Source
Veteran OT User
Just curious if any seasoned reverse engineers has any tips on how to prevent an anti-cheat function being NOP'd out.
I've thought of creating a second function that's called "everywhere" that checks at the same interval as the anti-cheat whether the anti-cheat has been executed within the last interval by inspecting some values used and stored from the anti-cheat function, but this function can simply be returned at the beginning (if finding all the entries to NOP them out is too much work).
I think the best idea conceptually or theoretically is to add crucial or necessary function calls for the client to work at all to the anti-cheat function.
But I can't think of any yet that has global scope.
The only idea I got right now is to move the anti-cheat function to the scope of a necessary function and move all the crucial functionality into the anti-cheat xd
Thoughts?
I've thought of creating a second function that's called "everywhere" that checks at the same interval as the anti-cheat whether the anti-cheat has been executed within the last interval by inspecting some values used and stored from the anti-cheat function, but this function can simply be returned at the beginning (if finding all the entries to NOP them out is too much work).
I think the best idea conceptually or theoretically is to add crucial or necessary function calls for the client to work at all to the anti-cheat function.
But I can't think of any yet that has global scope.
The only idea I got right now is to move the anti-cheat function to the scope of a necessary function and move all the crucial functionality into the anti-cheat xd
Thoughts?