Cheat. Fucker detects even my C++ hax

All my client side files for it (I didn't decrypt it, sorry) and the name of the server. I don't have the IP.

Phoenix-RP # Friendly # DarkRP # M9K # TDM # ATMs # 20+ Jobs

Appears safe, approved.

[Flying Gooby]

Great post, OP. This is sure to help people that know how to use this.

It's amusing how many of these anti-cheats lack any sort of ping-pong timer.

[suchisgood]

How to bypass HAC???!?!?!?!?!

Hex offset \x08\x07\x??\x??\x01\x02

DON'T ALLOW IT TO LOAD CLIENTSIDEEEEEEEEEE!!!!!!

CAC just block file and detour netmsg in C++ to avoid being detected by Truth engineering

[tdsx]

Whoops lol.
I know BlueKirby posted the decrypted code.

Yeah I know, but the original names aren't there. I will get to it in the future,and you will be a happier man. Now, repeat after me..........."I will be a happier man."

[suchisgood]

Hello KITTIX
/2short

Don't worry, I'm not kittix, But i know your Kittix!

- - - Updated - - -

I'm making a ton of bypasses right now, and I want to get my hands on as many anti-cheats as I can, so please post the source of an anti-cheat or the IP of a server with one. If you're going to post the source, please include both the clientside and serverside code (if you can). Don't mention CAC or HAC, as I'm saving those for later on down the road.

Below is a list of what I have so far. Some are new, some are old, most are shitty. If the anti-cheat is already on the list, I don't need it unless it's a modified version.

• Awesome Anti-Cheat Plugin (AACP)
• Blade Anti-Cheat (BAC)
• Daz Anti-Cheat (DAC)
• Fish Anti-Cheat (FAC)
• GmodZ Anti-Cheat
• Kevlar
• LeyAC
• Sharkey's(?) Anti-Cheat (SAC)
• Tyler's Anti-Cheat (TAC)
• Quack Anti-Cheat (QAC)

Here's the source of the bypasses, but you can't really use them without the module I'm using, which I plan on releasing after I bypass a good amount of ACs.

https://pastebin.com/raw.php?i=B174krss

Here's the thread for the module in case you wanna know more.

https://www.mpgh.net/forum/showthread...1#post10138266

CAC UPDATE: 2015-01-28 Made the foreign lua check disable itself when the anticheat detects live modification of server files. Because you shouldn't be doing this anyway.