Guide How to Bypass Anticheat - Start Here Beginner's Guide

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Rake

Cesspool Admin
Administrator
Jan 21, 2014
11,539
78,998
2,312
Game Name
N/A
Anticheat
N/A
How long you been coding/hacking?
4 Years
Coding Language
N/A
Anti-Cheat Bypassing Guide for Noobs



Introduction


This thread contains a rough overview of information and skills you will need to bypass anticheat. There is also a number of important links and references that you will need as you learn more about anticheat. You should not even think about attempting to bypass anticheat until you have at least 6 months experience.

Do not learn game hacking on games with anticheat, this is a waste of time.

Instead, learn game hacking first on easy games. Then when you're adequately experienced, start learning about anti cheat using this guide and then work on reversing and bypassing an anticheat.

Kicked or Crashed When Attaching Cheat Engine?
This means they are detecting the Cheat Engine string or the debugger attaching. These are the first things to try if the game doesn't have a commercial anticheat.

The first and easiest steps to attempt to bypass anticheat are:

What is Anticheat?
Anticheat is functionality built into the game or additional software that runs while the game is running, it uses various methods to detect cheats. You typically cannot play the game without it running. Most of the functionality built into anticheat is just classic antidebug with signature detection of cheats that the anticheat has built signatures for.

Features Anticheat Uses
Home Rolled Anticheat
Game developers can easily implement the first few anticheat features, specifically file integrity checks, string detection for cheat tools & classic antidebug. These are relatively easy to bypass.

Commercial Anticheat
If you're a developer you can purchase/subscribe to thirdparty commercial anticheat. These will always be more strict and more difficult to bypass than any anti-debug that the developer creates themselves. The most common commercial anticheats are Battleye, EasyAntiCheat & Xigncode.

Other common anticheats include Punkbuster, Fairfight & Hackshield.

Valve Anti Cheat
This is the worst anticheat on the market, do not worry about stupid VAC unless you're selling paycheats. Everyone asks stupid question about VAC as if it was some god tier anticheat, it's trash and is bypassed without doing anything special. Read more @ Guide - How To Bypass VAC Valve Anti Cheat Info

The most important thing you can do to understand anticheat is watch this playlist:

Anticheats have the capability to detect every single thing that occurs on your computer, they are extremely invasive, all kernel anticheats are essentially rootkits. Even VAC scans every single process that's running. The question is, do they have a signature or other detection vector for your specific cheat. Signatures are built for known cheat software, so if you write your own software, they can't detect it based on signature. They can still use heuristics, but they won't autoban for heuristics unless it's very obvious it's a cheat. If you're not distributing your hack to 15+ people they are not gonna waste their time analyzing your cheat in most cases. They have limited resources like every business

GH Specific Anticheat Guides
The are all our guides related to this thread, check these out after you read this guide

How to bypass anticheat?

There is no magic trick or download we can give you to instantly bypass anticheat. If you have been game hacking for less than 6 months, you have no business asking about anticheat. You cannot even understand because you do not have the required knowledge to do so. If we told you how to bypass anticheat you wouldn't be able to implement it because it's not a step 1-2-3 process.

If you want to bypass an anticheat from scratch, by yourself you need 6-24 months experience game hacking. If you want to bypass anticheat by pasting, gtfo.

To bypass anticheat you must hide from it, disable it, bypass it or spoof the results of it's checks. Anticheats will use multiple methods to detect you and multiple methods to protect itself, so it's not typically as easy as bypassing one feature and you're done. It's usually a multi-pronged approach.

The first and easiest steps to attempt to bypass anticheat are:
The second more difficult steps to attempt to bypass an anticheat are:

How to learn to bypass anticheat
Here is a step by step guide on what your journey to bypassing anticheat should look like:
  1. Guide - START HERE Beginners Guide to Learning Game Hacking
  2. Guide - Beginners Guide To Reverse Engineering Tutorial
  3. Practice & get experience hacking games without anticheat for at least 6 months
  4. Make fully featured aimbots & ESPs for games without anticheat
  5. Be moderately experienced with all aspects of object oriented programming
  6. Read this guide you are currently reading
  7. Learn anti-debug
  8. Learn Important Aspects Windows Internals - you will know which parts are important
  9. Guide - Kernel Mode Drivers Info for Anticheat Bypass
  10. Reverse the anticheat of your choosing for several weeks
  11. Create your anticheat bypass
If you skip more than 1 of these steps you will fail.


Steam AntiDebug / DRM
Publishers can opt in to have Steam add antidebug/DRM protection when releasing on Steam
Example of Steam antidebug spraying the stack when debugger is attached
ThreadHideFromDebugger bypass that all steam antidebug uses
More info here

Kernel Mode Anticheat Bypass
Read full thread: https://guidedhacking.com/threads/kernel-mode-drivers-info-for-anticheat-bypass.11325/

The Windows Operating System has different layers which we call rings, your game and your hacks are usermode ring 3 processes. Drivers such as your video card drivers run in kernel mode or ring 0. These drivers use a different API and are written using the Windows DDK (Driver Development Kit). These usually have the .sys file extension. They run BELOW usermode processes, usermode processes can't touch them. If the anticheat has a kernel mode driver you cannot patch it from usermode, you must either avoid detection or make your own kernel mode driver.

If you're 1337 you can use vulnerable drivers such as CapCom to load your system driver which you can then use to bypass kernel mode anticheats.

Here's a little guide: EvanMcBroom/EoPs

You can also defeat Protected Processes Light protection using Mattiwatti/PPLKiller which can sometimes enable you to be able to access and modify previously protected processes.

How Does AntiCheat Work?

To bypass anticheat you must understand how it works. Anticheat work very similarly to Antivirus. These are the basic things it does to stop you from cheating, kinda going from simple to more advanced
  • File Integrity Checks
  • Detecting Debuggers
  • Stops debugger from attaching
  • Detect Cheat Engine & memory editors
  • Signature Based Detection
  • Detect DLL injection
  • Detect Hooks
  • Block Read/WriteProcessMemory
  • Memory integrity checks
  • Statistical Anomaly Detection
  • Heuristics
File Integrity Checks
Patching or hexediting the game.exe should never work. This is how custom minecraft clients work, you just make your own EXE or edit the one you get with the game. It is very simple to stop this, use a MD5 or SHA hash for all the important game files. If bytes in the .exe are changed the hash will change. when your game.exe loads it should compare the hashes of the important game files against a DB of file hashes, if hashes don't match, the game should close.

Bypass: To bypass File Integrity checks, only modify memory, not the files on disk. Or reverse engineer the integrity checks and patch them.

Most anti-cheats use signature based detection and file hashes. If a DLL gets injected with a known cheat file hash, you're cheating. Signatures are built for cheats in the same way that you build a pattern for a pattern scan or an antivirus detects viruses. To bypass signature and hash detection is too easy, write your own hacks and don't share them. Don't use public code that may match a signature that they already have. #1 most important is don't copy and paste, if you find some cool code you want to use, re-write it differently. I typically do this with everything because I learn it better and like my code to all have the same style.

Then you have detour/hooking detection. How to detour? you place a jmp in the instruction of a function, typically hackers are hooking the same core functions such as directx endscene or lets say the gun::shoot() function. So they compare what's loaded into memory with what's written on disk, if the code doesn't match then it's obvious someone is modifying the code at runtime in memory. they could even just scan for jmps at 0x0 of every function. How about vtable hooks? just as easy to detect.

A decent way to make undetected ESP would be to make external, only use readprocessmemory and do an external overlay ESP, this would be undetected against most basic anticheats.

@timb3r's Anticheat Series
https://guidedhacking.com/threads/how-to-write-an-anti-cheat.14624

Additional Resources:
Games that use EAC ( EasyAntiCheat )
7 Days To Die, Aboslver, Audition, Battaltion 1944, Block N Load, Cabal Online, Combat Arms, Crossout, Cuisine Royal, DarkFall: Rise of Agon, Darwin Project, Days of War, Dead by Daylight, Death Field, Dirty Bomb, Dragon Ball Fighter Z, Xenoverse 2, Dragonica Lavalon Awakens, Empyrion, Far Cry 5, Fear the Wolves, For Honor, Fortnite, Friday the 13th, Gigantic, Hide & Hold Out, Hunt Showdown, Hurtworld, Infestation: Surviror Stories, Infesntation: World, Intershelter, iRacing, Ironsight, Lifeless, Luna, Magicka Wizard Wars, Memories of Mars, Miscreated, Next Day, Offensive Combat Redux, Onward VR, Paladins, Post Scriptum, Ragnarok, Realm Royale, Reign of Kings, RF Online, Rising Storm 2, Robocraft / Royale, Rockshot, Rust, Sky Noon, Smite, Squad, Sword Art Online, Tales Runner, The Culling 1& 2, Ghost Recon Wildlands, Total War Arena, War of the Roses, War of the Vikings, War Rock, Warface, Warhammer 40,0000, Watch Dogs 2, World Adrift, Yulgang

Games that Use BattlEye
ARMA II, ARMA III, DAYZ, H1Z1, Ark Survival Evolved, Surivial Of the Fittest, PlanetSide 2, Rainbow Six Siege, Survarium, Project Argo, Unturned, Insurgency, Day of Infamy, The Isle, Line of Sight, Conan Exiles, Blacshot, Tibia, PUBG, Black Squad, Pantomers, Fortnite, S4League, Zula, Islands of Nyne, BlackLight Retribution, SOS, PIxark, Heroes & Generals, Bless Online.
Main Guide: Guide - Battleye Anticheat Bypass Overview

Nexon Game Security Bypass
https://guidedhacking.com/threads/nexon-game-security-bypass-info-hot-sticky-sauce.14494/

Hook Detection
https://guidedhacking.com/threads/anti-debugging-tricks-follow-jumps-detect-hooks.14564/

Video about anticheat consideration from InvokeStatic

Continue reading the posts below for more information
 
Last edited:

Rake

Cesspool Admin
Administrator
Jan 21, 2014
11,539
78,998
2,312
Classic AntiDebug = Detecting Debuggers

All anticheats will probably use this technique. When you attach Cheat Engine or a debugger it uses a very specific method of interacting with the target process. Windows operates this way for security. When you attach a debugger you're actually registering the debugger with the Windows OS, so detection is obviously quite easy.

These are 4 basic methods to detect a debugger

IsDebuggerPresent()
A simple Windows API function that will return TRUE if the calling processor has a debugger attached. They can just call this function and close the program if it returns TRUE. Read more here

CheckRemoteDebuggerPresent()
Does the same thing but can work against an external process, so the game can run a separate process that calls this on the game process or it can just call it against itself. Read more here

Manually Checking the Being Debugged Flag in the PEB

Both of these functions read the BeingDebugged flag in the PEB (Process Environment Block). If you have bypassed the 2 above functions, they can manually read it from the PEB to bypass your hooks.

C++:
typedef struct _PEB
{
    BOOLEAN InheritedAddressSpace;
    BOOLEAN ReadImageFileExecOptions;
    BOOLEAN BeingDebugged; //<--
    //etc...   
}
How to get PEB Address internally
C++:
__readfsdword(0x30); //x86
__readgsword(0x60); //x64
You read the fs segment register offset 0x30/0x60 that gives you address of the PEB. Offset 0x3 of the PEB is the BeingDebugged flag.

How to get the PEB externally using NtQueryProcessInformation
C++:
typedef NTSTATUS(__stdcall* tNtQueryInformationProcess)
(
    HANDLE ProcessHandle,
    PROCESSINFOCLASS ProcessInformationClass,
    PVOID ProcessInformation,
    ULONG ProcessInformationLength,
    PULONG ReturnLength
    );

tNtQueryInformationProcess NtQueryInfoProc = nullptr;

bool ImportNTQueryInfo()
{
    NtQueryInfoProc = (tNtQueryInformationProcess)GetProcAddress(GetModu  leHandle(TEXT("ntdll.dll")), "NtQueryInformationProcess");
    if (NtQueryInfoProc == nullptr)
    {
        return false;
    }
    else return true;
}

PEB GetPEB()
{
    PROCESS_BASIC_INFORMATION pbi;
    PEB peb = { 0 };
    if (!NtQueryInfoProc) ImportNTQueryInfo();

    if (NtQueryInfoProc)
    {
        NTSTATUS status = NtQueryInfoProc(handle, ProcessBasicInformation, &pbi, sizeof(pbi), 0);
        if (NT_SUCCESS(status))
        {
            ReadProcessMemory(handle, pbi.PebBaseAddress, &peb, sizeof(peb), 0);
        }
    }
    return peb;
}
How to Bypass these basic debugger detection techniques
All 3 of the above detections are based on the PEB.BeingDebugged flag, so you can bypass them all just by overwriting the BeingDebugged flag with 0.

You can also hook each function individually and change the return value to a spoofed result.

NtQueryInformationProcess with ProcessDebugPort argument
"Retrieves a DWORD_PTR value that is the port number of the debugger for the process. A nonzero value indicates that the process is being run under the control of a ring 3 debugger."

Bypass: Hook NtQueryInformationProcess in the game process

I have a little POC on the above methods
More info below from Roman_Ablo

ThreadHideFromDebugger
https://guidedhacking.com/threads/anti-debugging-tricks-hidden-threads.14281/

Force an Exception and Try to Catch It
They can also force an exception to occur and try to catch it, if there is a debugger attached the exception will get caught by your debugger instead of the program.

Additional information on debuggers:
Basic Debugging (Windows)
How Windows Debuggers Work | Microsoft Press Store
Debugger Basics
Writing a basic Windows debugger - CodeProject
 
Last edited:

Roman_Ablo

Banned
Feb 27, 2017
355
2,402
1
How anti-cheats stop the debugger from attaching:

The best way to stop a basic windows debugger from attaching to your process is to spawn a child process that debugs the main client and another debugger from the client to the child process, thus creating a sort of circular protection for both of the processes. This is a link that explains how to write a basic windows debugger. Of course you don't have to write a complete debugger for this, but you might want to read more on this.

Bypass: This could be easily bypassed with a VEH debugger. The VEH debugger or exception-based debugger (VEH meaning Vectored Exception Handler) is being achieved by setting a PAGE_GUARD protection on regions and then writing an exception handler for the page guard exception and write your own code to step through the addresses.

Another way of bypassing this is using a basic kernel-mode debugger, but this could also be detected by checking the KernelDebuggerEnabled flag of SYSTEM_KERNEL_DEBUGGER_INFORMATION (not applicable to the one in Cheat Engine

How anti-cheats detect dll injections:

1) Enumerating the Modules: The easiest way to check for modules is to check a module list and see if there are any extra modules appearing in there. This can be done with snapshots, with EnumProcessModules or using the PEB (this can be done without any APIs).

2) Hooking LoadLibrary: The most basic injection method is basically starting a thread with the LoadLibrary API as the starting address and the DLL path as an argument. No matter how this is done, the function will get called when injection is done, so a way to do this would be to hook LoadLibrary and each time it is called, it means that there was a DLL injected into the process.

3) DllMain Pattern Scanning: When a DLL is injected, of course it will share the same memory as the process it has been injected into, so you can understand why it would be pretty easy to detect a DLL entry point inside an exe. All you have to do is create a pattern with the DllMain binary and scan all the executable regions for it.

4) TLS Callback to Capture Threads: A not-so-effective way to detect DLL injections is to use a TLS callback. This is basically something that gets called each time a thread has started/ended. When you inject a DLL, you create a thread for it to run so you can detect it this way.

5) Debugger to Capture Threads or Loaded Modules: Using a debugger, you can also keep track of any modules that have been loaded in the process and also started threads. An anti-cheat could just debug the process and see when a module has been loaded or a thread has been started and based on that could tell if there has been a DLL injection.

And there are many more, other people can complete this

Bypassing: This can be bypassed by doing things like: cloaking the module from the module list to prevent people from being able to see your module from user-mode, hijacking a thread to execute your code, not using the LoadLibrary API (or any other APIs if possible).

Here's a bit of info relating to some detections. There's really just a lot to write for each of them and it's 4AM now so I'll just continue tomorrow if there's not anyone else that could do a better job. :)

How anti-cheats detect Cheat Engine or other memory editors:

An anti-cheat cannot simply detect memory being scanned unless the memory scanner is changing protections of the regions (which isn't done) or if they hook functions (afaik most don't do this), so here are some ways they can tell if a memory scanner is present:

1) Scanning process handles: Obviously for a memory scanner to work you would need an open handle to the process, so the process can just go trough the handle list to all processes and see if any of them have an open process handle to them (the protected client). This can be done using the following APIs:

- NtQuerySystemInformation (To get the handle list)
- NtQueryObject (There are alternatives to using this, but this is the easiest way to check if the handle is a process handle)

Source code for doing this: Click me.

Possible bypass (not for the memory editors, but for your own projects): There isn't really one way to bypass stuff that would work for absolutely all of the anti-cheats, but some ways of doing it are removing the handle to that process from the handle list (didn't really test it but I guess it could be done), duplicate and protect the handle or hiding your process completely with an SSDT hook from kernel-mode (not really do-able unless you can sign your driver or you'll BSOD), and also continuously opening a handle (in case the anti-cheat strips them) could eventually make the anti-cheat miss one of the handles (kind of like fuzzing), but I haven't heard of anyone succeed in doing this in a while (or even trying). The best way to do this is go internal.

2) Detecting a debugger: Most of the times new users think that you need a debugger attached to scan for addresses and such (for most other features you would, but not for this) so they attach a debugger to the process and it can easily get detected, especially from drivers (which is like all serious anti-cheats). For methods on how debuggers are being detected, check what Rake has written so far, or check this link out.

Possible bypass (for Cheat Engine): You can switch the debugger in Cheat Engine's settings to use the VEH debugger (exception-based debugger) which can be detected, but not a lot of games do, or you can use the kernel-mode debugger if your system supports it.

3) Checking the window name, window class and process name: The single most easy way for anti-cheats to detect Cheat Engine or other memory scanners is by using the window name, window class, process name and other information about the process to check if any of the programs are running on your system and avoid false-positives.

Possible bypass: The way you can fix this is by writing a simple program to change the name of cheat engine's executable to a random name, run it as a child process, once it runs, to change its window name and class if possible and maybe the icon too (this can be used for detection). You can also do this all manually.

APIs:
- CreateProcess
- SetClassLongPtr
- SetWindowText

4) The memory scanner isn't detected, but what you are doing is: The single most easiest way that this can get detected is simply by the user either editing an address or more that is causing the CRC/checksum to fail. This cannot be bypassed this easily, you will have to reverse the game in order to bypass the checksum, so I cannot really give you any help here, you'll have to figure that out on your own.
 

iPower

Piece of shit
Moderator
Escobar Tier VIP
Fleep Tier Donator
Jun 29, 2017
573
19,508
64
Awesome! Definitely adding this to the tutorials collection
 
  • Like
Reactions: zVoxty

AbdoBoda

Newbie
Full Member
Oct 2, 2017
23
194
0
can you explain please how games detect how many clients open , to avoid it and run multi client
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
11,539
78,998
2,312
can you explain please how games detect how many clients open , to avoid it and run multi client
Just imagine you were the developer, how would you stop multiple clients from running on the same machine? There's like 10,000 ways to do it. you already have a thread open on this subject, so please don't crosspost
 

AbdoBoda

Newbie
Full Member
Oct 2, 2017
23
194
0
Rake;53992 said:
Just imagine you were the developer, how would you stop multiple clients from running on the same machine? There's like 10,000 ways to do it. you already have a thread open on this subject, so please don't crosspost
the old thread was about how to hide process , but now i was wonder if there a tuts like bypass anti cheat for bypass multi client checks. anyway thanks for your reply :)
 

Roman_Ablo

Banned
Feb 27, 2017
355
2,402
1
the old thread was about how to hide process , but now i was wonder if there a tuts like bypass anti cheat for bypass multi client checks. anyway thanks for your reply :)
Ya'll can use CreateMutex and ReleaseMutex or something like that for multiclient detection. If your game uses that, maybe you can hook it?
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
11,539
78,998
2,312
ScyllaHide
ScyllaHide is an advanced open-source x64/x86 usermode Anti-Anti-Debug library. It hooks various functions in usermode to hide debugging. This tool is intended to stay in usermode (ring3). If you need kernelmode (ring0) Anti-Anti-Debug please see TitanHide https://bitbucket.org/mrexodia/titanhide.

ScyllaHide supports various debuggers with plugins:
- OllyDbg v1 and v2 OllyDbg v1.10
- x64_dbg x64dbg or x64dbg/x64dbg
- Hex-Rays IDA v6+ IDA: About
- TitanEngine v2 https://bitbucket.org/mrexodia/titanengine-update and TitanEngine | Open Source | ReversingLabs

PE x64 debugging is fully supported with plugins for x64_dbg and IDA.

Please note: ScyllaHide is not limited to these debuggers. You can use the standalone commandline version of ScyllaHide. You can inject ScyllaHide in any process debugged by any debugger.

If you're getting into anti-debug and are an advanced hacker, reading this source code is amazing.
NtQuery / ScyllaHide — Bitbucket

It has plugins for the most common debuggers or you can just inject the DLL before injecting your hack and it will disable lots of anti-debug measures.

Truly amazing.
 
  • Like
Reactions: Boboo99

Rake

Cesspool Admin
Administrator
Jan 21, 2014
11,539
78,998
2,312
You can use this kernel mode tool to try to bypass anticheats.

Titan Hide

Overview
TitanHide is a driver intended to hide debuggers from certain processes. The driver hooks various Nt* kernel functions (using SSDT table hooks) and modifies the return values of the original functions. To hide a process, you must pass a simple structure with a ProcessID and the hiding option(s) to enable, to the driver. The internal API is designed to add hooks with little effort, which means adding features is really easy.

Features
  • ProcessDebugFlags (NtQueryInformationProcess)
  • ProcessDebugPort (NtQueryInformationProcess)
  • ProcessDebugObjectHandle (NtQueryInformationProcess)
  • DebugObject (NtQueryObject)
  • SystemKernelDebuggerInformation (NtQuerySystemInformation)
  • SystemDebugControl (NtSystemDebugControl)
  • NtClose (STATUS_INVALID_HANDLE exception)
  • ThreadHideFromDebugger (NtSetInformationThread)
  • Protect DRx (HW BPs) (NtSetContextThread)
mrexodia/TitanHide
 
Last edited:
  • Like
Reactions: DKMR and Boboo99

Rake

Cesspool Admin
Administrator
Jan 21, 2014
11,539
78,998
2,312
Can we expand this list of anticheats and the games that use them?

Valve Anti Cheat - VAC Bypasses
Mostly used in Source Engines Games, but can be used on any Steam game, this is what CounterStrike uses. Visit our main VAC Thread

Steam AntiDebug / DRM
Publishers can opt in to have Steam add antidebug/DRM protection when releasing on Steam

Easy Anti Cheat - EAC
7 Days To Die, Aboslver, Ar:piel, Audition, Battaltion 1944, Block N Load, Cabal Online, Combat Arms, Crossout, Cuisine Royal, DarkFall: Rise of Agon, Darwin Project, Days of War, Dead by Daylight, Death Field, Dirty Bomb, Dragon Ball Fighter Z, Xenoverse 2, Dragonica Lavalon Awakens, Empyrion, Far Cry 5, Fear the Wolves, For Honor, Fortnite, Friday the 13th, Gigantic, Hide & Hold Out, Hunt Showdown, Hurtworld, Infestation: Surviror Stories, Infesntation: World, Intershelter, iRacing, Ironsight, Lifeless, Luna, Magicka Wizard Wars, Memories of Mars, Miscreated, Next Day, Offensive Combat Redux, Onward VR, Paladins, Post Scriptum, Ragnarok, Realm Royale, Reign of Kings, RF Online, Rising Storm 2, Robocraft / Royale, Rockshot, Rust, Sky Noon, Smite, Squad, Sword Art Online, Tales Runner, The Culling 1& 2, Ghost Recon Wildlands, Total War Arena, War of the Roses, War of the Vikings, War Rock, Warface, Warhammer 40,0000, Watch Dogs 2, World Adrift, Yulgang

BattleEye
ARMA II, ARMA III, DAYZ, H1Z1, Ark Survival Evolved, Surivial Of the Fittest, PlanetSide 2, Rainbow Six Siege, Survarium, Project Argo, Unturned, Insurgency, Day of Infamy, The Isle, Line of Sight, Conan Exiles, Blacshot, Tibia, PUBG, Black Squad, Pantomers, Fortnite, S4League, Zula, Islands of Nyne, BlackLight Retribution, SOS, PIxark, Heroes & Generals, Bless Online

XignCode
Punkbuster
FairFight
EvenBalance
 
Last edited:
Aug 2, 2018
1
4
0
Wich parts of the windows internal books are important to read. It was way bigger then i expected
 

iPower

Piece of shit
Moderator
Escobar Tier VIP
Fleep Tier Donator
Jun 29, 2017
573
19,508
64
Wich parts of the windows internal books are important to read. It was way bigger then i expected
You can use it as a reference book. IMO The most important parts are the first two chapters + object manager + process and memory management
 
  • Like
Reactions: rask

NmLaSimple

Full Member
Jul 2, 2018
43
138
0
No Cross Posting
You can use it as a reference book. IMO The most important parts are the first two chapters + object manager + process and memory management
i'm sucessfull in found jetpack function , but that experiance not helpful in bypass kernal module! that what i mean
 
  • Like
Reactions: rask
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods League of Legends Accounts