Guide Anticheat ESEA Bypass

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,061
78,998
2,370
Game Name
CSGO
Anticheat
ESEA
How long you been coding/hacking?
7 years
Coding Language
C++
ESEA is the second biggest league for CSGO, it includes it's own client and anticheat. It has the best anticheat for CSGO of all the leagues, for this reason it has the least number of cheaters.

ESEA is a kernel anticheat

First off ESEA is a kernel anticheat like EAC and BE, so you need to have your own kernel driver in order to bypass it, and you need to be experienced with everything in this thread: Guide - How to Bypass Kernel Anticheat & Develop Drivers

ESEA Anticheat Loads at Boot

ESEA is one of only a few kernel anticheats that runs at boot, it was one of the first to do so, along with Faceit and now Vanguard.

Before you can load any other drivers, before you log into Windows, Vanguard is already running. What does this mean for cheaters?

EAC and Battleye for example, are not running at boot. To bypass them, you manually map your driver before the anticheat loads. So, load your driver, then load the game with the anticheat services set to "manual load" in services.msc. It's a race to load first, if you can load first, you can hide from the anticheats. This is the majority of the reason why these anticheats are "easily" bypassed.

With ESEA, when you map your cheat driver, it can detect it and prevent you from even running the game or result in a ban.

Some people get outraged at anticheats running at boot, in most cases there isn't much to worry about. This outrage has been discussed as it relates to Vanguard anticheat which also runs at boot here: Why anti-cheat software utilize kernel drivers

ESEA Bypass

With that information out of the way, you may be asking yourself if bypassing ESEA is even possible. Well, yes it is but it is very difficult. I would recommend, reverse engineering and bypassing Battleye first, then EAC. If you can manually reverse engineer and bypass both of those, then you are in a good position to begin working on a ESEA Bypass.

Several ESEA / Faceit bypasses are using a DMA (Direct Memory Access) Device, something like Screamer M2 which allows you directly access the memory. In this manner you are running at the hardware level, below even the kernel. In this way, you bypass many detection methods. But these devices can still be detected, they often use default identifiers which make them easy to find. It's not enough just to plug one of these devices in, you also need to have reversed ESEA so you know what they're looking for and how to hide from it or patch it.

You can read all about DMA devices on their blog: hxxps://blog.esea.net/esea-hardware-cheats/

Here is a common setup to see player locations on a phone
1599692108246.png

The process is described as such: a cheater would have two PCs - one running the game and another running their attack. The PC being used to play would have a DMA (Direct Memory Access) device plugged into it. The DMA Device, PC used to play and attack PC would be connected by a USB cable.

ESEA lays out the process of the exploit on their website.

The attack PC would then gather data and memory from the PC used to play and be able to send that information via a Raspberry Pi device which would in-turn send the in-game player locations of the enemy team to an attackers mobile.

The Latvian confirmed in a later post that the image was showing a webpage radar that shows the information of all players in the game.

He also added that the exploit cost him around €400 and, while he doesn’t feel guilty about cheating, he knows plenty of other players who are using the exact same cheat but aren’t banned by ESEA.

Learn more about a DMA hack slack69/csgo-dma-overlay

Do you have to use a DMA?

No. There are still ways to bypass the anticheat, but without knowing exactly how the anticheat works you will have a hard time doing anything. If you read our kernel guide, you will know that vulnerable drivers are the best way to get into kernel. Most kernel anticheats will detect these well known vulnerable drivers.

You would need to get creative to create a ESEA bypass there is nothing you can download that is a fool proof bypass. You might be able to read and write to game memory, but you will probably get flagged and banned later, especially if you distribute the hack.

Using Vulnerable Drivers
Read: Guide - Vulnerable Kernel Drivers For Exploitation

Using a publicly known driver will get you banned immediately. Using an unknown driver, that you find yourself will allow you to get into kernel while playing the game. You might be able to read and write to game memory, but you will probably get flagged and banned later, especially if you distribute the hack. ESEA is scanning your computer for these types of things and sending the information back to their servers. Again, you have to reverse it yourself to bypass their detections.

How to reverse engineer ESEA
Use a kernel driver to dump their driver and the game, then statically analyze it. Do this on a different PC if possible.

Cheats that may Bypass ESEA

Color Aimbots, Recoil Macros
Download - Aimbot Color C++ Based Black Color

ESEA Bans

They actively ban people, there aren't many cheaters so obviously they don't have many people to ban but still:
1599691881033.png


As you can see, they ban for 2 years and you lose karma. The bans are tied to HWID, some people say you can spoof HWID, especially by using RAID 0 and bypass it. They do automatic and manual bans as well, if you get reported you will be banned.

Additional ESEA Resources
 
Last edited:

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,061
78,998
2,370
Here's some info I found on reddit:

ESEA, contrary to popular belief on this subreddit, has the industry leading client. I'll probably amount a lot of flak for going against the popular opinion but it's true.

ESEA admins do not issue bans for anything involving cheating on their servers. The client is the sole reason for anyone being banned, except for the community rumor of ktrain being manually banned - but I doubt that.

For anyone saying that there are not as many cheaters on ESEA because it's pay to play is completely absurd, take a look at their RECENT ban list: hxxp://play.esea.net/index.php?s=support&d=ban_list&type=1

If you know anything about how "anti-cheats" work, it's a cat and mouse game. The problem is ESEA has the upper hand because Jaguar is the only person who can even look at the code, much less even work on it. Therefore if someone is trying to code "ESEA PROOF" cheats they need to figure out how the client detects and deals with these cheats. If they can't, then it's a guess and check type of ordeal.

The client also doesn't ban right away, it flags accounts much like Valve's VAC does so coders won't be able to guess and check instantly and takes an exceptional more amount of time.

Moral of the story is the client is not 100% perfect, but it is absurd to even consider it being on the same level of anti cheats such as vac.

The client is updated on a regular basis, because you can argue that ESEA's entire reason of success comes from the client. So they invest heavily into it.
 
Last edited:
  • Like
Reactions: XdarionX

snipez

Full Member
Nov 12, 2018
12
33
0
hey i made my onw csgo bhop external cheat

i would like to use it on esea can i just simply start the hack ingame or do i have to bypass things :/ i only can run the cheat when the game is running too. nobody else then me ahs this code what so ever its 100% private please help me
 
Last edited:

Voltz

Newbie
Dank Tier Donator
Nobleman
Feb 18, 2018
50
1,408
4
I would suggest not writing memory to the game on ESEA or Faceit's client, if you wanna bhop just use some script don't just write memory to the game and expect it to bypass a league's anti cheat. Especially if you're on their client
 

snipez

Full Member
Nov 12, 2018
12
33
0
I would suggest not writing memory to the game on ESEA or Faceit's client, if you wanna bhop just use some script don't just write memory to the game and expect it to bypass a league's anti cheat. Especially if you're on their client
but ahk scripts are just shit xd i mean i can bhop queit good but with ahk scripts it just sucks :/ what about vac would it be safe if you ise it liek this ?
 

bezier

Full Member
Nobleman
May 28, 2018
111
3,478
5
You can't just open a handle to the game while using ESEA, it's easily detectable. Also "100% private", proceeds to post code on forum xd
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,061
78,998
2,370
okay can you tell me a good script then or how i bypass esea ?
No, there is nothing you download or copy and paste to bypass any anticheats. You have to bypass them yourself.
 

NoobyNex

Full Member
Jun 25, 2019
31
214
0
I'm just a little curious about how the ESEA anti-cheat works and if it's really so hard to cheat on ESEA as everyone says. And is my cheat harder to detect if I base64 encode it?
 

Icew0lf

Software Ninjaneer
Dank Tier VIP
Fleep Tier Donator
Aug 20, 2013
602
17,558
43
Last edited by a moderator:
  • Like
Reactions: Rake

neonplanet

Newbie
Meme Tier VIP
Dank Tier Donator
Sep 7, 2017
248
4,078
13
I'm just a little curious about how the ESEA anti-cheat works and if it's really so hard to cheat on ESEA as everyone says. And is my cheat harder to detect if I base64 encode it?
Oh boy, does this shit get really complicated. I’m by no means in any position to tell you what ESEA detects and what it does not.

https://www.google.com/amp/s/blog.esea.net/esea-hardware-cheats/amp/

This can give you a little insight on what type of stuff they’re dealing with. It obviously does not go into too much detail for obvious reasons but it shows plenty of stuff you will have to deal with.
 

NoobyNex

Full Member
Jun 25, 2019
31
214
0
Oh boy, does this shit get really complicated. I’m by no means in any position to tell you what ESEA detects and what it does not.

https://www.google.com/amp/s/blog.esea.net/esea-hardware-cheats/amp/

This can give you a little insight on what type of stuff they’re dealing with. It obviously does not go into too much detail for obvious reasons but it shows plenty of stuff you will have to deal with.
Damn that anti-cheat looks more like malware than an anti-cheat to me.
 

corude

Full Member
Nobleman
Apr 23, 2018
57
1,368
4
But it begs the question: "How are people fine with these intrusive ACs that acts like malware?"
I once was invited to play Unturned with some friends but I couldn't get myself to accept BattlEye's terms.
 

NoobyNex

Full Member
Jun 25, 2019
31
214
0
But it begs the question: "How are people fine with these intrusive ACs that acts like malware?"
I once was invited to play Unturned with some friends but I couldn't get myself to accept BattlEye's terms.
Yeah exactly like dude, look at this it literally says that it uses techniques that are used by malware.
6292
 

corude

Full Member
Nobleman
Apr 23, 2018
57
1,368
4
Yeah exactly like dude, look at this it literally says that it uses techniques that are used by malware.View attachment 6292
They didn't say THEY(ESEA) used techniques that are usually used by malware, they said the cheats used. What I claim to be "acting like malware" is the absurd amount of power(permission and what not) it "needs" to have on the computer, data collection(outside the game), and the sense of vulnerability it gave me when I used any of these anti-cheats.
 

NoobyNex

Full Member
Jun 25, 2019
31
214
0
They didn't say THEY(ESEA) used techniques that are usually used by malware, they said the cheats used. What I claim to be "acting like malware" is the absurd amount of power(permission and what not) it "needs" to have on the computer, data collection(outside the game), and the sense of vulnerability it gave me when I used any of these anti-cheats.
The reason people are "fine", with it, is because we have just grown used to pressing accept on anything that pops up when we've downloaded something new, as soon as we see somethign like "Terms of Service", "Privacy Policy" etc
I 100% agree,
The reason people are "fine", with it, is because we have just grown used to pressing accept on anything that pops up when we've downloaded something new, as soon as we see somethign like "Terms of Service", "Privacy Policy" etc
They didn't say THEY(ESEA) used techniques that are usually used by malware, they said the cheats used. What I claim to be "acting like malware" is the absurd amount of power(permission and what not) it "needs" to have on the computer, data collection(outside the game), and the sense of vulnerability it gave me when I used any of these anti-cheats.
O sorry I was kinda tired and didn't read the article that well. But still, to be able to detect malicious activities like that, you still have to deploy your own malicious code to do that and by you downloading the anti-cheat, they could, if they wanted, get all sorts of malware onto your computer.
 

HereToHack

Meme Tier VIP
Dank Tier Donator
Apr 28, 2019
230
3,303
25
They recently started using a method of injecting 3 dlls when the game starts and now all offsets change dynamically lol. Some people figured it out but it'll get rid of most cheat devs till someone posts how to get around it publicly. You'd have a much easier time with pretty much any other anticheat

The reason people are "fine", with it, is because we have just grown used to pressing accept on anything that pops up when we've downloaded something new, as soon as we see somethign like "Terms of Service", "Privacy Policy" etc
Most people just don't care, they remember the old PC days with many cheaters in each game and would prefer a intrusive anti-cheat over a something like VAC.
 

esp1z1

I know like 40% of what I’m doing. Ok...
Dank Tier VIP
Dank Tier Donator
Aug 6, 2018
191
9,043
4
If you want 75% fair gaming, you need to have a kernel mode anticheat. I wouldn't play any FPS online that doesn't have a kernel anticheat if I was playing seriously. But here I am, part of the problem
Don’t worry once I understand a bit more and start selling cheats in a few years I’ll make sure to make you the face of my business so everyone knows who you are “Credits to Rake from GH for being ‘Part of the Problem’”
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods