To try everything Brilliant has to offer-free-for a full 30 days, visit brilliant.org/cazz/. The first 200 of you will get 20% off Brilliant’s annual premium subscription.
Timeline: 43:30 Programming The Windows Driver Model by Walter Oney and Windows Kernel Programming by Pavel Yosifovich warned against touching the IRP after calling IoCompleteRequest(). Did you take that into consideration? I noticed that you touched the IRP after calling IoCompleteRequest() by following with return irp->IoStatus.Status. They pointed out that it could lead to system crash.
@@buddybrax Are you serious? Its literally a step-by-step how to access any process memory from a self written kernel driver. But sure, thats not useful to anyone.
@@timnonik2736 Yes, I am very serious. This is the most common, easiest, most plastered source/PoC of 'bypassing' an anti-virus / anti-cheat in the world. If you don't actually understand how it works, you will achieve and learn nothing. And saying it's "self-written" is a fucking joke. Typing it out on your own doesn't make it self-written. That's like saying "Well I hook something else than he does, so it's unique!"
I was going to propose to Cazz if he could make slightly longer videos and this man just drops over an hour of content😂 Dude’s already absolutely going off the rails in all the good ways. Definitely gonna watch this whole! ❤ my guy
Why haven't I seen this channel earlier? There is a lot of stuff that I can learn about windows and game cheats. Now I need to watch every single video to know everything. Thanks for your work.
Thanks Cazz! I learned so much from you in the past few weeks. Humanity can be proud to have you. Keep going. You are my main source when it comes to c++ and game hacking in general!
After "bcdedit /debug on" and rebooting, things can start going crazy. Slow boot, freezes time-to-time. As far as I have read - this is UEFI/BIOS nuances. bcdedit can be slower on UEFI systems due to synchronization between NVRAM (which holds UEFI boot variables) and the BCD (Boot Configuration Data) stored in the registry. If anybody faces this - do not freak out. Just disable kernel debugging. Things should go back to normal 💪
brooo i wish i read this before i reset my pc lol i didnt actually know what caused it and i thought that this _surely_ wouldnt of messed up my pc out of all the things i did but i guess i was wrong. is there any way to fix this?
@@Hostlyy same 😅 Reset my pc, then made the investigation. Haven’t found the solution, but next time i knew the issue, so waited all the freezes, debugged the driver and disabled debug mode. Not the best way to deal with the things, still i made my way.
@@hooliganez no yeah tbf my pc needed that reset since i havent reset since i got it now everything runs smoother even on debug mode for most normal operations except from games with kernel ac i think
I'd recommend using physical memory for communication. Create a r/w struct in your application and have the driver grab/fill data through physical memory reads and writes.
If you want to use this without KDMapper (I have AMD chip, so i use disable DSE instead): just write everything in DriverEntry function and delete IoCreateDriver implementation. To load just use (cmd -admin): sc create your_service_name type= kernel binPath= c:\yourDriver\yourDriver.sys then disable DSE sc start your_service_name
MS devs back in the day didn't call the blue screen "blue screen of death". They call it simply blue screen or a BugCheck. BugCheck(or KeBugCheck) is a function down in the NT API that allows to raise the blue screen in the event that something down in the kernel. I'm here mostly for malware development, because the knowledge between cheat development and malware development is interchangeable. Like creating drivers and making malware that is invisible to the antiviurs or an IDS program. Or bypasssing anticheats, that are behaving like antiviruses themselves. The more you live, the more you learn.
Damn lol, just discovered your channel start of this month when coding for my DMA cs2 cheat, you videos helped with some additional knowledge. pretty convenient how you start uploading now again😂 Welcome back
@@Bukharian-gw8mv the harm is me getting baned 😂, or geting a virus by downloading the tools 🙄, or corruping my os onto oblivion given that the tutorial is a kernel cheat 😫
@@akakamaz7382getting banned is so easily avoidable. You’re definitely not gonna get a virus, and the incredible part about a VM is you won’t fuck your pc.
This video is awesome and I learned a lot. Thank you very much cazz! It would be great if you could make more videos about drivers. e.g. minifilters, anti-delete for our cheat solutions or kernel mode bypasses.
Thank you for making videos man, and not only just making them but putting in so much effort. I just wish I had this level of motivation towards something lol
Could you do a video on either MmMapIo Managing / Usage or creating a loader/mapper tool for the drivers like say using a DSE Bypass to load a driver over NtLoad and then using that driver to map the other driver into kernel space with a pre-defined object and then calling the OEP and starting a thread out of the mapping driver to bypass Ps Module Lists in the NTOSKRNL Structs? I've been studying this and a lot of other people do too so it would be cool.
And maybe using other driver communication methods like encrypted post-server kSockets or HW Paging BP with register spoofing to interpret calls in the kernel using a custom dispatch in the PE of the usermode program? Maybe even try teaching people more about NTOSKRNL, EPROCESS, Ps, PEB/TEB, Etc?
You should do a part 2 continue building on this driver. Swap out IOCTL for UM-KM shared memory, pointer/function hooking, callbacks. Maybe impersonate a PatchGuard thread? ;)
34:57, that's NOT what a pid (process id) is, that is a handle to a potentially zombified process. A pid is a DWORD and it is possible for it to change which process it references if the referenced process closes between getting that pid and using it to try and open said process. For the sake of others reading this, it is however correct to use the HANDLE since there's only one process it can refer to while the handle is open, unlike the pid which is only useful when you've yet to open a process handle. Once the handle is open you're supposed to verify the handle is to the process you intended (excluding situations where the user is directly involved like Cheat Engine) just in case the process you intended closed and new one took over the pid you had found.
Thank you for the clarification! EDIT: After reading the MSDN documentation of the PsLookupProcessByProcessId, it clearly states that the parameter is a process Id, despite it being of type HANDLE. In usermode HANDLE is usually used as an opaque data structure, yes, but kernel functions seem to have a different take on HANDLE. The comment below is actually correct. devblogs.microsoft.com/oldnewthing/20080228-00/?p=23283#:~:text=Process%20and%20thread%20IDs%20are,are%20process%20and%20thread%20IDs.
@@__gs1337 OpenProcess, if you don't know what I'm referencing then that already speaks volumes of how little you know - which would be ironic given I'm a linux dev not a windows dev :)
@@zxuijii don't think you understand what handles are or how they work, your original comment makes no sense. also, why are you bringing up openprocess? this is kernelmode. "handle to a potentially zombified process" is really stupid as well, just creating an instance of an object that is of type HANDLE doesn't open a handle to anything, since HANDLE is just a typedef void* as they're are meant to be opaque
you forgot the part where I try running it in my host and it bluescreens and bootloops But honestly, great content! Though I'm not into C++, still love your videos ❤
Bro did u ever figure this out? Fucked my pc the first time, reset my entire pc and tried again and it’s fucked again so now I gotta reset it again😢 I just wanna learn dawg
@@sxmrrzjust learn about “driver hijacking” if your making a cheat. Unless you get your stuff signed by Microsoft it’s pointless. If not then I’d still look into hijacking
@@outcome2715 yeah fs. I got this all figured out months ago and made a solid cheat with it. Even if it’s not signed VAC is UM so this is overkill anyway
Thanks, I'm planning on writing a driver api wrapper in the future to minimise differences between linux and msw so this was helpful for that future plan. For now though I'll be focusing on a separate more important project for ending the need for compiling *.exe/*.elf/*.dll/*.so directly (in most cases, certain exceptions apply, underlying wrappers can still be used though)
to fix client + client_dll not found, please use the below code! const auto local_player_pawn = driver::read_memory(driver, client + cs2_dumper::offsets::client_dll::dwLocalPlayerPawn); I hope this helps!
Y'know, I first saw your channel after thinking a lot about those hacking problems in games. I'm making a game, thats my life mission - literally. Me, you, probably everyone is annoyed by modern gaming for the way it is, a lazy mess. I'm trying to make something that would be a HUGE KO slap on the face of everyone that ruined games with a capacity to be good: Car manufactures, Mojang, EA, Gameloft, Ubisoft, Sweet Baby Inc, and the list goes on. The problem is, if my main life dream gets taken by the wrong hands, I'll be dead inside. Most of the people want just to play by the rules and have fun. Hackers can ruin everything once they get in the game. I know its fun to have some advantage and get new gameplay ideas by cheating, but what about the lay people that just want to have fun and forget the rest of the world? This is what is making so much good games a frustating experience (Blur died because of that, and now CarX is dying too). There are people with bad intetions, that only wanna mess with the players and make their game worse than hell (even in single player)! So, I'm very worried about that. I dont blame ALL the hackers for it, even because some of them can have great ideas for a gameplay inovation, or something like that, and it would help a lot. I dont know if its the best solution, But I'm planning to make a TAS version of my game just to cheaters have fun and their own mess. If you could answer this question of mine, it would be heavily appreciated.
Thank you for your video! It was pretty clear, however, could you please tell me, how did you find the IoCreateDriver and the other if it isn't documented? How can I find the other functions which are not documented? Thank you!
Hey man! Tysm for the video, truly appreciate it. Just wanted to ask how to go about a driver that works for AC’s that run on KM and not UM, for example EAC. Asking because I want to code a driver for Apex
If anyone has "No certificates were found that met all the given criteria SIGNTASK" then: Go to properties of Kernel Project -> Driver Signing -> General and set Sign Mode to "Off"
great stuff!! 🥰 One anticheat i am trying to brake hopefully with this guid is using TLS callback as way to know if user is doing sketchy stuff. Would this method bypass the check? Is there another way i could bypass the TLS callbacks?
!!!!!! IMPORTANT If you making driver for Tarkov, be carefully with "bcdedit /debug on" and dont forget write "bcdedit /debug off" after debugging on VM, because you can catch game freezes completely
Thanks this is very informative video but can you make a video for vanguard bypass for Leauge of Legends? or just how to disassemble the vanguard. sys and find how to bypass
I've never tried to code a driver before, this video made me give it a try and no matter what i do, i have followed the video and everything you said, i can read memory fine but if i go to write memory anywhere i get a STATUS_PARTIAL_COPY, the header of this status code mentions protection conflicts related to this, even if the memory i am trying to write to is not even in read only i tried changing protection using ZwProtectVirtualMemory but also fails with 0xC0000008 error, what is going on here?
Amazing content!! As a side note, i was wondering: I got a firewire soundcard that has no drivers for the latest Windows.. Considering we know what is the FireWire chip you think we could code one ourselves? Is there such a thing as reverse engineering a driver already made and then updating it?
It would be great to create a library in C# like memory.dll using kernel drivers with simple methods like readfloat readstring and so on but I see that people collaborate little sometimes
great video brother , made it to the end now im getting this error i dont know how to fix it identifier "PRTL_CRITICAL_SECTION" is undefined oPainx Driver1 & identifier "PRTL_CRITICAL_SECTION" is undefined
Your Discord is toxic. I went there to ask a simple question about source code that you said to reference in another video, and all I got in return was trash talk. I saw someone else ask a question who was met with the same type of responses. I know you can't control what all of your members say, but you have a mod (Egg@Doll) who was probably the worst one. You might want to disassociate yourself from someone like that.
Because half of the people in there are retards. And you probably asked a retarded question. They are there to help and TEACH. Not to help you with your shitty GitHub paste. Have some common sense. And do your research. Half of the questions can be answered with one google search bye people be to dumb
Anyone know why tf when I do this it absolutely destroys my pc. From the first time I open it and restart my pc I get boot loops, constant freezing of everything even my mouse etc. had to reset my entire pc once and I thought it was something else but sure enough after trying it again my pc is fucked again
i literally did the same thing, although i didnt reset my whole pc, just turned on secure boot and it will boot finally. i thought i was the only one w the issue. If u ever get it working reply to me with how.
@@vrxg yeah I figured it out. I you have to manually turn off Microsoft blocking vulnerable drivers even if there isn’t an option in settings. Look up “how to turn off Microsoft blocking vulnerable drivers greyed out” all you do is go to a specific location in registry editor and set the enable value to zero. And make sure fast boot is off too(look it up if u don’t know how) that way the driver is completely clean when ur pc turns back on. Works great now👍🏼
To try everything Brilliant has to offer-free-for a full 30 days, visit brilliant.org/cazz/. The first 200 of you will get 20% off Brilliant’s annual premium subscription.
W sponsorship
get_module_base is not working
Timeline: 43:30 Programming The Windows Driver Model by Walter Oney and Windows Kernel Programming by Pavel Yosifovich warned against touching the IRP after calling IoCompleteRequest(). Did you take that into consideration?
I noticed that you touched the IRP after calling IoCompleteRequest() by following with return irp->IoStatus.Status.
They pointed out that it could lead to system crash.
Finding resources this good is extremely difficult, thanks for releasing this content for free legend
it's not you people just can't read
its legit not your just a paster sadly
@@dkkogmaw1311on god. He thinks he’s learning something from the video. These people have lost their mind
@@buddybrax Are you serious? Its literally a step-by-step how to access any process memory from a self written kernel driver. But sure, thats not useful to anyone.
@@timnonik2736 Yes, I am very serious.
This is the most common, easiest, most plastered source/PoC of 'bypassing' an anti-virus / anti-cheat in the world.
If you don't actually understand how it works, you will achieve and learn nothing.
And saying it's "self-written" is a fucking joke. Typing it out on your own doesn't make it self-written. That's like saying "Well I hook something else than he does, so it's unique!"
"Look I can even do it backwards." Absolute monster XD
yes.
I was going to propose to Cazz if he could make slightly longer videos and this man just drops over an hour of content😂
Dude’s already absolutely going off the rails in all the good ways.
Definitely gonna watch this whole!
❤ my guy
Why haven't I seen this channel earlier? There is a lot of stuff that I can learn about windows and game cheats. Now I need to watch every single video to know everything. Thanks for your work.
I have no intention to make a kernel cheat, I don't even use windows, and yet here I am anyway
“I don’t even use windows” is based, glad you’re here bru
same, arch user here
oml what are you using then
@@execute214 btw...
@iaros.hbro i stg. I tried to install some standard libraries or something one time and gave up and haven’t tried to develop on windows since
Just the first 30 minutes of the setup is gold -- very well explained, thank you. 🙏
Thanks Cazz! I learned so much from you in the past few weeks. Humanity can be proud to have you. Keep going. You are my main source when it comes to c++ and game hacking in general!
After "bcdedit /debug on" and rebooting, things can start going crazy.
Slow boot, freezes time-to-time. As far as I have read - this is UEFI/BIOS nuances. bcdedit can be slower on UEFI systems due to synchronization between NVRAM (which holds UEFI boot variables) and the BCD (Boot Configuration Data) stored in the registry.
If anybody faces this - do not freak out. Just disable kernel debugging. Things should go back to normal 💪
brooo i wish i read this before i reset my pc lol i didnt actually know what caused it and i thought that this _surely_ wouldnt of messed up my pc out of all the things i did but i guess i was wrong. is there any way to fix this?
@@Hostlyy same 😅 Reset my pc, then made the investigation. Haven’t found the solution, but next time i knew the issue, so waited all the freezes, debugged the driver and disabled debug mode. Not the best way to deal with the things, still i made my way.
@@hooliganez no yeah tbf my pc needed that reset since i havent reset since i got it now everything runs smoother even on debug mode for most normal operations except from games with kernel ac i think
@@hooliganez also ur lithuanian right laba diena seni
Thank you so much Cazz for sharing all your knowledge with us man 🔥
I'd recommend using physical memory for communication. Create a r/w struct in your application and have the driver grab/fill data through physical memory reads and writes.
Could you elaborate on why?
THE RETURN OF THE KING
Welcome back Cazz 👑
Crowdstrike should watch this
It's such a whelsome feeleing trying to learn something while U understand only 10% of what's going on there))
If you want to use this without KDMapper (I have AMD chip, so i use disable DSE instead): just write everything in DriverEntry function and delete IoCreateDriver implementation.
To load just use (cmd -admin): sc create your_service_name type= kernel binPath= c:\yourDriver\yourDriver.sys
then disable DSE
sc start your_service_name
MS devs back in the day didn't call the blue screen "blue screen of death". They call it simply blue screen or a BugCheck. BugCheck(or KeBugCheck) is a function down in the NT API that allows to raise the blue screen in the event that something down in the kernel.
I'm here mostly for malware development, because the knowledge between cheat development and malware development is interchangeable. Like creating drivers and making malware that is invisible to the antiviurs or an IDS program. Or bypasssing anticheats, that are behaving like antiviruses themselves. The more you live, the more you learn.
Damn lol, just discovered your channel start of this month when coding for my DMA cs2 cheat, you videos helped with some additional knowledge. pretty convenient how you start uploading now again😂 Welcome back
hi tkcz
Wtf real tkcz?!?
which dma device are u using for cs2? also why do you use dma when u can simply use a kernel driver like shown in the video?
@@mariobabic9326 Maybe Faceit?
@@mariobabic9326 dma for faceit cheating
I use Linux exclusively on literally all my devices but boy do I enjoy this kind of content, pop corn ready
Bro this is like a course omg thank you for this knowledge u are the best!
could you do a part 2 on this for injecting a DLL into a process from the kernel driver?
If anyone has perfomance issues on windows (booting and while using it) after this. Disabling bcdedit with bcdedit /debug off did the job for me
Thank you.. I was going insane wondering what I fucked up
Great Video as always. Where did you learn stuff like that anyway?
"I really hope this doesn't ruin cs2" UD cheats are like 5 bucks a month already lol. Great video, as always. Really appreciate your hard work.
if you want to sell a cs2 cheat, just paste aimstar's src and change its menu
im too incompetent to make a cheat, nor do i want to make one, but youtube continues to recomend me this channel
whats the harm in trying, go for it.
@@Bukharian-gw8mv the harm is me getting baned 😂, or geting a virus by downloading the tools 🙄, or corruping my os onto oblivion given that the tutorial is a kernel cheat 😫
@@akakamaz7382 😂 lmao and for that reason alone in trying it on my spare laptop.
@@akakamaz7382getting banned is so easily avoidable. You’re definitely not gonna get a virus, and the incredible part about a VM is you won’t fuck your pc.
DUDE NO WAY I WAS SEARCHING YESTERDAY FOR A TUT AND CAZZ SAVED THE DAY TODAY!!!!!!
This video is awesome and I learned a lot. Thank you very much cazz! It would be great if you could make more videos about drivers. e.g. minifilters, anti-delete for our cheat solutions or kernel mode bypasses.
first time in my entire life leaving a comment when a video posted recently
Thank you for sharing these valuable resources! Much appreciated ❤
It's incredible. Thanks for your work. Your videos are always interesting but this one is the best. I'm waiting for more 👏
Thank you for making videos man, and not only just making them but putting in so much effort. I just wish I had this level of motivation towards something lol
Could you do a video on either MmMapIo Managing / Usage or creating a loader/mapper tool for the drivers like say using a DSE Bypass to load a driver over NtLoad and then using that driver to map the other driver into kernel space with a pre-defined object and then calling the OEP and starting a thread out of the mapping driver to bypass Ps Module Lists in the NTOSKRNL Structs? I've been studying this and a lot of other people do too so it would be cool.
And maybe using other driver communication methods like encrypted post-server kSockets or HW Paging BP with register spoofing to interpret calls in the kernel using a custom dispatch in the PE of the usermode program? Maybe even try teaching people more about NTOSKRNL, EPROCESS, Ps, PEB/TEB, Etc?
How did you learn this stuff? Maybe you should make a vid
You should do a part 2 continue building on this driver. Swap out IOCTL for UM-KM shared memory, pointer/function hooking, callbacks. Maybe impersonate a PatchGuard thread? ;)
Amazing video! Thanks for this detailed tutorial!
p2c in shambles after this comes out, good job Cazz !!!
legend is spoon feeding us, watch it whole dont skip u dont wanna miss anything important
I've been waiting for this for so long, very anticipated, can't wait to start. Thanks cazz!
I was waiting for this!!! ❤❤
I figured you were South African but when I heard the "yoh if I could spell" I knew
I’m getting an errors- violated CI chase policy and Failed to create driver kernel. Why. Code was built successfully
Hello coded it up yesterday works like a charm I love it. Thanks so much! but I gotta rather picky question just simply why the bool in_air reversed?
Gratitude be upon thee for bestowing thy wisdom without demand of coin
demandeth**
Bro please make a video that how to make Bypass for those games that need Emulator like PUBG.
love you bro from Afghanistan!
im working on one but pubg steam
34:57, that's NOT what a pid (process id) is, that is a handle to a potentially zombified process. A pid is a DWORD and it is possible for it to change which process it references if the referenced process closes between getting that pid and using it to try and open said process. For the sake of others reading this, it is however correct to use the HANDLE since there's only one process it can refer to while the handle is open, unlike the pid which is only useful when you've yet to open a process handle. Once the handle is open you're supposed to verify the handle is to the process you intended (excluding situations where the user is directly involved like Cheat Engine) just in case the process you intended closed and new one took over the pid you had found.
Thank you for the clarification!
EDIT: After reading the MSDN documentation of the PsLookupProcessByProcessId, it clearly states that the parameter is a process Id, despite it being of type HANDLE.
In usermode HANDLE is usually used as an opaque data structure, yes, but kernel functions seem to have a different take on HANDLE.
The comment below is actually correct.
devblogs.microsoft.com/oldnewthing/20080228-00/?p=23283#:~:text=Process%20and%20thread%20IDs%20are,are%20process%20and%20thread%20IDs.
wrong, it's the process ID. they're stored as HANDLE values in kernel mode because pids are always multiples of 4 as handles are
@@__gs1337 OpenProcess()
@@__gs1337 OpenProcess, if you don't know what I'm referencing then that already speaks volumes of how little you know - which would be ironic given I'm a linux dev not a windows dev :)
@@zxuijii don't think you understand what handles are or how they work, your original comment makes no sense. also, why are you bringing up openprocess? this is kernelmode. "handle to a potentially zombified process" is really stupid as well, just creating an instance of an object that is of type HANDLE doesn't open a handle to anything, since HANDLE is just a typedef void* as they're are meant to be opaque
After following this now i cant open any game that has eac or my pc crashes so thats nice i guess
i never knew csgo cheating was this wholesome
you forgot the part where I try running it in my host and it bluescreens and bootloops
But honestly, great content! Though I'm not into C++, still love your videos ❤
Bro did u ever figure this out? Fucked my pc the first time, reset my entire pc and tried again and it’s fucked again so now I gotta reset it again😢 I just wanna learn dawg
This is for what are vms
@@sxmrrzjust learn about “driver hijacking” if your making a cheat. Unless you get your stuff signed by Microsoft it’s pointless. If not then I’d still look into hijacking
@@outcome2715 yeah fs. I got this all figured out months ago and made a solid cheat with it. Even if it’s not signed VAC is UM so this is overkill anyway
Me: wow, really cool
NoOne: CS2 devs watching carefully
I’m getting a “No certificate were found that met all the criteria” error in km. How do I fix it
Go to sln setting and in singing off it (default: on test)
A tutorial for user mode driver (UMDF V2) would be greatly appreciated. This video is invaluable, nevertheless.
Thanks, I'm planning on writing a driver api wrapper in the future to minimise differences between linux and msw so this was helpful for that future plan. For now though I'll be focusing on a separate more important project for ending the need for compiling *.exe/*.elf/*.dll/*.so directly (in most cases, certain exceptions apply, underlying wrappers can still be used though)
LOL perfect timing, was just considering making one a few days ago.
Keep up the good work Cazz, you're always so down to earth. So it's always so chill to watch your vids🥇
Cazz gives me a tingly feeling with these videos
to fix client + client_dll not found, please use the below code!
const auto local_player_pawn = driver::read_memory(driver, client + cs2_dumper::offsets::client_dll::dwLocalPlayerPawn);
I hope this helps!
You don't believe how helpful your comment was to me. Thanks so much.
@@caffeine4687 hey, welcome buddy
wow i have been waiting for this! thank you!
Y'know, I first saw your channel after thinking a lot about those hacking problems in games. I'm making a game, thats my life mission - literally. Me, you, probably everyone is annoyed by modern gaming for the way it is, a lazy mess. I'm trying to make something that would be a HUGE KO slap on the face of everyone that ruined games with a capacity to be good: Car manufactures, Mojang, EA, Gameloft, Ubisoft, Sweet Baby Inc, and the list goes on. The problem is, if my main life dream gets taken by the wrong hands, I'll be dead inside. Most of the people want just to play by the rules and have fun. Hackers can ruin everything once they get in the game. I know its fun to have some advantage and get new gameplay ideas by cheating, but what about the lay people that just want to have fun and forget the rest of the world? This is what is making so much good games a frustating experience (Blur died because of that, and now CarX is dying too). There are people with bad intetions, that only wanna mess with the players and make their game worse than hell (even in single player)! So, I'm very worried about that. I dont blame ALL the hackers for it, even because some of them can have great ideas for a gameplay inovation, or something like that, and it would help a lot. I dont know if its the best solution, But I'm planning to make a TAS version of my game just to cheaters have fun and their own mess. If you could answer this question of mine, it would be heavily appreciated.
Thank you for your video! It was pretty clear, however, could you please tell me, how did you find the IoCreateDriver and the other if it isn't documented? How can I find the other functions which are not documented? Thank you!
Hey man! Tysm for the video, truly appreciate it.
Just wanted to ask how to go about a driver that works for AC’s that run on KM and not UM, for example EAC.
Asking because I want to code a driver for Apex
Thats a good tutorial actually.
Its very helpful.
Definetely Recommend this guy!
Make a video on how you learned assembly
If anyone has "No certificates were found that met all the given criteria SIGNTASK" then: Go to properties of Kernel Project -> Driver Signing -> General and set Sign Mode to "Off"
Broooooo Ur the fucking best. Thanks a lot
I was struggling so hard with this I ended up deleting my whole solution when I could have done this xD
thank you dudeee, helped
LOVE YOUR CHANNEL , Please please please keep it up.
Do you know any other articles/tutorials/resources that teach more advanced stuff about kernels?
GH
I liked your vid before started watching
great stuff!! 🥰
One anticheat i am trying to brake hopefully with this guid is using TLS callback as way to know if user is doing sketchy stuff.
Would this method bypass the check?
Is there another way i could bypass the TLS callbacks?
Your visual studio looks awesome how can i do it like this?
for real, i would love to know what extensions he's got
@@mobslicer1529bro he seriously told this in the video on vs installation
thanks for the upload
!!!!!! IMPORTANT
If you making driver for Tarkov, be carefully with "bcdedit /debug on" and dont forget write "bcdedit /debug off" after debugging on VM, because you can catch game freezes completely
Thank you cazz ❤🔥🔥
Thanks this is very informative video but can you make a video for vanguard bypass for Leauge of Legends? or just how to disassemble the vanguard. sys and find how to bypass
thank you just what I've been looking for i'm early:)
You are awesome, keep going and i hope you success
no wonder you’ve been quiet can only imagine how long this took
Like 1hr if you are bad at coding 😂
It definitely took some time to put together and a few revisions, thanks for the comment brother
This is the sickest thing ever
thank u so much brother this is exactly the video i needed
In offsets there is no dwForceJump now. So what to do?
are you find dwForceJump ?
@@ayras7932 yeah, now its in buttons
This is amazing, Thanks you for this video.
Amaizing tutorial! Thanks.
im unable to find FoceJump in the offsets have they changed?
are you find dwForceJump ?
How did I miss this channel ?
can i use kernal driver for any game
Great video, make more csgo tutorial
new to this all, will this work on win11?
I've never tried to code a driver before, this video made me give it a try and no matter what i do, i have followed the video and everything you said, i can read memory fine but if i go to write memory anywhere i get a STATUS_PARTIAL_COPY, the header of this status code mentions protection conflicts related to this, even if the memory i am trying to write to is not even in read only i tried changing protection using ZwProtectVirtualMemory but also fails with 0xC0000008 error, what is going on here?
wooow amazing, thanks for the video, the FIRST KERNEL DRIVER full tutorial in youtube 👀
No
No! 🤨already have full tutorial for KERNEL DRIVER from scratch! on youtube befor that one?@@smokinglife8980
Bro please explain how to get around kernel anti-cheats next video ;)
Amazing content!! As a side note, i was wondering: I got a firewire soundcard that has no drivers for the latest Windows.. Considering we know what is the FireWire chip you think we could code one ourselves?
Is there such a thing as reverse engineering a driver already made and then updating it?
Nice video would you do that same thing for a Normal Injector ?
yo bro can you make some videos on cheats for minecraft like bhop, velocity, aim bot, anti kb etc. that would be really cool
thanks for breaking my windows pc. I'm actually so mad rnnnn "APRIL FOOLS!" haha we get it
broke mine too. can only use my phone now. this is so dumb
It would be great to create a library in C# like memory.dll using kernel drivers with simple methods like readfloat readstring and so on but I see that people collaborate little sometimes
This is an absolute W
great video brother , made it to the end now im getting this error i dont know how to fix it identifier "PRTL_CRITICAL_SECTION" is undefined oPainx Driver1 &
identifier "PRTL_CRITICAL_SECTION" is undefined
u have to make big video about esp(internal) on cs2, it is gonna be interesting
Your Discord is toxic. I went there to ask a simple question about source code that you said to reference in another video, and all I got in return was trash talk. I saw someone else ask a question who was met with the same type of responses. I know you can't control what all of your members say, but you have a mod (Egg@Doll) who was probably the worst one. You might want to disassociate yourself from someone like that.
Because half of the people in there are retards. And you probably asked a retarded question. They are there to help and TEACH. Not to help you with your shitty GitHub paste. Have some common sense. And do your research. Half of the questions can be answered with one google search bye people be to dumb
womp womp lil bro 😭
@@user-mj8hu3rq8z lmao ur prob the guys hes refering too
@@egg-mv7ef little boy little Chinese boy little chubby Chinese boy that I dislike for being toxic
Jo man, can you make maybe a Ida pro video, how to find entity list + localplayer, vars ect… In x64 bit game?
thanks a lot for this.
Your visual studio project setup is very ungay , i like it 👍🏻
I appreciate it 😂💪
Anyone know why tf when I do this it absolutely destroys my pc. From the first time I open it and restart my pc I get boot loops, constant freezing of everything even my mouse etc. had to reset my entire pc once and I thought it was something else but sure enough after trying it again my pc is fucked again
it's because of bcdedit debug =)
i literally did the same thing, although i didnt reset my whole pc, just turned on secure boot and it will boot finally. i thought i was the only one w the issue. If u ever get it working reply to me with how.
@@vrxg I just realised that i have boot loops and freezing due-to powershell console, when i turn debug on
@@vrxg yeah I figured it out. I you have to manually turn off Microsoft blocking vulnerable drivers even if there isn’t an option in settings. Look up “how to turn off Microsoft blocking vulnerable drivers greyed out” all you do is go to a specific location in registry editor and set the enable value to zero. And make sure fast boot is off too(look it up if u don’t know how) that way the driver is completely clean when ur pc turns back on. Works great now👍🏼
CAZZZZ FINALLY LETS GOOO!!!