I've started writing C++ modules for gmod recently and I'm interested in learning how to use sig scanning to hook into inturnal functions controlling stuff like networking etc (really just the joy of being able to mold any part of gmod to my will for no apparent purpose) but I'm concerned as to how vac will react.
Am I safe so long as I make sure I stear clear of the lua enviornment or are there other ways to accidentally trigger vac or is vac smart enough that I don't really need to worry about it unless the module is actually accessing a malicious function signature somehow?
-snip- well, seems I'm wrong.
In my experience with Garry's Mod: Nothing at all
Obviously don't hold me liable for that though. Also don't expect anything naughty that gets released to be safe either
Afaik there's only a few blacklisted outdated dlls that will trigger vac, and then there is very very weak vac settings which will not be triggered unless you make an extreme hack of some sort. There has been one dll that is not blacklisted afaik that has caused vac bans. You pretty much have nothing to worry about as long as you aren't hacking.
Code section memory modification seems to be entirely undetected/ignored in all binaries at the moment.
VAC does blacklist two (or more) modules; gmcl_deco and that bs something module that tyler had.
Don't force set the values of sv_allowcslua or sv_cheats using ConVar::SetValue either, it will trigger GAC. Even though GAC's manual (only sends info such as screenshots and processes) it's still probably best avoided.
make ur dll undetected by using md5 changer
its should be undetected forever
Didn't you used to be able to use Cheat Engine and get off scott free? Unless that's changed, then yeah, only thing that I can see you getting VAC or GAC'd for is trying to cheat by forcing cheating cvars.
[QUOTE=BayLife;44606512]Didn't you used to be able to use Cheat Engine and get off scott free? Unless that's changed, then yeah, only thing that I can see you getting VAC or GAC'd for is trying to cheat by forcing cheating cars.[/QUOTE]
I am pretty sure that's exactly what VAC tries to detect. As long as you are not messing around with sources existing memory, you should be fine.
Reposting this from another thread:
[QUOTE=npypntz;43828751]VAC is doing most of its scans as it normally would in any other game. However due to GMod allowing people to develop and load their own binary modules it would be a bad idea to issue VAC bans for what is most likely a false positive.
Signature for BaconBot v4's module exists in VAC's database and people have been banned for it (I only remember [url=http://steamcommunity.com/id/TOILETPAPER]this sperg[/url] getting bent, but there were quite a few others as well), however nothing else has been picked up by it because of reasons stated in the previous paragraph.
In conclusion: VAC works, but its findings/reports are ignored due to GMod's nature.
[/QUOTE]
tl;dr You're perfectly safe.
You can literally force sv_cheats to 1 with CE and nothing will happen.
It's only a blacklist in Gmod
If it makes you feel any more confident, I don't think any legitimate developer in gmod's history has been vac banned, and module developers do things that vac would easily detect in other games.
Any module you write using garrys lua interface will (unless blacklisted by being sent to Garry) not get you VAC banned. However, if you are writing illegitimate modules it's possible to get caught by GAC (if that's still enabled?).
Again, as far as I know there has only been 1 dll that, when injected, triggers a vac ban. (It was a cheat)
Many other people write cheats and never get banned (by vac), I doubt that a simple harmless module will trigger it.
Just to put in perspective
People that abused stealing rcon in the recent exploit were not vac'd
People that abused it in other games were vac'd (saw it first hand)
[QUOTE=c-unit;44611257]Any module you write using garrys lua interface will (unless blacklisted by being sent to Garry) not get you VAC banned. However, if you are writing illegitimate modules it's possible to get caught by GAC (if that's still enabled?).[/QUOTE]
Last time I checked, the code was still in memory but never got called.
[QUOTE=zerothefallen;44613675]Just to put in perspective
People that abused stealing rcon in the recent exploit were not vac'd
People that abused it in other games were vac'd (saw it first hand)[/QUOTE]
"first hand" Coming from you I think we know what that means.
Anyhow you should be fine, infact if you were banned I'd pay you $200 just for getting garrys attention.
-replying to skid snip-
[QUOTE=zerothefallen;44638189]-replying to skid snip-[/QUOTE]
Yes I am the skid, your products are triple A shit.
Not to mention your anti-cheat is hardly 200 lines without spaces on the parts you actually made.
flame war on zero
brb gonna get some popcorns
[QUOTE=kila58;44638739]Yes I am the skid, your products are triple A shit.
Not to mention your anti-cheat is hardly 200 lines without spaces on the parts you actually made.[/QUOTE]
Because more lines makes you a better coder? Wow I need to add more irrelevant code that makes my addons run slower!
[QUOTE=SarahKerrigan;44638843]flame war on zero
brb gonna get some popcorns[/QUOTE]
Nah i dont care what some mpgh skid thinks. Im going 2 bed
[QUOTE=zerothefallen;44639005]Nah i dont care what some mpgh skid thinks. Im going 2 bed[/QUOTE]
Yea okay skrub sounds to me like you just don't have anything to say.
Next time you want to start shit actually come up with a argument.
Maybe a few reasons why your anti cheat is superior to others (even though we all know it's not) and more logical responses instead of stooping to the lowest level. Let's not forget your ping system that kicks players for taking too long to download.
[editline]25th April 2014[/editline]
[QUOTE=OzymandiasJ;44638981]Because more lines makes you a better coder? Wow I need to add more irrelevant code that makes my addons run slower![/QUOTE]
200 lines is not much, maybe if you also learn to optimize your shit it wouldn't be a problem as only someone who has ran into that before would complain about it.
[QUOTE=kila58;44639679]
200 lines is not much, maybe if you also learn to optimize your shit it wouldn't be a problem as only someone who has ran into that before would complain about it.[/QUOTE]
Because you were the one implying that only 200 lines is terrible code? I think someone is projecting.
The number of lines does not translate to how efficient or inefficient a program is, yet you were implying more lines makes a better, more efficient program, to which I replied with a sarcastic comment about how adding more lines to my code would magically improve all of my coding standards. Good day sir.
(PS The average line count of each lua file in my addons folder is 67)
[QUOTE=OzymandiasJ;44640325]Because you were the one implying that only 200 lines is terrible code? I think someone is projecting.
The number of lines does not translate to how efficient or inefficient a program is, yet you were implying more lines makes a better, more efficient program, to which I replied with a sarcastic comment about how adding more lines to my code would magically improve all of my coding standards. Good day sir.
(PS The average line count of each lua file in my addons folder is 67)[/QUOTE]
He's most likely talking about his anti cheat. And I doubt a 200 line anti cheat does much good.
[QUOTE=zerothefallen;44613675]Just to put in perspective
People that abused stealing rcon in the recent exploit were not vac'd
People that abused it in other games were vac'd (saw it first hand)[/QUOTE]
People that abused it in any game were'nt VAC'd (except they were some pain-in-ass for VALVe and they manually vacd them, mostly happens to tf2 players), go figure out how VAC detects stuff.
+ you failed again, changing sv_cheats/sv_allowcslua makes GMod (GAC part) send stuff to [url]http://api.garrysmod.com/stats/011[/url] over insecure channel lol'd
[EDIT]
Back to the topic, in Gmod changing .text region (JMP hooks, changing vtable entry, bytepatching and other stuff) is safe.
Simply don't hook SteamOverlay and D3D stuff and you'll be ok.
mostly happends to tf2 players. hey its free just make a new account....... DAMNIT MY HATS
Also Zero last I checked you got like 50+ posts on MPGH so who's the skid.
y o u
[QUOTE=SarahKerrigan;44640425]mostly happends to tf2 players. hey its free just make a new account....... DAMNIT MY HATS
Also Zero last I checked you got like 50+ posts on MPGH so who's the skid.
y o u[/QUOTE]
Stop flaming Zero, he got flamed enough before.
Well, in TF2 there are premium accounts /w hats and other stuff.
And stuff such as guns, noisemakers and other shit makes you OP or/and really annoying if you cheat.
[QUOTE=ks_uw-the_cat;44640408]People that abused it in any game were'nt VAC'd (except they were some pain-in-ass for VALVe and they manually vacd them, mostly happens to tf2 players), go figure out how VAC detects stuff.
+ you failed again, changing sv_cheats/sv_allowcslua makes GMod (GAC part) send stuff to [url]http://api.garrysmod.com/stats/011[/url] over insecure channel lol'd
[EDIT]
Back to the topic, in Gmod changing .text region (JMP hooks, changing vtable entry, bytepatching and other stuff) is safe.
Simply don't hook SteamOverlay and D3D stuff and you'll be ok.[/QUOTE]
No, people like altimor from fp and a few coding friends were testing this in csgo and were both vac'd 3~ days later. They couldnt of been vac'd manually because valve wouldnt know them.
[editline]25th April 2014[/editline]
Also you can hook d3d vac wont care. My friend does that and it doesnt seem vac cares
[editline]25th April 2014[/editline]
Also gac probably still sends info but no bans happen anymore so no one cares it seems
[editline]25th April 2014[/editline]
Would like to point out i was mentioning vac specifically cuz this aint about gac
[QUOTE=zerothefallen;44641181]No, people like altimor from fp and a few coding friends were testing this in csgo and were both vac'd 3~ days later. They couldnt of been vac'd manually because valve wouldnt know them.
[editline]25th April 2014[/editline]
Also you can hook d3d vac wont care. My friend does that and it doesnt seem vac cares
[editline]25th April 2014[/editline]
Also gac probably still sends info but no bans happen anymore so no one cares it seems
[editline]25th April 2014[/editline]
Would like to point out i was mentioning vac specifically cuz this aint about gac[/QUOTE]
1.
Yea. And I tested it with 3 different accounts, garrysmod, css & tf2 - none of them is vac'd.
Would be really dumb if it did cause a VAC ban too, because - how and when would valve have began scanning for it ?
Sprays always used this way. There was a huge abuse of the same hole before too which is why that shity fix was applied.
They only knew of the new exploit later on, and that's when they could have began banning for it, but no, instead, it was fixed - like it should have been.
2.
Partly true. Depends on how you do it.
Do it the wrong way and you'll eventually end up triggering it.
If you don't believe it's possible to trigger VAC in garrysmod, add me on steam, and I can send something which surely will trigger VAC.
Don't just believe the stupid "VAC IS FULLY TURNED OFF; JUST BLACKLIST QQ" shit everyone says. VAC in gmod is nearly fully ded, but still - not fully.
3.
The bans happen in waves, wait until garry decides it's time to kick the moneycow, Garry's Mod, for some money and hits the "GAC BAN WAVE" button.
But right now, he's busy with his new darling, Rust.
4.
wat. but you just mentioned GAC in your last edit ._.
Because ks brought up gac first.
If you havent been vac'd, then its fair to assume my friends called requestfile incorrectly
Until i see a vac ban in gmod that isnt from 2010 then i just assume its dead
Sorry, you need to Log In to post a reply to this thread.
