Some questions about loaders

This is a discussion on Some questions about loaders within the Counter-Strike: Hack Chat board part of the Counter-Strike Forum category; Originally Posted by Atex has the ability to detect keystroke to command line prompts I also have trouble believing that ...

Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12
  1. #11
    benaghi is offline Member
    Array
    Join Date
    Jul 2015
    Posts
    29
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    5
    Reputation
    5
    Quote Originally Posted by Atex View Post
    has the ability to detect keystroke to command line prompts
    I also have trouble believing that VAC does this.


  2. #12
    LordTristan's Avatar
    LordTristan is offline Premium Member

    Array
    Join Date
    Dec 2013
    Location
    United States
    Posts
    1,067
    Mentioned
    24 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    8
    Reputation
    436
    Quote Originally Posted by Kspade View Post
    Is it more safer to have a USB for every cheat? (ex 1 for interwebz, 1 for ox02) Or would it be same security if I just made different folders for every loader(friend does this) and how it would the 2nd part work if some cheats require steam to be closed? (ex. interwebz.) also can i rename loaders as-well?
    Valve enumerates all devices, they will see the suspicious process or module they want to scan exists on a device that was disconnected. The purpose of running a cheat on the USB is because the Usn Journal only exists on NTFS drives and most USB are FAT, FAT32 or exFAT so if you force your users to run a cheat from a USB that is not NTFS, you're protecting them against a potential detection vector. I do it specifically to remove the possibility of a client detection via USN Journal. Dopescope's comments are partially true but they're just so poorly worded that it sounds absurd when you read it how he typed it.

    The keystrokes, he may be referring to commands because VAC does indeed detect bunny hop scripting if it appears too robotic, they do enumerate devices as well and they can tell if a process or file existed on a disconnected USB. They do create unique identifiers using fileIndexHi, fileIndexLo and the VolumeNo and it is true that renaming and moving the file doesn't often change the identifier. I haven't seen proof of them decompressing files or processes being scanned, you could maybe do that with UPX but not with something like VMProtect, Themida or NoobyProtect.

    I also did bring up recently that I was told Valve appeared to be heading toward scanning for deleted cheat files that had not yet had the space they once used overwritten with new files.
    Last edited by LordTristan; 08-24-2015 at 02:01 PM.

Page 2 of 2 FirstFirst 12

Similar Threads

  1. WC3 LoaDeRs
    By 4GoTeN_Ho3 in forum Warcraft 3 forum
    Replies: 78
    Last Post: 04-14-2011, 02:55 AM
  2. [Release] Wc3 Loaders FoR xP
    By 4GoTeN_Ho3 in forum Warcraft 3 Hacks, bots and tools
    Replies: 8
    Last Post: 03-27-2011, 10:58 PM
  3. Anyone going to update loaders for 1.25?
    By ownagemike in forum Warcraft 3 Hacks, bots and tools
    Replies: 3
    Last Post: 03-23-2011, 08:54 PM
  4. Wc3 Loaders for MACS
    By Hopegha in forum Warcraft 3 Hacks, bots and tools
    Replies: 3
    Last Post: 03-18-2011, 06:06 AM
  5. Wc3 Loaders #2
    By Vearb in forum Warcraft 3 forum
    Replies: 5
    Last Post: 07-30-2010, 08:23 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •