Flawless Black Ops 2, Ghost, and Advanced Warfare Bypasses

[BLiNDzZ DF Member Posts:4 Threads:1 Reputation 2]

I wouldn’t call this “flawless”. One server sided change could patch this, whereas my bypass is impossible to patch as it responds correctly to any challenge they send. And most games stopped banning due to RCE and being able to spoof to other users profiles and get them banned purposely. Same reason they stopped console banning on COD because we could just spoof machine Id to a retail console and ban it.

Update on how these "bypasses" works.

The BO2 one simply disables the call to .text:8259A65C                 bl        LiveAntiCheat_AnswerMemoryHashRequest

Also, BO2 has up to 7 challenges they can run on your console, they currently run 3, this bypass disables 1 of the current 3 used. You can 100% still be detected, and banned using this at any given moment.

This function is a boolean, which means nop'ing it (0x60000000) will only corrupt register 3 causing errors. The rest of the offsets disable read/write protection on dvars, and "getStats" on console info, which aren't related to bypassing a ban in any form. The last one disables the ability to issue a probation warning. This "bypass" is about 3 years old, and was patched before BO2 disabled bans. When I managed the NiNJA bypasses, we used exactly those offsets (because I originally found them). Around 17502 it was patched, everyone on NiNJA was banned, but I had already written a proper bypass to implement anyway.

As for Ghosts/AW the 0x60000000 patch disables the process of starting the challenge response, and the value you are setting to 0 changes a value inside the g_logonStatus structure to make the server believe you aren't even connected. This isn't a "bypass". This is getting lucky that the demonware developers aren't competent enough to process error handling on the anticheat server.

[TheUnknown Emerald Member Posts:57 Threads:2 Reputation 37]

I wouldn’t call this “flawless”. One server sided change could patch this, whereas my bypass is impossible to patch as it responds correctly to any challenge they send. And most games stopped banning due to RCE and being able to spoof to other users profiles and get them banned purposely. Same reason they stopped console banning on COD because we could just spoof machine Id to a retail console and ban it.

I don't disagree with what you're saying but these have been working for me towards the end of 17511 people where still getting bans from these games back then. I know these works fine and happy to share them. Yes you're right never the less expected if they do anything server sided these are useless for everyone. I doubt they will bother though. They should be more focused on those stupid theater infections.

[Anakin DF Member Posts:35 Threads:3 Reputation 0]

i dont have enough knowedge to make this bypasses work....
it just give me a black screen on BO2 :(

[joshbleas DF Member Posts:46 Threads:0 Reputation 0]

oof well this went fucked

[Dread Retired Posts:532 Threads:79 Reputation 87]

damn chief, nice release!

[TheUnknown Emerald Member Posts:57 Threads:2 Reputation 37]

I wouldn’t call this “flawless”. One server sided change could patch this, whereas my bypass is impossible to patch as it responds correctly to any challenge they send. And most games stopped banning due to RCE and being able to spoof to other users profiles and get them banned purposely. Same reason they stopped console banning on COD because we could just spoof machine Id to a retail console and ban it.

Update on how these "bypasses" works.

The BO2 one simply disables the call to .text:8259A65C                 bl        LiveAntiCheat_AnswerMemoryHashRequest

Also, BO2 has up to 7 challenges they can run on your console, they currently run 3, this bypass disables 1 of the current 3 used. You can 100% still be detected, and banned using this at any given moment.

This function is a boolean, which means nop'ing it (0x60000000) will only corrupt register 3 causing errors. The rest of the offsets disable read/write protection on dvars, and "getStats" on console info, which aren't related to bypassing a ban in any form. The last one disables the ability to issue a probation warning. This "bypass" is about 3 years old, and was patched before BO2 disabled bans. When I managed the NiNJA bypasses, we used exactly those offsets (because I originally found them). Around 17502 it was patched, everyone on NiNJA was banned, but I had already written a proper bypass to implement anyway.

As for Ghosts/AW the 0x60000000 patch disables the process of starting the challenge response, and the value you are setting to 0 changes a value inside the g_logonStatus structure to make the server believe you aren't even connected. This isn't a "bypass". This is getting lucky that the demonware developers aren't competent enough to process error handling on the anticheat server.

That's exactly what a bypass is tbh you're finding a way around the security system. So I mean yea they're technically still a bypass. What you're referring to is answer the challenges which I will agree is the best method you're right.

[jackhole_55 Banned Posts:27 Threads:1 Reputation 0]

these have worked for me so far

[MyNamesMyName Banned Posts:25 Threads:0 Reputation 0]

nice release my friend

[SilverKvs DF Member Posts:4 Threads:0 Reputation 0]

Nice share man :)

[Slutty-eGirlz DF Member Posts:117 Threads:6 Reputation 4]

nice leak my man keep it up