Anticheat Update Tracking

(not-matthias.github.io)

124 points not-matthias | 1 comments | 29 Jun 25 21:06 UTC | HN request time: 0.204s | source

Show context

nulld3v ◴[30 Jun 25 03:24 UTC] No.44419002[source]▶

Very nice walk-through on the reverse engineering process.

Also, they linked this post that made my jaw drop: https://www.unknowncheats.me/forum/anti-cheat-bypass/667333-...

Apparantly BattleEye anti-cheat had an exploit where hackers could permanently ban any player they wanted. BattleEye allowed anybody to log in as a "game server" so hackers simply booted up a fake server, told BattleEye that "player X has logged in and is doing a bunch of suspicious stuff" and then player X's account was no more...

I'm sorry, why do we trust these guys again?

replies(5): >>44419067 #>>44419870 #>>44421138 #>>44421444 #>>44425268 #

AnthonyMouse ◴[30 Jun 25 10:07 UTC] No.44421444[source]▶

>>44419002 #

It's crazy that people allow this stuff to effectively run as root. One of these companies is going to have a vulnerability that lets other players run code on your machine in kernel mode.

replies(2): >>44422770 #>>44423332 #

1. monster_truck ◴[30 Jun 25 13:01 UTC] No.44422770[source]▶

>>44421444 #

Happens about as often as games ship UI middleware that uses html and has xss, leading to an rce when the game leaves itself running as admin after an update. So basically all the time.

↑