Anticheat Update Tracking

(not-matthias.github.io)

124 points not-matthias | 1 comments | 29 Jun 25 21:06 UTC | HN request time: 0.216s | source

Show context

nulld3v ◴[30 Jun 25 03:24 UTC] No.44419002[source]▶

Very nice walk-through on the reverse engineering process.

Also, they linked this post that made my jaw drop: https://www.unknowncheats.me/forum/anti-cheat-bypass/667333-...

Apparantly BattleEye anti-cheat had an exploit where hackers could permanently ban any player they wanted. BattleEye allowed anybody to log in as a "game server" so hackers simply booted up a fake server, told BattleEye that "player X has logged in and is doing a bunch of suspicious stuff" and then player X's account was no more...

I'm sorry, why do we trust these guys again?

replies(5): >>44419067 #>>44419870 #>>44421138 #>>44421444 #>>44425268 #

ethan_smith ◴[30 Jun 25 05:52 UTC] No.44419870[source]▶

>>44419002 #

This BattleEye exploit demonstrates a classic failure of trust boundary definition - they effectively created a system where client attestation was accepted without proper authentication or verification.

replies(2): >>44421326 #>>44425616 #

gen6acd60af ◴[30 Jun 25 09:49 UTC] No.44421326[source]▶

>>44419870 #

>a classic failure of trust boundary definition - they effectively created a system where client attestation was accepted

Can you elaborate? I'm unsure what a trust boundary definition means in this context and how it relates to attestation.

replies(2): >>44422531 #>>44422538 #

1. lightedman ◴[30 Jun 25 12:39 UTC] No.44422531[source]▶

>>44421326 #

trust boundary basically means a spot in execution where the trust level of code changes (aka privilege level) and thus needs reverification

↑