Author Topic: More info about ZKQ  (Read 25760 times)

Offline Brian #30 on: February 06, 2018, 05:07:25 am

  • Jr. Member
  • **
  • Posts: 26
  • =ULK=Noire
    • View Profile
Measuring mouse movement is possible after each shot on the client although this would probably catch alot of false positives. One could also check if the shot hit the body of the other player (I'm aware there's aready a  script that does this) but this wouldn't really detect the aimlock version that has lead aim. Because those shots don't hit the body.
This seems to be the most feasible solution currently imo, isn't it possible to script a copy of Google's CAPTCHA?
You don't necessarily have to have a integral of 'did he hit said person in the head or not' it's just simply mouse movement you need to be looking at.
Even with a lead aim aimlock, it would still be detectable due to the fact that a computer can't aim like a human does and vice versa.
The only problem that might occur is the fact that said script would be working on time intervals which means that you will have to have this run and check at like 1000 times a second to make it viable.
Is this feasible? I don't know. Is this going to impact server/script performance? I don't know.
It needs testing but I'm certain that this would be the easiest way to go about it.

vito69 #31 on: February 06, 2018, 06:53:22 am

  • Guest
vito's suggestion to get the running processes might work but doesn't seem very practical to me.
It wasn't a suggestion to aimlock problem, it was just a comment to Brian's post. It's wont help to detect any cheat. Mainly it's detecting .asi and may be used as one factor to finding ban evaders.
but I'm not sure if those crashes trigger the server side OnPlayerCrashDump event, I haven't tested. But even if they did tho, this could be easily bypassed by players if they simply changed the .exe name of the hack file.
It's sending to server OnPlayerCrashDump, even with game_reportcrashes 0 in user's config. I've tested it with few hacks. And about .exe's hacks - some of it not even listed there. However it may be useful as I said above.
Measuring mouse movement is possible after each shot
Each frame.

Actually Brian's idea about tracking mouse/aim is good for this aimlock and future versions, but there is a bit more background to build such system.

Offline Forlove #32 on: February 06, 2018, 05:11:55 pm

  • Jr. Member
  • **
  • Posts: 71
    • View Profile
Already explained more than 1000 times who the '' you know why i stopped using the aimlock'' was to tell him that when i got how to use the shit i stopped using. I never used in servers against players and i challenge you to show me a single video about me using aimlock against players.

Check this: https://imgur.com/a/spelM   this is what i said and i still say it.

The only thing that i can do now is to give the same evidences in phone screenshot or video without edit, otherwise i have nothing to say.


Staff can always ask me and i can reply honestly, if not, yeah go ban me for no reason to make hunting and thorax happy. I don't care about getting ban in ctf, but at least show me a good reason to ban me, not fake shits.


I proved that i can't help thorax to make his aimlock better because of  reasons:

1st one: He is with WK and scripts with anonimul and he will never need anyone else because anonimul is known as a good hack scripter. 
2nd one: You see he said clearly that i go start learning programming .   So , no doubts to trust me that i cant help him at all, or at least, even if know, show  me at least a single code that i sent to him. The response will be :NONE, because its true what i say. I dont have any coding skill and even if i had, i would start making a detector by myself and put an end to the story.


For usage: i explained it already.   If you want , go and ban me, but i assure that i didnt use it anywhere against players in any server except testing alone.  Thats all, now  if u want to make hunting happy, go and ban me. i dont care about this server but i care about my name in vcmp :) .
« Last Edit: February 06, 2018, 05:14:50 pm by Forlove »

Offline Forlove #33 on: February 06, 2018, 05:19:07 pm

  • Jr. Member
  • **
  • Posts: 71
    • View Profile
I wont reply to anyone except to staff members, idc about the haters because they will always repeat the same thing


For all to know: I perma removed the aimlocks from my pc, so now i have nothing and i learnt to stop dealing with hackers. Learnt and never will deal with hackers, just i gave aimlock to ec staff and made me in this problem, i wont do anything again anymore.

Now, staff can say anything i ll not refuse, I assure that the  pics: https://imgur.com/a/spelM  are real and not edited, so now its up to you.

vito69 #34 on: February 06, 2018, 05:23:02 pm

  • Guest
is it Forlove is MIMO? :-\

Offline Forlove #35 on: February 06, 2018, 05:29:36 pm

  • Jr. Member
  • **
  • Posts: 71
    • View Profile

Offline Forlove #36 on: February 06, 2018, 05:37:01 pm

  • Jr. Member
  • **
  • Posts: 71
    • View Profile
Someone locks this topic until last decision or for staff questions? i will reply in pm, just im bored to reply everytime

Offline Hyperzon2 #37 on: February 06, 2018, 06:47:05 pm

  • Jr. Member
  • **
  • Posts: 26
    • View Profile
Thats all, now  if u want to make hunting happy, go and ban me. i dont care about this server
lole if u dont care about ban in this server why typing all of this lies and all of this shit, shut ur ass till the staff make a decision

  but i care about my name in vcmp :) .
loool ur name XDDD u're just an 2016player, whats name u're talking about as i said before, m8 neither aaron and ryne and other EC's shity staff.. can protect ur ass HERE mami , just go enjoy some sushi till u find ur ass banned :']]]]
« Last Edit: February 06, 2018, 09:38:14 pm by Hyperzon2 »

Offline Forlove #38 on: February 06, 2018, 07:54:07 pm

  • Jr. Member
  • **
  • Posts: 71
    • View Profile
Dumbs arent allowed to post so pls shut ass

Offline Hyperzon2 #39 on: February 06, 2018, 09:18:44 pm

  • Jr. Member
  • **
  • Posts: 26
    • View Profile
Dumbs arent allowed to post so pls shut ass
ayyyy mami no ban from here plzzz, mami u have to know this is not ban apeal or report which is only 2 sides are involved in [staff and u)
this is an open topic okay nippon u good now dumbass
« Last Edit: February 06, 2018, 09:37:32 pm by Hyperzon2 »

Offline Forlove #40 on: February 06, 2018, 10:05:42 pm

  • Jr. Member
  • **
  • Posts: 71
    • View Profile
i dont ask to not ban me, i just say that proofs are invalid and i gave mine, thats all. About hyperson, i think the ec ban made u my fan also :(

Offline Hyperzon2 #41 on: February 06, 2018, 10:11:03 pm

  • Jr. Member
  • **
  • Posts: 26
    • View Profile
About hyperson, i think the ec ban made u my fan also :(
fan of 15years old teenager lole,, fuck ec man i had withdrawn my ban apeal there go and see mami bcz its a shity server/staff, where staff let hackers play, you are a good example jehahah

Offline NewK #42 on: February 06, 2018, 11:06:02 pm

  • Developer
  • Hero Member
  • *
  • Posts: 893
    • View Profile
Zkq I'm not accusing you of helping to develop hacks here. I'm accusing you of using hacks like this picture proves:

Why would you even say that if you did not  use it in servers like you say? The only reason you would say that is if you did use it in servers.


This seems to be the most feasible solution currently imo, isn't it possible to script a copy of Google's CAPTCHA?
You don't necessarily have to have a integral of 'did he hit said person in the head or not' it's just simply mouse movement you need to be looking at.
Even with a lead aim aimlock, it would still be detectable due to the fact that a computer can't aim like a human does and vice versa.
The only problem that might occur is the fact that said script would be working on time intervals which means that you will have to have this run and check at like 1000 times a second to make it viable.
Is this feasible? I don't know. Is this going to impact server/script performance? I don't know.
It needs testing but I'm certain that this would be the easiest way to go about it.
The thing is, google captcha uses alot of techniques to detect bots which are not limited to mouse movement alone. They also take a look at your google search history (if they detect an account exists) and cookies stored on your browser from other of their services (google drive, gmail, hangouts, etc...). Even after all of that there's still situations where their detection fails. Such solutions never have a 100% success rate, which is normal. Such detection methods might have an impact on performance yes, but more on the client than on the server. Meaning, players with bad pc's might notice this hit depending on how low the timer interval making these calculations is. Seeing as detecting mouse movement would probably catch alot of false positives, there might be some strain on the server too, since every time we detect a possible "hacker", we'd have to send this information to the server, although this wouldn't be a problem for servers made using languages that support threads, like servers made in C++ or Java, since they could off-load some of this load to background threads.

It's sending to server OnPlayerCrashDump, even with game_reportcrashes 0 in user's config. I've tested it with few hacks. And about .exe's hacks - some of it not even listed there. However it may be useful as I said above.
Hmm, yea in that case it may be useful indeed for some other situations.
Measuring mouse movement is possible after each shot
Each frame.
Yeah that's possible too, but I believe this might lead to even further false positives. Not to say that it should be completely ignored though. It should be looked into for sure. Although it might not seem as easy as it looks. It's been quite a  while since I last used assembly but I've already reverse engineered some sections of the aimbot and ran it through a debugger. There were some "protections" put in place by the creator that disabled the aimbot the moment a debugger was attached to the process. It didn't took me long to bypass these "protections" and a more experienced assembly user could probably have done it even faster. Unfortunately my free time is getting even shorter as of late, so I haven't looked into it anymore yet. But what I mean by not being as easy as it looks is that the aimlock doesn't exactly lock into the player the moment their nametag is on the screen. The mouse/crosshair needs to be relatively close to the enemy players' nametag for it to lock into the player. This was obviously made this way to be harder for others to notice and to be harder for scripts that track sudden mouse movements to detect aswell. But the hard part here might not be detecting suspicious mouse movements, but instead keeping the amount of false positives to a minimum. Because detecting it becomes useless if the amount of false positives becomes so high that you can't differentiate the clean players from the hackers.
« Last Edit: February 06, 2018, 11:31:31 pm by NewK »

Offline Forlove #43 on: February 07, 2018, 11:44:56 am

  • Jr. Member
  • **
  • Posts: 71
    • View Profile
@Newk , check your pm please.
« Last Edit: February 07, 2018, 11:51:01 am by Forlove »

Offline Brian #44 on: February 07, 2018, 11:54:53 am

  • Jr. Member
  • **
  • Posts: 26
  • =ULK=Noire
    • View Profile
Measuring mouse movement is possible after each shot
Each frame.
Yeah that's possible too, but I believe this might lead to even further false positives. Not to say that it should be completely ignored though. It should be looked into for sure. Although it might not seem as easy as it looks. It's been quite a  while since I last used assembly but I've already reverse engineered some sections of the aimbot and ran it through a debugger. There were some "protections" put in place by the creator that disabled the aimbot the moment a debugger was attached to the process. It didn't took me long to bypass these "protections" and a more experienced assembly user could probably have done it even faster. Unfortunately my free time is getting even shorter as of late, so I haven't looked into it anymore yet. But what I mean by not being as easy as it looks is that the aimlock doesn't exactly lock into the player the moment their nametag is on the screen. The mouse/crosshair needs to be relatively close to the enemy players' nametag for it to lock into the player. This was obviously made this way to be harder for others to notice and to be harder for scripts that track sudden mouse movements to detect aswell. But the hard part here might not be detecting suspicious mouse movements, but instead keeping the amount of false positives to a minimum. Because detecting it becomes useless if the amount of false positives becomes so high that you can't differentiate the clean players from the hackers.
You know, combining my idea with what Vito said I believe it would make a strong case against it.
If this script is to be made it should be looking for patterns (especially the case with the lead aim variant) because like I said, no machine is capable of replicating a human's way of moving/aiming a mouse and vice versa.
The key is still to completely reverse engineer the aimlock and uncover how exactly it works and moves the cursor. Once you've done this you can most likely find a if not more patterns in relation to its movement and easily isolate and ban the users of it. This in combination with maybe opponent's position and hit registration might make it even stronger.
Resources should not be a problem if servers are not experiencing performance issues because of it (pakis with PCs that are not capable of playing this game at 20 FPS should not be playing the game to begin with) and I believe the impact is small to nonexistent.
I'm more than happy and willing to test this with you and I believe I have the resources to replicate any player's movement from very low sensitivity up to very high standards like mine with 16000 DPI.