PDA

View Full Version : Cheat Suggestion - Garrys Mod



PatientZero
07-28-2014, 09:06 PM
I have suggested Garrys Mod as a cheat because there are endless amounts of possibilities you can do with the game.
Examples of cheats would be spawning in DarkRP money hacks, having who is the traitor in TTT and also bypassing server CVARS and being able to use admin commands.

Also it has a very large playerbase and VAC in Garrys Mod is broken meaning that it would most likely not be detected at all.

I can tell everyone now there will be a LOT of people buying this cheat just because of the grand scale of gmod.
http://prntscr.com/4798yj

somescripter
07-28-2014, 10:51 PM
DarkRP money spawning:
ektox-Mzbq4 (YT video id, can't post)
VAC is enabled and working on GMod, it's not broken.
It's not really hard to make a hack for it, I made this in a week (I'm a lazy ass so it took me time because most of the time I just wanted to play even if it was broken):
x99uxjjbFHs (same)

PatientZero
07-28-2014, 10:57 PM
I always thought it was broken in Garry's Mod?
I thought when you get banned you could still play VAC secure servers, so it is not active.

MyDearFlamez
07-29-2014, 10:20 AM
VAC isn't broken? VAC can't detect LUA scripts, which are injected by the game, since VAC only detected DLLs and shit.

Anything external. I did post an upload for gmodpickles, and that works fine. You just gotta make your own scripts, or get some.

somescripter
07-29-2014, 12:26 PM
The anti-cheat in Garry's Mod resides entirely in client.dll. It all begins in CGarrysMod::LevelInit(). Given a random 1 in 100 chance and that the user is not in singleplayer, the anti-cheat will engage after 30 to 360 seconds. However, if g_bHighPriBigEye is true, there is a 1 in 3 chance the anti-cheat will engage after 20 to 60 seconds. g_bHighPriBigEye is set to true in the Lua function Surface.CreateFont() if the argument new_font_name matches the pattern /shm.n.+/. This targets a private cheat known as SethHack, since it creates a font called "shmenufont".

The second part of the anti-cheat resides in CGarrysMod::PaintVGUIOverlay(), which calls a function every frame that will calls the main anti-cheat routine under the following conditions:
1. The time set in LevelInit() has passed.
2. The user is not in the menu.
3. The user is not in singleplayer.
4. The user is not in the Sandbox gamemode.
5. The main routine hasn't been executed before.

The main routine of the anti-cheat assembles a payload and sends it over insecure HTTP as application/x-www-form-urlencoded to a Gary's Mod API link (can't post links, again) (obfuscated using ROT13 in the executable). The payload consists of:
1. The API version.
2. A chunk of data consisting of the user's process list (and their loaded modules) encoded in JSON and the game's console log, obfuscated using a cipher mostly equivalent to XORing with 0x40.
3. The user's 64-bit Steam ID.
4. A screenshot of the game, compressed with JPEG, encoded in Base64.

Certain processes will be excluded from the process list if their executable names match a table of whitelisted processes.

1.You can block the HTTP request (so easy even Garry could do it, maybe) and absolutely nothing will happen.
2. You can hide processes from the process list scan by simply renaming them to something from the whitelist (a.k.a. Garry's process list).
3. It primarily targets SethHack. It's just a matter of time before someone less retarded than Seth, Avaster, or Flapadar starts selling a private cheat.
4. Because of the use of URL and Base64 encoding, the payload ends up being unnecessarily huge. Like, 1.6 times larger than it should be. Garry doesn't know how to send binary data over HTTP it seems.
5. The payload is not authenticated, unless it's done out-of-band from the HTTP request. Massive abuse potential, and no way of validating the data.
6. BONUS! Garry doesn't know what the XOR operator is either, so he ends up implementing his cipher using conditionals and arithmetic.

PatientZero
07-29-2014, 12:44 PM
Oh ok cheers everyone for clearing me up with that!

Apple101
08-01-2014, 11:58 AM
So, Are you guys doing the Cheat for Garrys Mod With DarkRP Spawning Money hack ?

somescripter
08-01-2014, 12:27 PM
So, Are you guys doing the Cheat for Garrys Mod With DarkRP Spawning Money hack ?

probably not, but it's possible anyways with a 4 lines code. (repost because previous post is visible only to mods)


https://www.youtube.com/watch?v=ektox-Mzbq4

PatientZero
08-01-2014, 02:05 PM
So, Are you guys doing the Cheat for Garrys Mod With DarkRP Spawning Money hack ?

This is a cheat SUGGESTION not a confirmation.