#Steam Workshop::Clever Anti-Cheat Bot

function cvars.OnConVarChanged( name, old, new )
    if name == "sv_allowcslua" or name == "sv_cheats" then
        net.Start( "clever_bot_netify" )
        net.WriteString( name )
        net.WriteFloat( new )
        net.Broadcast()
    end

    return oldcvarsccc( name, old, new )
end

this is really something you shouldnt be doing

you are effectively leaking server secret convars and config options

Thank you, can you give me some other options?

only networking convars that have the replicated flag ig

the entire thing can be bypassed by any cheat though

Just the start, So i need ideas to add.

I hope http detours are up to specs (callback allwas called, even on block/failures and proper returns). It wouldn't be the first time I have seen them being messed up.

local function CheatCaught( name )
    net.Start( "clever_bot" )
    net.WriteString( name )
    net.SendToServer()
end

--bypass
local net_Start = net.Start
local net_SendToServer = net.SendToServer
function net.Start( str, rel )
    if str ~= "clever_bot" then
        return net_Start( str, rel )
    end

    function net.SendToServer()
        net.SendToServer = net_SendToServer
    end
end

i have my own net library

homolib.net = nil

i can block your net messages being sent to the server!!!

oh dll level, yeah that too lol

So any ideas to add? other then bypasses?

you're pretty late to this game of cat and mouse

assuming you're doing the detecting on the client and networking to the server when it happens

you're better off detecting on the server instead, so that clients can't prevent communications to the server

and you'll have to really test the way you detect things, because you don't wanna hit a false positive on a legit player

i need to trick skids in pretending code on the client works

lol

It's that time of a month again it is about anti cheats.

I still remember that anti cheat posted like 2 months ago that had a literal file browser for admin to explore and download arbitrarily files of any connected client up to the game binary/logs level.

😋

link?

this is why I have my file library detoured and protected

also whats up with this

why we posting to that on serverside

phoenixf said it's against telcom or w/e to post clientside

    http.Post( "http:/" .. "/elitehero.freehostia.com/scan.php", {
        Code = tostring( name ) .. " - " .. tostring( pl:Nick() ),
    }, function( body, length, headers, code )
        -- onSuccess function
        local str = "Cheats: " .. tostring( name ) .. " - " .. tostring( pl:Nick() ) .. " - " .. tostring( pl:SteamID() ) .. "\n"
        print( str )
        file.Append( "cheaters.txt", str )
    end, function( message )
        -- onFailure function
        print( message )
    end )

do you just like, log the method that caught someone and their username?

yup not the ip etc

It will get advanced later on but never ip's

just get name and steamid

¯_(ツ)_/¯

and the cheat name?

or cheat name of w/e its called

peopel can just spam random shit in there

#addon-releases message

they can super easily rn too

i can write a 10 line script that probably crashes your webserver rn

if i was a evil cheater ofc, im not

that's called a blackhat screenshotted

lol

no anyone can do that

lol

time to add Sleep(1); in the php just incase hmm

you can literally do it in gmod
hook.Add Think
http.Post

i hope you have a ratelimit because you're 100% get some cheater doing that to you

yeah they got anti ddos etc on the serverside such as web limited how many connections etc

wanna try?

No, don't even think about it.

now if someone does it you'll blame me, what a win

Lol no.

Good anticheat, don't let those nerds put you down, you're a good guy Greg 👍

Thanks robert.

Check tickcount to prevent backtrack

:(

cursed

✌️

you know most cheats just load before autorun right

so they just localize jit and such before it

hmm

cheats also have callbacks when files load and can change the content of the file being ran

so they can just refuse to run your file or edit it

nice info

thank you.

wym?

net.abort removing the need for dll 😔

not even

like 0.0003% of 5% of cheats where 5% of cheat users are lua cheats lol

like 2 people globally load before autorun, they probably only playing hvh too lol

no one's really loading before autorun, yet to see it genuinely be done after all this time lol

i'm not sure this would even work, don't see why a convar changer would call this hook instead of merely and only changing the value silently

something you can do to fuck with anti-anti-cheaters is

local runEveryFiveSeconds
function runEveryFiveSeconds()
    timer.Simple(5, runEveryFiveSeconds)
end
timer.Simple(5, runEveryFiveSeconds)

that'd require pre-autorun i guess

can't really break that timer, unlike if you used timer.Create

and in runEveryFiveSeconds you could maybe be checking convar flags & values

one thing you could do is bypass ur own anticheat and just patch ur bypasses, that's a fun way of tightening a few loose bolts

thanks @tame elbow

now that i think about it, who even actually bypasses anticheats?

who is the target audience for that shit

hahahahaha

i search _R for your timer :)

people who are bored tbh

i've never even seen this mentioned anywhere before, or on the wiki; what is it

timer library stores timer callbacks in the registry
you can loop through it and find a function using debug library and such

ballsack 🗣️

better question, would it be possible to make scales that are sensitive to particles bumping into it?

like farting on it

from a meter away or so