RDTSC-KVM-Handler
pafish
RDTSC-KVM-Handler | pafish | |
---|---|---|
9 | 17 | |
196 | 3,087 | |
- | - | |
5.0 | 5.5 | |
9 months ago | over 2 years ago | |
C | C | |
- | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
RDTSC-KVM-Handler
- Handle RDTSC
- RDTSC kernel
-
Bungie couldn’t vault anymore content so now the Linux/Steam Deck community is getting vaulted
You really ought to look into "VM hardening". Granted, it is not as simple as a one-button click thing, but bypassing VM detection is quite well established nowadays. Here's one link to get you started: https://github.com/WCharacter/RDTSC-KVM-Handler
-
Call of Duty Adds Kernel Level Driver for Anti-Cheat
I don't see any practical way they can detect qemu that can't be patched.
Here's one patch that supposedly works with battleeye: https://github.com/WCharacter/RDTSC-KVM-Handler
The current situation is that they could probably use server-side heuristics to detect players behaving oddly, review the case, and ban according.
But also I wouldn't be surprised if there were already bots using machine learning to autoaim based on video signal out of the PC with aiming done as a "real" HID mouse.
If we can train a car to drive, we can certainly train a computer to find and click faces in cod.
-
stuck on "creating domain"
I applied this patch. I don't know with which games does it help. I wanted to check if it works with Valorant but i can confirm that it doesn't. I think it was made to help with games like Rainbow six. https://github.com/WCharacter/RDTSC-KVM-Handler
-
Manjaro custom kernel won't work
And I tried this vmx.c & svm.c from that github : RDTSC-KVM-Handler
-
Preventing RDTSC Exits?
I've used patches previously to bypass this check: WCharacter/RDTSC-KVM-Handler, however now Windows sees my CPU clock as 200Mhz. That isn't too bad, as it doesn't affect performance anyway.
-
The Current State of Anti Cheat Software and VMs?
patch kernel using this: https://github.com/WCharacter/RDTSC-KVM-Handler
-
I wrote a version of the KVM hiding kernel patch for Intel CPUs that offsets the TSC by the exit time
I recommend that you swap your kernel patch to my version, assuming the one you used was this. Mine will report more realistic values than that one.
pafish
-
Is there still a way to counter virtual machine detection by popular anti cheat?
Pafish is what you asking for, but as u/ForceBlade wrote, you cannot win this game.
-
How to play rainbow 6 siege?
You can do it however that requires extensive Research. There are Things such as https://github.com/a0rtega/pafish That Help you get the First detection vectors sorted. However hate to say it but youll be better off actually coding a "Cheat" that Patches the vm Checks the Game does in Order to Play.
-
Makes perfect sense
Yes. For example: https://github.com/a0rtega/pafish
-
I came again to bother you guys
You can check what thing are detected by using -> https://github.com/a0rtega/pafish Normally VM Exit and Virtual Input devices are detected. But it still works for 99% of the games.
-
Error on BattlEye when getting into bus
I have been working on obfuscating my vm, the results are mixed... A good start is to use paranoid fish , tools gives you an idea how it detects vm's :)
-
VMware Shared Folders
So I suppose that it depends on the malware. Some malware doesn't want to take the chance of being reverse engineered, so when it's aware that it is in a virtual machine, it might shut down. pafish has functionality for working out whether-or-not it is running in a VMware instance.
-
VFIO current status with anti cheats?
Last time when I tried to run Valorant just BSoD the VM Everything else works (EAC, BE, Ricochet, etc...). You can test if your VM can be detected using this tool.
- Virtualization hypervisors what the heck...
-
Gaming VM under nested virtualization
Does soft as pafish https://github.com/a0rtega/pafish will detect RDTSC VM exit on wraped WinVM?
-
Does Windows think I'm running on VM? Not sure where to look.
You can use pafish to test vm detection methods. https://github.com/a0rtega/pafish
What are some alternatives?
cheat-engine - Cheat Engine. A development environment focused on modding
VmwareHardenedLoader - Vmware Hardened VM detection mitigation loader (anti anti-vm)
kernel-rdtsc-patch
opencanary - Modular and decentralised honeypot
patch-rdtsc
VMDE - Source from VMDE paper, adapted to 2015
Reverse-Engineering-Tutorial - A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
cuckoo-modified - Modified edition of cuckoo
kiteshield - Packer/Protector for x86-64 ELF binaries on Linux
RATwurst - Windows-only Remote Access Tool (RAT) with anti-debugging and anti-sandbox checks. For educational purposes only.
qemu-git-patched-pkgbuild - qemu-git PKGBUILD from AUR patched for anti-vm detection
al-khaser - Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.