Osiris: [Question] Is Osiris all in all already have inbuilt protection from pattern scanning by VAC?

No not needed and never will be implemented. There are better ways to prevent VAC from working. Check the other Repos.

Technically you won't need too. You can still use VMProtect if you want too. Check here for more details: https://github.com/BohanRen/Osiris/blob/master/Osiris/AntiDetection.cpp

There was another issue oppend about the detect-ability of the cheat and some prevention methods. https://github.com/danielkrupinski/Osiris/issues/681#issuecomment-543710279

Credit: @BohanRen

hmm @VuBrian22 it is possible to remove PE Header at injection time, where the injector already opened the DLL you can remove the header upfront. But this doesn't protect from signature scans which VAC always aim to! Hooks aren't detected that often, but sometimes it happens if a cheat gets too popular. If you avoid signature detection by changing the cheat is the most helpful thing here. Nothing else protects you better.

Never use VMProtect if you do so, the Executable code is modified with a huge VMProtect signature which is detectable by VAC easily. Search what VMProtect is used for and you will see that there is no much things thatg prevent VAC here.

That's correct. @0xE232FE ,however signatures of the cheat i don't think are rlly a big problem. The signatures of a potentially detected injector are a big problem. Reference: https://github.com/danielkrupinski/Osiris/issues/681#issuecomment-544263343

I've personally used VMProtect for a while now and I haven't been banned for that in a time-span of about 8 months. My bans that are related to VAC all had something to do with my injector. Otherwise all other bans are Overwatch Convictions.

@anonymouschicken111 I've already done that since 6 months ago after I learned that most VAC Bans are due to the injectors, therefore I've just used an open-source injector and modified it. I have not had a VAC ban since.

@VuBrian22 Can you recommend me any open source injector? I used the CSGO injector made by T-800 on MPGH, I'm kinda afraid to use Extreme Injector since its a popular injector to use.

i don't know why this discussions come up every time. osiris is a really good base, it's fantastic. thanks @danielkrupinski ... every source that is available public will get detectet sooner or later. Don't compile and inject without modifying the whole sourcecode. Second big part is, don't use public injectors like Extreme Injector. Make your own, if you can't ... DarthTon Xenos Injector is a really good base. Same thing here, modify whole sourcecode befor you even think about injecting something.

Finally: Watch the code and how this injectors work. It took me a long time to understand what they do.

A simple loadlibrary injection is done fast. There are many examples out there. I personally prefer manual mapping. Cause i think it is cleaner. What i do:

Get Base Adresses / Handles of csgo.exe, check if following dll's are loaded: client_panorama.dll, engine.dll, After that inject, otherwise csgo maybe crashs. A sleep or timeout is not a good choice.

After that, stream your dll directly to memory. Map dll from memory. Erase PE-Header. Done.

I do this since 2015 without any detections. My skills are not really good, im no developer, just trying to understand what the professionall devs do ;)

EDIT: forgot to say something about VMprotect or Enigma...I think: the main target of those is to make it more difficult to reverse your code. I think big cheat providers have to deal with that in case if someone is trying to reverse their work (known as cracking in cheater forums ;)). If you use Osiris only for your own needs, just do a simple string encryption, something like XoR.

I'm keen on learning, can you please give me some information or souce how
to modiy the source code, or modify an existing injector?

On Wed, Oct 30, 2019, 10:27 PM steel4me notifications@github.com wrote:

i don't know why this discussions come up every time. osiris is a really
good base, it's fantastic. thanks @danielkrupinski
https://github.com/danielkrupinski ... every source that is available
public will get detectet sooner or later. Don't compile and inject
without modifying the whole sourcecode. Second big part is, don't use
public injectors like Extreme Injector. Make your own, if you can't ...
DarthTon Xenos Injector is a really good base. Same thing here, modify
whole sourcecode befor you even think about inject something.

Finally: Watch the code and how this injectors work. It took me a long
time to understand what they do.

A simple loadlibrary injection is done fast. There are many examples out
there. I personally prefer manual mapping. Cause i think it is cleaner.
What i do:

Get Base Adresses / Handles of csgo.exe, check if following dll's are
loaded: client_panorama.dll, engine.dll, After that inject, otherwise csgo
maybe crashs. A sleep or timeout is not a good choice.

After that, stream your dll directly to memory. Map dll from memory. Erase
PE-Header. Done.

I do this since 2015 without any detections. My skills are not really
good, im no developer, just trying to understand what the professionall
devs do ;)

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
https://github.com/danielkrupinski/Osiris/issues/678?email_source=notifications&email_token=AK7PVCH2676BUJUNGRKP2HDQRGKWFA5CNFSM4JCEC6SKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOECUMMFA#issuecomment-547931668,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AK7PVCFKJPXPR7WVGVYOL7DQRGKWFANCNFSM4JCEC6SA
.

I'm keen on learning, can you please give me some information or souce how to modiy the source code, or modify an existing injector?

That is your part now, you got so many informations. May the force be with you.

EDIT: What could we mean with modify? Changing things...Many things.... Every variable that is used, every file, every include, every loop, every statement, every function. Bring in your own ideas to the project with adding own code. This will finally change the sig. It is not done when you change only 100 lines of code ;)