Protect a game from a kernel driver

Results 1 to 8 of 8
  1. 21-02-21 #1
    TheGodFather
    Registered TheGodFather is offline
    MemberRank
    Apr 2018 Join Date
    IraqLocation
    24Posts

    Protect a game from a kernel driver

    Protect a game from a kernel driver
    Hello guys.
    I was trying to make a clone of anti-cheats with one feature wich block access to the game from any program or tool. like popular anti-cheat or like UGK-Anti Cheat does.

    I dont know the idea of how to make it. its just about a kernel driver shit.

    if anyone can help me or give me a hint.


    Pictures :-





    Don’t spend time beating on a wall, hoping to transform it into a door.
    Reply With Quote Reply With Quote
  2. Check out our sponsor
    Protect a game from a kernel driver
  3. 27-02-21 #2
    iostream
    Account Upgraded | Title Enabled! iostream is offline
    True MemberRank
    Mar 2004 Join Date
    ThailandLocation
    202Posts

    Re: Protect a game from a kernel driver

    CE is very hard to block. especially private CE.
    Reply With Quote Reply With Quote
  4. 27-02-21 #3
    TheGodFather
    Registered TheGodFather is offline
    MemberRank
    Apr 2018 Join Date
    IraqLocation
    24Posts

    Re: Protect a game from a kernel driver

    Quote Originally Posted by iostream View Post
    CE is very hard to block. especially private CE.
    can i hook system calls to prevent CE ?

    like hook zwOpenPorcess or NtOpen ...etc
    Don’t spend time beating on a wall, hoping to transform it into a door.
    Reply With Quote Reply With Quote
  5. 27-02-21 #4
    Ryusaki
    Newbie Ryusaki is offline
    MemberRank
    Oct 2019 Join Date
    4Posts

    Re: Protect a game from a kernel driver

    If you are in kernel mode, you could use ObRegisterCallback to intercept OpenProcess attempts from user mode.
    Obs: I wouldn't recommend hooking syscalls.
    Reply With Quote Reply With Quote
  6. 27-02-21 #5
    TheGodFather
    Registered TheGodFather is offline
    MemberRank
    Apr 2018 Join Date
    IraqLocation
    24Posts

    Re: Protect a game from a kernel driver

    Quote Originally Posted by Ryusaki View Post
    If you are in kernel mode, you could use ObRegisterCallback to intercept OpenProcess attempts from user mode.
    Obs: I wouldn't recommend hooking syscalls.
    Thank you so much,

    I am noob to kernel driver stuff so can you give me a simple code or some github repo for an example
    Don’t spend time beating on a wall, hoping to transform it into a door.
    Reply With Quote Reply With Quote
  7. 27-02-21 #6
    k0d0k
    I LOVE U ALL k0d0k is offline
    True MemberRank
    Dec 2014 Join Date
    EarthLocation
    445Posts

    Re: Protect a game from a kernel driver

    Quote Originally Posted by TheGodFather View Post
    Thank you so much,

    I am noob to kernel driver stuff so can you give me a simple code or some github repo for an example
    https://github.com/microsoft/Windows...ral/obcallback
    SERVICES CUSTOM LAUNCHER FOR YOUR PRIVATE SERVER
    Reply With Quote Reply With Quote
  8. 02-03-21 #7
    Flipend0
    Ultimate Member Flipend0 is offline
    MemberRank
    Dec 2016 Join Date
    161Posts

    Re: Protect a game from a kernel driver

    I personally would not recommend touching drivers if you have no idea how they work. Especially if it's going to be intended as an Anti Cheat service for your Clients. Unless you have the financial ability to add a CSC to the driver to whatever game you're working on. Otherwise you're going to have to inform all users to Disable Driver Signature Enforcement.

    I just build my house made anti cheat in Usermode instead. I run integerty checks and hash the entire application after I implement my own modifications. This way, if any after modifications gets detected. I simply just close the entire client down.
    Passionate x86 Reverse Engineer for Cute Anime MMO games only.
    The only person in MMOExtra with a brain.
    Current Projects : MabiPro, Awakened Dungeon Fighter,
    Audition Galaxy (WIP), SW (WIP)
    Reply With Quote Reply With Quote
  9. 02-03-21 #8
    TheGodFather
    Registered TheGodFather is offline
    MemberRank
    Apr 2018 Join Date
    IraqLocation
    24Posts

    Re: Protect a game from a kernel driver

    Quote Originally Posted by Flipend0 View Post
    I personally would not recommend touching drivers if you have no idea how they work. Especially if it's going to be intended as an Anti Cheat service for your Clients. Unless you have the financial ability to add a CSC to the driver to whatever game you're working on. Otherwise you're going to have to inform all users to Disable Driver Signature Enforcement.

    I just build my house made anti cheat in Usermode instead. I run integerty checks and hash the entire application after I implement my own modifications. This way, if any after modifications gets detected. I simply just close the entire client down.
    I got a way to protect my game through some vuldriver.

    i edit the code and got these result wich is so pretty :)




    After edit code and hook some syscalls and run the game under SYSTEM

    Don’t spend time beating on a wall, hoping to transform it into a door.
    Reply With Quote Reply With Quote


« Previous Thread | Next Thread »

Advertisement