Interesting to know how VAC system works in CS:GO Thanks for your post.
Awesome post man, although seems like majority of people still do not understand this even though you simplified it so much. Much Props to you.
Interesting to know how VAC system works in CS:GO Thanks for your post.
I'm using the Unbreakable multihack source code, say I wanted to make it undetected, all I would need is a different signature? I've stripped out some of the features that I don't want to use and changed the binds. What else would I have to keep it UD?
The hack also has different hashes, but apparently that makes no difference.
What is the easiest way to change signature?
so enigma vmprotect and thermida can be detected too?
Fascinating post... thanks!
what if i use both enigma and vmware. will that work and if so, will it make it more undetected or more detectable?
It will make it less detectable. Honestly, just find a hack that uses polyloader and you should be better off as it changes the signature everytime the hack is loaded.
However, that doesn't mean Overwatch won't detected. Also Untrusted bans can easily happen to you if you decide to use a hack that is outdated where the offsets are incorrect.
News Force Head Editor from 09/14/2018 - 03/02/2020
Publicist from 11/23/2017 - 06/07/2019
Global Moderator since 09/24/2017
Minion+ from 04/16/2017 - 09/24/2017
Market Place Minion from 04/16/2017 - 09/24/2017
Minecraft Minion from 02/23/2017 - 09/24/2017
Realm of the Mad God Minion from 11/06/2016 - 09/24/2017
Middleman from 09/14/2016 - 09/24/2017
News Force Editor from 08/23/2016 - 09/14/2018
News Force (Section of the Week) from 03/21/2016 - 07/17/2017
News Force (User News) from 10/18/2015 - 09/14/2018
Donator since 03/16/2015
Realm of the Mad God Editor from 05/20/2014 - 07/08/2014
Member since 12/23/2012
Rep Power: 82
This is not actually how it works, VAC never dumps / sigscans the whole RAM of the system, this would be considered really intrusive.Signature scanning works by scanning the RAM (all the running processes)
Instead VAC looks for processes that has opened HANDLEs to games protected by it. Only when process meets such a requirement, the process is scanned and or sent for further analysis by VAC.
Zer0Mem0ry
C/C++ Programmer, Youtuber, software enthusiast & hobbyist.
Donate: (bitcoin): 1JhSKGgRQmir8rRF4Sm5CP4fDDofKFAypd
Youtube: https://www.youtube.com/channel/UCDk...ariJF2Dn2j5WKA
Skype: virtual_coder
Technically speaking, it is scanning your virtual memory which contains data of frames from your physical memory and your harddrive (on disk).
So in a way, it kinda is scanning your game-memory and processes that have access to the game's memory address space. But only the game's virtual memory pages and the memory pages of processes that tries to access the game's memory.
That is the main reason as to why inserted data in the game oftenly triggers detection if not cleaned up properly.
"A virtual page is 2k consecutive bytes, which is super word-aligned. This is the page the program thinks it is dealing with. This page can either be in RAM (physical memory) and/or disk."
So yeah, we're already "invasive", the question is where we're invasive. There's a difference between being intrusive inside your own game and being intrusive to your system. ESEA is intrusive to your system in the way where it encorporates its scans onto your kernel memory and user-mode memory.
Last edited by VirtualRoot; 10-16-2016 at 07:37 AM.
So if I use Enigma on a downloaded public cheat exe do I not have to add junk code as you said it before? Because you said to someone that he shoudlnt fuck up the junk code?!