Call of Duty: Modern Warfare 2 (2009) - Multiplayer

Call of Duty: Modern Warfare 2 (2009) - Multiplayer

Martinus Oct 19, 2020 @ 1:09am
-
-
Last edited by Martinus; Jan 1, 2024 @ 3:01pm
Originally posted by I Learned Comp Sci on a TRS-80:
If you got a VAC in mw2mp you must have tried hard as I'm fairly certain that they disabled a lot of the cheat detections.

ie you must have used a really well know and hashed cheat, EAM, or something like Cheat Engine.

This only an educated guess, but blocking the steamauth packet (you know the first one used for a buffer overflow RCE) both as a client and a server doesn't kick you out of game, nor give you a vac ban. That and I'm pretty sure valve knows about the buffer overflow and the legacy code's exploits.

While I still believe the RCE without privelege escalation can't do anything to anything but the mw2 folder (because of UAC and File/Reg Virtualization) it still can interact with the memory space of iw4mp.exe on people that haven't implemeted the proper mitigations, have disabled UAC, don't have the latest windows , have gamed on an admin account, or any combination there of.

I have had someone reset my pc, but any unauthorized user can do this by hitting the power button. I have only heard about people having chrome open up and tabs open up, but again this is just utilization of the directInput API which the game uses for keyboard and mouse input. I have also heard about people having their game deleted, and this confirms the effect of UAC, as Im sure whoever deleted the game would have just deleted everything if they could.

FWIW, the game probably doesn't have VAC implemented due to there being an ability for false positives, and it won't be long until IWNet goes the way of the dinosaur, maybe when IWNet dies I will serve a replacement.
I've also thought about writing an external validator of all the packets that have buffer overflows (I have already written one for myself), and releasing it, but honestly it's just not worth my time...

Anyhow I don't honestly believe you were banned for mw2, unless it was EAM, a well known injector or something like Cheat Engine...

What did you use to get banned?
< >
Showing 1-7 of 7 comments
Pseudo Oct 19, 2020 @ 3:30am 
IW4 X might suffice
Muted WYP Oct 19, 2020 @ 4:54pm 
VAC doesn't work that fast.
doesn't matter how many games you buy, cheat in one and get VAC.

https://support.steampowered.com/kb_article.php?ref=7849-RADZ-6869&l=
Originally posted by Trilby:
IW4 X might suffice

No, no it does not. Just another cheat program to bypass Steam...tsk tsk
I am sorry to tell you but you definitely cheated. Either you used a rank hack, FOV hack, ESP, aimbot, FPS unlocker, anything. Look I've cheated for years and VAC is a GOOD anti-cheat for the simple fact that they don't ban you right away. I promise you, you definetly cheated no matter how much you don't want to believe it.
Ak47Bullet Nov 5, 2020 @ 3:49pm 
so,loosers who got vac banned moving το i.w.4.x.greeeat
Last edited by Ak47Bullet; Nov 5, 2020 @ 3:49pm
The author of this thread has indicated that this post answers the original topic.
If you got a VAC in mw2mp you must have tried hard as I'm fairly certain that they disabled a lot of the cheat detections.

ie you must have used a really well know and hashed cheat, EAM, or something like Cheat Engine.

This only an educated guess, but blocking the steamauth packet (you know the first one used for a buffer overflow RCE) both as a client and a server doesn't kick you out of game, nor give you a vac ban. That and I'm pretty sure valve knows about the buffer overflow and the legacy code's exploits.

While I still believe the RCE without privelege escalation can't do anything to anything but the mw2 folder (because of UAC and File/Reg Virtualization) it still can interact with the memory space of iw4mp.exe on people that haven't implemeted the proper mitigations, have disabled UAC, don't have the latest windows , have gamed on an admin account, or any combination there of.

I have had someone reset my pc, but any unauthorized user can do this by hitting the power button. I have only heard about people having chrome open up and tabs open up, but again this is just utilization of the directInput API which the game uses for keyboard and mouse input. I have also heard about people having their game deleted, and this confirms the effect of UAC, as Im sure whoever deleted the game would have just deleted everything if they could.

FWIW, the game probably doesn't have VAC implemented due to there being an ability for false positives, and it won't be long until IWNet goes the way of the dinosaur, maybe when IWNet dies I will serve a replacement.
I've also thought about writing an external validator of all the packets that have buffer overflows (I have already written one for myself), and releasing it, but honestly it's just not worth my time...

Anyhow I don't honestly believe you were banned for mw2, unless it was EAM, a well known injector or something like Cheat Engine...

What did you use to get banned?
76561198187595159 Nov 6, 2020 @ 11:30am 
Originally posted by I Learned Comp Sci on a TRS-80:
If you got a VAC in mw2mp you must have tried hard as I'm fairly certain that they disabled a lot of the cheat detections.

ie you must have used a really well know and hashed cheat, EAM, or something like Cheat Engine.

This only an educated guess, but blocking the steamauth packet (you know the first one used for a buffer overflow RCE) both as a client and a server doesn't kick you out of game, nor give you a vac ban. That and I'm pretty sure valve knows about the buffer overflow and the legacy code's exploits.

While I still believe the RCE without privelege escalation can't do anything to anything but the mw2 folder (because of UAC and File/Reg Virtualization) it still can interact with the memory space of iw4mp.exe on people that haven't implemeted the proper mitigations, have disabled UAC, don't have the latest windows , have gamed on an admin account, or any combination there of.

I have had someone reset my pc, but any unauthorized user can do this by hitting the power button. I have only heard about people having chrome open up and tabs open up, but again this is just utilization of the directInput API which the game uses for keyboard and mouse input. I have also heard about people having their game deleted, and this confirms the effect of UAC, as Im sure whoever deleted the game would have just deleted everything if they could.

FWIW, the game probably doesn't have VAC implemented due to there being an ability for false positives, and it won't be long until IWNet goes the way of the dinosaur, maybe when IWNet dies I will serve a replacement.
I've also thought about writing an external validator of all the packets that have buffer overflows (I have already written one for myself), and releasing it, but honestly it's just not worth my time...

Anyhow I don't honestly believe you were banned for mw2, unless it was EAM, a well known injector or something like Cheat Engine...

What did you use to get banned?

Well it may not be possible to let's say remotely execute a file but who knows at this point.
< >
Showing 1-7 of 7 comments
Per page: 1530 50

Date Posted: Oct 19, 2020 @ 1:09am
Posts: 7