Protect a game from a kernel driver

Results 1 to 8 of 8
  1. #1
    Registered TheGodFather is offline
    MemberRank
    Apr 2018 Join Date
    IraqLocation
    24Posts

    Protect a game from a kernel driver

    Protect a game from a kernel driver
    Hello guys.
    I was trying to make a clone of anti-cheats with one feature wich block access to the game from any program or tool. like popular anti-cheat or like UGK-Anti Cheat does.

    I dont know the idea of how to make it. its just about a kernel driver shit.

    if anyone can help me or give me a hint.


    Pictures :-





    Don’t spend time beating on a wall, hoping to transform it into a door.


  2. #2
    Account Upgraded | Title Enabled! iostream is offline
    True MemberRank
    Mar 2004 Join Date
    ThailandLocation
    202Posts

    Re: Protect a game from a kernel driver

    CE is very hard to block. especially private CE.

  3. #3
    Registered TheGodFather is offline
    MemberRank
    Apr 2018 Join Date
    IraqLocation
    24Posts

    Re: Protect a game from a kernel driver

    Quote Originally Posted by iostream View Post
    CE is very hard to block. especially private CE.
    can i hook system calls to prevent CE ?

    like hook zwOpenPorcess or NtOpen ...etc
    Don’t spend time beating on a wall, hoping to transform it into a door.

  4. #4
    Newbie Ryusaki is offline
    MemberRank
    Oct 2019 Join Date
    4Posts

    Re: Protect a game from a kernel driver

    If you are in kernel mode, you could use ObRegisterCallback to intercept OpenProcess attempts from user mode.
    Obs: I wouldn't recommend hooking syscalls.

  5. #5
    Registered TheGodFather is offline
    MemberRank
    Apr 2018 Join Date
    IraqLocation
    24Posts

    Re: Protect a game from a kernel driver

    Quote Originally Posted by Ryusaki View Post
    If you are in kernel mode, you could use ObRegisterCallback to intercept OpenProcess attempts from user mode.
    Obs: I wouldn't recommend hooking syscalls.
    Thank you so much,

    I am noob to kernel driver stuff so can you give me a simple code or some github repo for an example
    Don’t spend time beating on a wall, hoping to transform it into a door.

  6. #6
    I LOVE U ALL k0d0k is offline
    True MemberRank
    Dec 2014 Join Date
    EarthLocation
    445Posts

    Re: Protect a game from a kernel driver

    Quote Originally Posted by TheGodFather View Post
    Thank you so much,

    I am noob to kernel driver stuff so can you give me a simple code or some github repo for an example
    https://github.com/microsoft/Windows...ral/obcallback

  7. #7
    Ultimate Member Flipend0 is offline
    MemberRank
    Dec 2016 Join Date
    161Posts

    Re: Protect a game from a kernel driver

    I personally would not recommend touching drivers if you have no idea how they work. Especially if it's going to be intended as an Anti Cheat service for your Clients. Unless you have the financial ability to add a CSC to the driver to whatever game you're working on. Otherwise you're going to have to inform all users to Disable Driver Signature Enforcement.

    I just build my house made anti cheat in Usermode instead. I run integerty checks and hash the entire application after I implement my own modifications. This way, if any after modifications gets detected. I simply just close the entire client down.
    Passionate x86 Reverse Engineer for Cute Anime MMO games only.
    The only person in MMOExtra with a brain.
    Current Projects : MabiPro, Awakened Dungeon Fighter,
    Audition Galaxy (WIP), SW (WIP)

  8. #8
    Registered TheGodFather is offline
    MemberRank
    Apr 2018 Join Date
    IraqLocation
    24Posts

    Re: Protect a game from a kernel driver

    Quote Originally Posted by Flipend0 View Post
    I personally would not recommend touching drivers if you have no idea how they work. Especially if it's going to be intended as an Anti Cheat service for your Clients. Unless you have the financial ability to add a CSC to the driver to whatever game you're working on. Otherwise you're going to have to inform all users to Disable Driver Signature Enforcement.

    I just build my house made anti cheat in Usermode instead. I run integerty checks and hash the entire application after I implement my own modifications. This way, if any after modifications gets detected. I simply just close the entire client down.
    I got a way to protect my game through some vuldriver.

    i edit the code and got these result wich is so pretty :)




    After edit code and hook some syscalls and run the game under SYSTEM

    Don’t spend time beating on a wall, hoping to transform it into a door.



Advertisement