Frosty Anti Cheat - Cheats Detected.

Please note this is BETA.

You tired of one shot one kill?

You tired of having to use Script Enforcer 2 mode with some anti-cheats

You tired of your Anti-Cheat being patched?

You tired of having to configure an Anti-Cheat?

You just one a one install and forget?

Well then I give Frosty Anti-Cheat! The one anti-cheat designed not for you to keep updating, the one that will stop the cheaters having one shot one kill!

It works in both Script Enforcer 1 and 2 mode as well as 0 (if you really do that o.O)

Only 1 line needs configuring (recommended configure).

If it does get patched I’ll role out a new one. I advice that server owners change the concommand used to something unique and random the lines are at the top of the files and are annotated just change the “changeme” to some random string (both string need to be the same or it won’t work.

I planned in advance so I have mutliple download links:

http://filesmelt.com/dl/FrostyAntiCheat.zip

http://www.mediafire.com/?cyu6v1ru1w4f8qv

http://www.megaupload.com/?d=25NDGAI4

http://speedy.sh/3a5py/FrostyAntiCheat.zip

http://www.wupload.com/file/2588690472/FrostyAntiCheat.zip

P.S I know its rough but I did it this morning (about 4 hours work) okay its not the best and it has crude detection but it works. The more servers that use it the better it will be, and hopefully shove the damn hackers out the way.
I’m expecting to get alot of bad comments seeing as this is my first public release.

No offence but this code sucks. There’s plenty of better anticheats already released.

Ones that require white-listing or have a ton of black-listing.

And to novices configuring white-listing isn’t useful, plus you can bypass white-listing.

Please name a better one that isn’t patched. And I did say its not my best work.

FAC, Gbps Anti Cheat, Yakahughes Anti Cheat (Whatever it was called).

Flaps anti-cheat I helped seth bypass. and as far as I know the others have been patched as well.


Sorry HaiThere, you are banned from using this forum!
This ban is not set to expire.

What a shame.

How does this work?

I threw it on a test server but my hud mod’s didn’t get detected. Simple things, ESP etc.

It doesn’t detect hooks like that, that would require white-listing or black-listing.

Primarily I guess it will just detect SH users, break SH and then kick them. Tested.

But any hack that loads before this it will break and get detected. Anything after that overrides core functions for logging will get detected and also the +attack and -attack commands, working on a reliable way to detect auto-fire through CUserCMD and possible some small player behaviour detection.

Throw this at it: https://bitbucket.org/pollyzoid/aether/src
It’s getting a bit old, and I haven’t touched it for a while, but it should still be able to bypass most, if not all of your anti-cheat defenses. It’s made for usage with a binary module that loads it before anything else, but I never finished it, so you’ll have to disable SE if you want it to load.

Which folder or does it all work together?

You don’t need the materials, just copy the lua/ folder over garrysmod/lua. I’ll have to test it myself, I have no idea if it even runs anymore.

e: Runs just fine. Remove line 25 of plugins/dummy.lua if you want to see the drawn text, and you can test the console command with “ae test” (the comment lies, they do work)

e: Oh, I see. GMod now prioritizes Lua files sent by server over client-side ones. So that’s why the anti-cheat loaded before my stuff.
Nevermind then, it would need the binary module to run as intended now.

As far as I can tell it dosn’t work, it says its loading, then nothing. I put some test messages in some of the hooks, nothing.

Blocked ;p

-snip nvm-

Alright, it’s fixed. There was a bug in my module detouring code; it wouldn’t detour functions if the module was already loaded (like I said, made to be loaded before everything). After fixing it, it loads and works perfectly.

Replace line 71 in aether/core/detour.lua with this:
[lua]if package.loaded[name] and _modReal[name] then return package.loaded[name] end[/lua]

And if you want to see the dummy plugin’s fancy HUDPaint hook, remove line 25 of plugins/dummy.lua.

e: Feel free to use it for making your anti-cheat better. I’d post the testing AC I made, but I lost it long ago.

I like it and it works great!

EDIT: Is there a whitelist system?

Sorry, tested. Detected.

All I had to do was change my enum file fac.lua to !.lua and its detected.

If anyone wants to update there’s just change the enum lua filename from fac.lua to !.lua I guess I should have had it like that in the first place but I didn’t want to ;p

Sorry but that won’t work against injected cheats.

You do know that enum is being removed in the beta right

Yeah :confused: Its gunna be hard once in the beta to do this kinda thing without mucking up gmod. There ARE alternatives but it might require total gamemode re-writes. I would love entry into the beta to test anti-cheat possibilities.

I still want to go for my player behaviour detection method that runs server side, I just lack the c++ experience as with my tests the lua environment for player behaviour is just too slow for tracking players aim and movement.

Umm… really? Every combination of filenames, loading Aether before or after FAC hasn’t caught it yet. To be sure of the load order, I just added my loading line into your loading script in enum. Both before and after your script, it loads completely and doesn’t trigger any detection.

Do note though, Aether is made completely anti-cheat bypassing in mind. I tested it with everything I came up with and added bypasses. There are still couple holes, but they’re pretty damn obscure and hard to find. My favorite way was probably triggering an error inside a possibly detoured function, going through pcall and checking the error string, since it returned the error file and line I had the detour in :v:

Also, couple tips. Use lots of debug functions. debug.getinfo returns info about the function you give; for example, info.what should be “C” for any C-functions, but detoured functions without debug.getinfo detouring will return different stuff. Similar thing for debug.getupvalue, which returns nil if the function is in C.

Even though the code may not be the best, it still does its job.
Not even Flapadar’s AC detects sethhack, his private one might. I also hear you can get past his private one in sethhack’s se2 mode.