To try everything Brilliant has to offer-free-for a full 30 days, visit brilliant.org/cazz/. The first 200 of you will get 20% off Brilliant’s annual premium subscription.

I think it could've been worth mentioning the security and privacy concerns of giving ring 0 security clearance to both cheats and anti-cheats and why some people are against it

This channel is very underrated, this video is edited really nicely!

Compiler optimization is something you can usually turn off or restrict.

Next generation cheats: Machine learning models that automatically aim and fire using the game’s video output

Wow. This arms race is really interesting and impressive. I had never heard of using DMA to cheat at games before. I suppose the next step and the comparably powerful sledgehammer anti-cheat techniques would be statistical detection methods running on the server, e.g. looking for mouse movement data indicative of an aimbot, and stronger isolation of game state data to the server, e.g. in the strongest case the client could send raw inputs and only receive raw video and audio data so that there isn't even game state data for hacks to look at unless they start using AI methods. But DMA-based cheats for fast-paced real-time games that are sufficiently subtle, like ESP hacks on a second computer, seem almost impossible to stop (detecting the DMA device? code and data obfuscation?) unless you implement your own "hardware anti-cheat", e.g. restricting the player's hardware, as with a console, or surveillance of the player, as at a tournament. In our coming cyberpunk dystopian future, where Valve is monitoring every gamer with in-home cameras 24/7, we'll then have to start using cyborg brain implants and gene-editing to cheat and then it'll become a philosophical issue about what even is "cheating".

Also for hardware cheats you can usually run it all on a pi within the computer plugged into pcie, then you can emulate anything from anywhere like a kvm if it's network attached (Just need to spoof as another device to get around hardware id detection)

how do I bypass the divorce papers?

btw if you dont have pci, direct memory access is supported through the LPC and ESPI standards and which can be accessedf with TPM and DEBUG headers found on the majority of motherboards

As a Software Developer, it's nice to learn some "Ethical" hacking 😊

Boot-kits are also a great idea. Boot-kits load before the operating system itself, so you can bypass the anti-cheat, because the cheat is loaded before the anti-cheat itself.

I think vaguard has fixed this, but previously, I experimented with running a passthrough VM on linux with windows + hyperv enabled (which made valorant start), where i then could attach a pci device from the vm manager which I then could use for DMA on linux. This effectively makes a hardware cheat without any extra hardware :)

you can disable compiler optimization so that it will keep the junk

I believe there are ways to work around compiler optimizations, even if you can change the signature a little bit you will be able to trick the anti-cheat. At least for a portion of time, then you will be banned eventually.

Never subscribed so fast in my life. Excellent visuals, presentation and quality! Keep it up mate!

Wow I’m learning about operating systems right now, and didn’t really think of cheating as an application of it. It’s so cool seeing how brilliantly hackers can bypass the designs around OSes and video game anti cheats!

DMA can also be detected by looking at what is pluged in the PCI slot. on the other side you can spoof the Hardware ID of the Device. its an arms race again.

i'm really want to see a video about DMA, it looks cool !

the way you simplify everything is very impressive. I was into making cheats years ago and your series has totally refreshed my memory after not doing it for years. keep it up!

"Hardware cheats" are absolutely genius

There is currently a cheat going around where people have camera set up to their screen and has an AI recognized and shoot people for them by controlling there mouse

I wonder if a kernel driver could be used to bypass something like the respondus lockdown browser

When I clicked on this video I thought I was going to get some enlightenment on how anticheat manage to bypass working because tomorrow is monday and I was open to new ideas

It's a huge shame there's such intense motivation to keep the best cheats and anti-cheats closed source. These techniques would be really interesting to study.

i love how you explained just the right amount about dma without saying too much lol

The last method is really dangerous iam loving it

There are many ways to detect rogue PCI devices, such as master abort or timing attacks. You also completely left out virtualization and iommu (regarding DMA mitigation)

Very interesting! I always thought of anti-cheat to be sort of like an arms race, there's really no way for an AC to work 100% of the time as long users have physical access to their machine. Maybe we'll see things like cloud gaming take over highly competitive games for this reason, assuming cloud game becomes viable to play with low latency, etc.

I am against cheats in competition games, however this topic is pretty interesting to learn about! Thanks!

He slight question, wouldn't you be able to inject the anticheat with a dll, so that it doesn't find your program

Clicked on this and didnt expect to hear a saffa, lekker vid bru

Another video about DMA would be really interesting.

Interesting, so a DMA based anticheat is literally unfixable?

bro, ur channel is a gem!

how do you know if an anticheat is user mode or kernel?

grats on the 100k btw

"that a software anticheat cannot detect" - in 2023 there were 6 dma ban waves on faceit and 3 on vanguard tho haha

Well this video was 100x better than I was expecting from my recommendations!

Can we use DMA to hack console games? very interested 😮

I love how this video has two titles

Hack a game..?NO, just want to play it on linux? YES

Thanks for the tutorial.

Anti-cheat? You mean kernel rootkit spyware?

I always find it crazy the lengths that people will go to just to feel good in a game

Some great info! Any chance you could make a video where you show a basic setup for creating cheats? Like, showing how to setup the environment to create our own Kernel scripts, manipulate memory, etc.

Here i was, thinking "how do anti-cheat allows you to bypass work" Me the entire video: "OK, but how do i work less on cheats by using this" Now i can't stop laughing.

Game hacking is what got me into Red and Blue Team work over 10 years ago. VAC was fun to bypass. You used to be able to create a shadow bootloader with a kernel driver that fed the AC false handles to check. Everything had to load from a USB to stay undetectable. Not sure if that’s how it still works today.

Thank you so much. You explain things so well!

4:41 in practice it also works. When adding junk code people always turn optimization off, the only time I've seen someone get banned with a pasted cheat with junk code is when a feature got detected or the cheat was too retarded to set valid viewangles There are even programs that add junk code to everything with 1 click - I also think there are ways to detect DMA tho? - What about intercepting network packets for an ESP? I wonder how difficult or possible that is

Thanks, very useful video

Cpngrats on 100k cazz

You see, I'm interested in this not because I want to cheat, but because I want to get bs anticheat systems off my back for something as simple as running Linux instead of Windows. I run Linux, simply because I prefer the open source community run stuff as opposed to Windows, but most anticheat solutions target compatability layers on purpose just to be dicks.

No, hacks don't need to read and write memory. With DMA hacks you only read memory and send corrected inputs (mouse and/or keyboard events) through a spoofed controller that masquerades as an input device to the PC the game runs on. With external AI and pixelbot hacks you capture the video output of a game, process the data (e.g. with open AI libraries like yolov5) and send back commands through a similar spoofed controller to your PC. This bypasses reading and writing to memory completely.

Interesting to see how cheats work I would never ever use cheats in multiplayer anyways though ^^

If you want to stop cheaters, run checks on the data that the server receives instead of messing around with the kernel that the client is running on. When a kernel anticheat is bypassed, it's fully bypassed, meaning anything goes. If you've got a server-side anticheat that checks packets, you may not be able to fully disable or bypass it as easily as you can with a kernel anticheat. An anticheat on the kernel gives the cheater a lot of control, making the discovery of bypasses quicker, and you don't even have to get any accounts banned. If you have a server anticheat, you may need access to many accounts. This is a very quick way to stop blatant cheaters in a bought game.

did the views count just increase by 1000 in 45 seconds? deserved tbh

Very good video! Concise and easy to understand.

I wouldnt trust any sort of kernek anticheat.

Nice to see someone from the cheating community growing like that, great video btw

what is the best way to get around a HW ban?

One of the craziest cheat methods I've ever seen was what I'll call the no-contact hardware cheat. A second computer runs an AI model trained on the game, looking at the monitor with a webcam or via a capture card, and then sends commands to the PC via a USB reciever, emulating the keyboard and mouse that are supposed to be connexted to it.

Very nice video ! And where can we get this DMA device ?

voice crack at 5:09

The moment you explained DMA cheats my brain played the Giga Chad Music. XD

meow

Nicely put

У тебя хорошее произношение Английского языка. Молодец, продолжай в том же духе

Before watching, my guess is virtual machines are used to "get underneath" the whole system.

It's extremely easy actually. All you need is some goddamn expensive ass software that nobody wants to share for free

I hate people that somehow WANT more intrusive and "better" anticheats. You're at best just buying some time and at worst causing major security, privacy and performance issues without fixing anything. Despise those people with a passion,

The most effective anti-cheat is loving parents

Its cool to see the view on the side of scripters and hackers, but at the same time fills me with rage knowing how theres gonna be more and more people getting into hacking and ruining the fun for others for the sake of their own fun from videos like these.

If you could elaborate more on DMA, and recommend good hardware for beginners

nice video, Hope all cheaters get banned tho

if you specify for your compiler to not optimize code, junk code should still work though?

Bro talking about cheats like its a job💀 like why is there a community for people who want to cheat ingames? Do you not have anything else better to do? Still a good vid tho...hopefully people see this so they know how to destroy these anticheat bypassers

one question about DMA do u really need a second pc to makeit work? or u can make one witha programable board? something like an arduino board for example

I actually pretty curious about a great AC like vanguard from Valorant. Is vanguard really can't detect DMA (at least for now)?

congrats on 100k :)

you can get verified now (congrats on 100k). GO FOR IT!

Now I actually understand. Thanks!

Does this mean that an anti-cheat can't detected altered memory from the software/hardware if the initial methods got by passed? In theory the AC doesn't check for memory changed values or any kind of sutff, only trys to prevent what gives you acess to change them?

You can tell most compilers to do not optamilize?

I understood nothing from this video but somehow this video was still entertaining

Question, does cheat developer target the anti-cheat itself, like patching the anti-cheat so it no longer work, or make it think that everything is working as intended. Wouldn't it be easier to cheat now that there's basically no anti-cheat.

Unless you are writing it yourself or 100% trust a source... ANY pre-written code with access beyond a kernel anti-cheat is a HUGE security risk and potentially a legal one if you become a node for someone else's illegal activity.

Could you just make an external cheat that detects when an enemy head is on screen and moves your mouse on to it? That way the cheat is not in the game it’s self?

I’m almost certain that some top streamers use the DMA approach

I've heard that AI anti-cheat could be a thing in the next few years, the AI could detect if someone is cheating just by watching their gameplay. Most people think that would end cheating for good but I'm sure some cleaver person would find a bypass for that.

Very informative!

Nice of youtube giving this for a recommendation, its nice to know how some hacks work, like those GTA mod hacks

So as Vanguard it has kernel anticheat. Powerfull as said in video.

I honestly have never head of actual hardware based cheats when it comes to a PC and I'm extremely curious to know more about that subject if you or anyone else could point me in the right direction.

MY SORRY ASS THINKING DMA WAS DYNAMIC MEMORY ALLOCATION

0:32, I got a youtube ad about this, skip, then you advertising it. They sure spent a lot of money on advertising...

A simpler version of hardware cheat is virtual machine cheats. The game runs in a virtual machine guest and the host OS would be able to read/write to any memory of the guest OS, without the guest ever knowing. This does not require two computers and special hardwares like hardware hack does, but some game does detect if it's running within a virtual machine so the challenge becomes how to hide that.

Isn't IOMMU enough to protect against DMA?

DMA with Virtual Machines too!

Is there a way that a anti-cheat could detect you running the cheats on a different system and streaming the inputs to your other device like a wireless keyboard does?

Windows has an OS anti-virus/malware, is such a platform level solution something that could be done for anti-cheat? It seems inefficient to have all these separate ac solutions, and a platform solution wouldn’t come with the same security compromises that installing multiple kernel drivers does