search

danielkrupinski / Osiris

Cross-platform game hack for Counter-Strike 2 with Panorama-based GUI.
MIT License
3.33k stars 965 forks source link

This community.. #1701

Closed ghost closed 1 year ago

ghost commented 4 years ago

Hi, I saw there too many threads about Detection || Doesnt works || How to make it UD

Guys, If you really dont know anything how works valve anti cheat system, or dont know how to update offsets, signature, If you dont know how to debug something, just stop pasting. I really know there is someone who can help you, but there is too many threads "unnecessary".

Tho, when something doesnt works you can go on unknowncheats.me, or try to read something about how the function works.

Tho please stop comment some threads with i got vac ban and on your profile is ow ban, honestly.. thats dumb, if you dont know what is vac and ow.

I guess there is zero chance to get this cheat detected, only if valve dont be lazy and get dll of the cheat into their blacklist (they are lazy, u know..) But if you really dont want to risk, just modificate the original source code. Example: Remove/Add some features, like that you little change signature, not too much effective but still better to remove/add something, then use original without any input. Tho can be useful the Daniels VAC-Bypass (Loader)

JunkCodes does nothing, its useless.. VMProtect tho dumb idea, cause still it get decrypted in runtime (when u inject it), so you get the original signature.

Learn something about c++ Unknowncheats CS:GO Section What is VAC/OW Daniel VAC-Bypass

ocewot commented 4 years ago

i removed features and got a vac ban 5 days later used it for about a month i didnt use the vac bypass that probably would have prevented my ban but i feel sketched out using the bypass because im uncertain of how valve will patch/detect the bypass. i have a feeling osiris is actually detected i literally tested my paste of it just to see if it was and i only used it with an undetected injector i was vac banned not overwatch and not untrusted either

ghost commented 4 years ago

i removed features and got a vac ban 5 days later used it for about a month i didnt use the vac bypass that probably would have prevented my ban but i feel sketched out using the bypass because im uncertain of how valve will patch/detect the bypass. i have a feeling osiris is actually detected i literally tested my paste of it just to see if it was and i only used it with an undetected injector i was vac banned not overwatch and not untrusted either

I dont want to trust osiris is detected, cause too many people said they dont get vac banned. I using osiris as base for my private cheeto and its not detected, important part is add/remove some features, to change the signature, tho you can change the hooking method. This part about "undetected injector" dont tell me anything, cause its more then few months and I dont get vac banned or something. As injector I using Process Hacker, with bypass and its UD. Tried tho with private injector, and without bypass = undetected.

Its based if you change the signature or nah, dunno if osiris is detected, maybe only hooking method thats why you need to change it.

Tho some people thinks: When I add junkcode, it be undetected, its aint true. It works as HASH, but still signature is same, you prob. get hitted in vac wave buddy.

Tho what i can recommend:

Make inline generator what generate you some strings, that you can call in memory, it can little change the signature but like 0.01%. I actually using it tho, and its cool, tho can view the output in the menu, seems cool.

^^

When i talk about this, you can make it as hide thread, and set some millisecond timeout, to lower cpu usage, BUT it be works only 1 time, just something like this. 

 static bool generator = false;

 if (!generator) {
   //TODO
  generator = true;
 }

When we set it on true, it dont be called again in the same time, just thread be closed.

ocewot commented 4 years ago

what you say in my opinion is conflicting, you say " dont want to trust osiris is detected, cause too many people said they dont get vac banned." then you say "but still signature is same, you prob. get hitted in vac wave buddy." firstly i did remove features but my point is you are saying it isnt detected then you are saying i probably got hit with a vac wave? like what?

ghost commented 4 years ago

vmprotect doesn't decypt it? its just a runtime interpreter? (seems like you don't know what you are talking about). and vmprotect is vac detected.

ghost commented 4 years ago

vmprotect doesn't decypt it? its just a runtime interpreter? (seems like you don't know what you are talking about). and vmprotect is vac detected.

I think u dont know what does mean VMProtect, its cool to use when program is non running. Cause, okay lets take your words.. Okay, when we encrypt it and if we run it how the program can know what must do? We need to decrypt it. Thats why is it useless, cause the signature be same.

ghost commented 4 years ago

what you say in my opinion is conflicting, you say " dont want to trust osiris is detected, cause too many people said they dont get vac banned." then you say "but still signature is same, you prob. get hitted in vac wave buddy." firstly i did remove features but my point is you are saying it isnt detected then you are saying i probably got hit with a vac wave? like what?

Cause i was talking about the junkcodes, its sad if you cannot read.

Mean, if you only add junkcodes and thinks its UD.

ghost commented 4 years ago

~

I think u dont know what does mean VMProtect, its cool to use when program is non running. Cause, okay lets take your words.. Okay, when we encrypt it and if we run it how the program can know what must do? We need to decrypt it. Thats why is it useless, cause the signature be same.

then how does python or lua work, last time i checked words are not machine code. its called an interpreter

caiocinel commented 4 years ago

muito chato, namoral, parece até brasileiro.

Jimmy-Baby commented 4 years ago

I appreciate you spreading info that IS true, but you said a lot of stuff that isn't the same case. Allow me to correct you, and help others;

1. VMProtect IS NOT useless...

Too many people that simply don't know what they're talking about say that VMProtect is of no use when they are quite incorrect, because, with the correct configuration, it is useful; When using the 'mutation' setting on code compilation, existing commands in the code are mutated into an entirely different order (simply put). Also, "...'garbage' commands are added...", just like adding junk code, which IS ALSO NOT USELESS. This type of compilation for executable code is not useful in terms of protecting the code from someone decompiling the binary and analysing the file themself; it would still be readable just fine. Meanwhile, it's main purpose is to prevent detection of post-compiled functions with 'automated signature analysers', such as VAC modules scanning for signatures :) Side note: nothing is technically "encrypted" when you VMProtect, it is virtualized, which is not the same thing.

2. Junk Code, again, IS NOT USELESS...

And YES, adding junk code at the bottom of any relative .cpp files is useless, rendering most automatic junk code 'adders' useless... however, adding junk code between and inside of functions is by no means ineffective or "useless".

3. VAC Bypass Loader...

This isn't to do with any thing that is absolutely factual, but I don't recommend using VAC Bypass as I have seen it negatively affect peoples experience too often. I have seen so many people get their machine flagged randomly due to VAC Bypass, I've been banned while using it (so is it really even that useful?), AND there's no way Valve have actually let it go for months and months without incorporating some way to render it useless, or to even, use to their advantage, which I believe they have done in this situation.

Thanks for reading, enjoy your day. 👍

ghost commented 4 years ago

I appreciate you spreading info that IS true, but you said a lot of stuff that isn't the same case. Allow me to correct you, and help others;

1. VMProtect IS NOT useless...

Too many people that simply don't know what they're talking about say that VMProtect is of no use when they are quite incorrect, because, with the correct configuration, it is useful; When using the 'mutation' setting on code compilation, existing commands in the code are mutated into an entirely different order (simply put). Also, "...'garbage' commands are added...", just like adding junk code, which IS ALSO NOT USELESS. This type of compilation for executable code is not useful in terms of protecting the code from someone decompiling the binary and analysing the file themself; it would still be readable just fine. Meanwhile, it's main purpose is to prevent detection of post-compiled functions with 'automated signature analysers', such as VAC modules scanning for signatures :) Side note: nothing is technically "encrypted" when you VMProtect, it is virtualized, which is not the same thing.

2. Junk Code, again, IS NOT USELESS...

And YES, adding junk code at the bottom of any relative .cpp files is useless, rendering most automatic junk code 'adders' useless... however, adding junk code between and inside of functions is by no means ineffective or "useless".

3. VAC Bypass Loader...

This isn't to do with any thing that is absolutely factual, but I don't recommend using VAC Bypass as I have seen it negatively affect peoples experience too often. I have seen so many people get their machine flagged randomly due to VAC Bypass, I've been banned while using it (so is it really even that useful?), AND there's no way Valve have actually let it go for months and months without incorporating some way to render it useless, or to even, use to their advantage, which I believe they have done in this situation.

Thanks for reading, enjoy your day.

I wanted to write it like that, but my main language aint english, its hard for me.

ocewot commented 4 years ago

https://steamcommunity.com/profiles/76561199037938013/ you got banned so apparently it is detected or are you still trying to say it isnt

Jimmy-Baby commented 4 years ago

https://steamcommunity.com/profiles/76561199037938013/ you got banned so apparently it is detected or are you still trying to say it isnt

This was just a general post... Not in relation to Osiris' detected hooking

ghost commented 4 years ago

https://steamcommunity.com/profiles/76561199037938013/ you got banned so apparently it is detected or are you still trying to say it isnt

I said, i was testing newest osiris build with vac bypass.

4risto commented 4 years ago

It's detected.

aljawary commented 4 years ago

It's detected.

Proof? What injector do u use?