• Visit Rebornbuddy
  • Has the HB team considered Ring0 ?

    Discussion in 'Discussions (no Ban Reports here)' started by ballistic, May 14, 2015.

    1. ballistic

      ballistic Member

      Joined:
      Nov 19, 2014
      Messages:
      103
      Likes Received:
      0
      Trophy Points:
      16
      Just curious as i know this is one of the methods that alot of FPS hack makers are using to keep their shit undetectable by anticheats highly more advanced than blizzards warden system. Ring0 hooking? in the future?
       
    2. wh420

      wh420 New Member

      Joined:
      Oct 1, 2011
      Messages:
      71
      Likes Received:
      3
      Trophy Points:
      0
      No one is using ring 0 to hide their hacks...sorry learn what you're talking about. Ring0 rootkits are kernel level kits, and the amount of dev going into making these work with different motherboards just for some FPS hacks is way way too complicated. Anyone who watches malware can tell you that carberp botnet had a ring 0 kit and the code for the ring0 rootkit was selling for $40k....tell me you know of FPS hackers with a dev team able to dedicate this kind of time? I certainly don't. What you're referring to is a ring 3 rootkit(usermode) which doesn't exactly work nearly as well, and I'm not even sure warden couldn't spot it. Ring3 works, just easier to spot and disable. Nobody is using Ring0 though....that's just out of the majority of software engineers leagues(if it wasn't they'd be for sale EVERYWHERE). Ring0 resides in BIOS, meaning it has to understand what motherboard your system is running and have been made compatible with the BIOS for the system to correctly load itself into BIOS and run the system without messing anything up.
       
    3. Thecamel

      Thecamel Community Developer

      Joined:
      Aug 8, 2012
      Messages:
      2,036
      Likes Received:
      46
      Trophy Points:
      48
      its a 30 dollar life time bot...

      no one is going to put that about of effort into a 30 dollar bot.. ever.
       
    4. LowKey

      LowKey New Member

      Joined:
      Mar 9, 2012
      Messages:
      634
      Likes Received:
      4
      Trophy Points:
      0
      that blizzard claims to have just banned 100,000+ users of

      So, thirty dollars times one hundred thousand users...
       
    5. roifok

      roifok Member

      Joined:
      Sep 7, 2014
      Messages:
      126
      Likes Received:
      4
      Trophy Points:
      18
      Royal hack is using this no ? However its a 200€ private hack
       
    6. klepp0906

      klepp0906 Banned

      Joined:
      Apr 25, 2013
      Messages:
      1,352
      Likes Received:
      8
      Trophy Points:
      38
      Which is why it got pinched. The HB team did the minimum. They made millions yet couldn't be bothered to make an x64 client even. That alone would not only have offered a better performing product but would have made blizzwrds job that much harder.

      Edit: that's a bs cop out anyhow. The bot itselfs price is irrelevant. They make more on the store than on the bot. They take 40% of the profit of the sales lol.

      Irrelevant now I guess.
       
    7. klepp0906

      klepp0906 Banned

      Joined:
      Apr 25, 2013
      Messages:
      1,352
      Likes Received:
      8
      Trophy Points:
      38
      That's correct, and that's just the people they got and not counting past users and bans over the years. They've made obscene amounts of cash - he's just swinging.
       
    8. klepp0906

      klepp0906 Banned

      Joined:
      Apr 25, 2013
      Messages:
      1,352
      Likes Received:
      8
      Trophy Points:
      38
      And this ^
       
    9. laravel

      laravel New Member

      Joined:
      May 14, 2015
      Messages:
      1
      Likes Received:
      0
      Trophy Points:
      0
      you can't modify the kernel code without bypassing patchguard on windows x64
       
    10. ballistic

      ballistic Member

      Joined:
      Nov 19, 2014
      Messages:
      103
      Likes Received:
      0
      Trophy Points:
      16
      Sorry kid, I know for a 1000% fact that there are Ring0 hacks for CS:GO as i currently have a subscription for one from a VERY well respected coder who has only had 1 detection by VAC, EVER and that was before switching to his Ring0 method...(since switching to ring0 there have been ZERO detections) and Yes you need to bypass windows patchguard, when i boot my computer in order to use his hack in Ring0 mode I have to select the 2nd windows patched boot mode. It really isnt a 5 figure or 6 figure startup cost to this, just a qualified individual that uses his intelligence wisely to make himself a hefty profit off what people REALLY want..
       
    11. wh420

      wh420 New Member

      Joined:
      Oct 1, 2011
      Messages:
      71
      Likes Received:
      3
      Trophy Points:
      0
      Actually it is a 5 or 6 figure startup and I'm no kid buddy....been coding since basic thank you. Ring0 kits require much more effort than any actual single coder can do....do you realize how many brands of motherboards there are in this day? If you had a chance to look at an authentic ring0 code you would see the 500k lines of code that goes into it. There is a reason ring0 rootkits are extremely rare....they're extremely complex. In the history of malware there have only been a handful of functional ring0 rootkits....many more ring3 kits. For this cs hack did you have to install drivers? If not then it isn't a true ring0 rootkit and the guys just using a name to sell his product. If it supposedly does it on its own I'd be curious when the coder is going to sell your financial info to the masses because there is WAY more money to be had selling the rootkit than the little hack.
       
    12. roifok

      roifok Member

      Joined:
      Sep 7, 2014
      Messages:
      126
      Likes Received:
      4
      Trophy Points:
      18
      Yeah this hack need some drivers installation and as far as im concerned, it create a second boot option in the os and you need to boot with that in order to get the hack launch. Its the famous Royal Hack and this is the only one i know which use this kind of coding. They got a fucking great dev team @Unstuck, Maarek etc

      Of course, you're right, its really rare and i didn't see any other hack using this. You pay for what you get, this hack was a 200€ 1year hack.
       
      Last edited: May 15, 2015
    13. Aetheric

      Aetheric Member

      Joined:
      Jul 25, 2012
      Messages:
      576
      Likes Received:
      2
      Trophy Points:
      18
      "Owned by the 6 Month Suspension on 13/05/2015 - Keep it up we will be back Blizz
      "

      ROFL - I love that one, dude !
       
    14. wh420

      wh420 New Member

      Joined:
      Oct 1, 2011
      Messages:
      71
      Likes Received:
      3
      Trophy Points:
      0
      Then I stand corrected as far as my statement about no hack using this method.
      I would love to actually see the code(never happen obviously) to see if its just a leaked bootkit or not that they used.
      But as far as the complexity and a ring0's real worth, its all true because the bootkit code from the carberp botnet sold for $40k and the devs alone were making 200k+ a month selling subs to their malware.
      But thank you roifok for addressing my points and correcting me.
       
    15. roifok

      roifok Member

      Joined:
      Sep 7, 2014
      Messages:
      126
      Likes Received:
      4
      Trophy Points:
      18
      Just wanted to let you know it exist but you are fully right on the complexity and the cost of this kind of coding

      At the beginning the hack was a 200€ lifetime subs but after 1 year they post this :

      I got somewhere in my computer all the source, i'll check for this !
       
      Last edited: May 15, 2015

    Share This Page