[Cadilab]

Hello. I'm was wondering for quite a while how memory hacking in samp or in general works.
Let me explain a bit more.

I found this page on gtamodding called Memory Addresses, now what I want to know is when for example aimbot is turned on how does it rewrite memory to make every bullet hit the player, does it change only for example

Код:

0xB6EC2E - REAL aiming mode offset, not menu:

Or what ?
The reason I want to understand how this works is because I want to create a client-side application which will track memory change, read patterns and possibly terminate the process(aimbot for example) I've tried scanning and reading patterns but I just don't understand it that well.

I hope you understand what I meant.

[Spmn]

If GTA memory is being manipulated from another process, most likely that process is calling winapi functions, which can be blocked using systemwide hooks or some kernel tricks. Be aware that these might trigger AV softwares.

If the cheat is injected into GTA, then you're kinda screwed since there's no native way to intercept these changes and you'll have to come up with clever tricks.

[DRIFT_HUNTER]

Quote:

Originally Posted by Spmn If GTA memory is being manipulated from another process, most likely that process is calling winapi functions, which can be blocked using systemwide hooks or some kernel tricks. Be aware that these might trigger AV softwares. If the cheat is injected into GTA, then you're kinda screwed since there's no native way to intercept these changes and you'll have to come up with clever tricks.

If cheat is injected into GTA, GTA's memory footprint should change. And if its loaded as library, then windows will keep track of that library, and again, memory footprint will change.

[Spmn]

I agree that you can keep track of injected modules, but there is no api for monitoring changes in memory done by these dlls.

And I guess he wouldn't want to block ALL injections, because that would make asi mods unusable.

[Cadilab]

Well I think after some time I've came up with a solution that can easily block exe cheats for example aim bot, but still not tested.
Correct me if this is a stupid idea but imagine if in that client side application, when you run application you get a list of all running processes, store that list, make a timer that will get the difference between old process list and the one you get after few seconds, if the list is changed you compare the new processes md5 hash to "blacklist" of hack hashes and if they match you close that process by its id? Is this logic reliable ?

[kurta999]

You need to be a very decent programmer with a lot of knowledge to make a good working anticheat. If you craft something like this which wouldnot allow memory editing or incejting, i would try to hack your anti Cheat and everything solved..if i were you, i wouldnt waste my time on writing anticheat. You need to block as much thing as you know on serverside. Anyway look for mta, they are made a very stable anti Cheat system

[Cadilab]

Deal!
Well I know it's not impossible, MTA has pretty decent anticheat, I'll try to do a research on theirs and see if I can pull off some of their methods and maybe successfully get a stable client.

[NaS]

Be aware that if your Application succeeds and is actually used, people will try to hack your Application as well, or simply write an Application that tells the Server everything is alright, or put up a Proxy. Sooner or later you will have to handle that as well and things are getting complicated (if it wasn't yet).

Also know that most Authors of Hacks (especially the most used ones..) are not only very dedicated, but have very extensive knowledge. If you are not coming up with a very very good design you will fail, see how big games are hacked within days/hours.

Good luck anyway.

PS: Not trying to talk you away from it, but even if you fail to do it this is an excellent possibility for you to learn programming and everything related. So either way you will not do something that is useless.