Simple radar cheat for popular shooter. Map images, among other things, are not included.
- The server starts a websocket server and attaches to the game's process.
- Using
ReadProcessMemoryit reads the EntityList from memory and sends relevant data to all subscribed clients. - The client(s) read the data and render the players positions, directions, and health values on top of the current map.
To avoid VAC, the server component was initiated like so:
- Compile EmpireCOMPosh by @subTee
- This is because in the next step we use PowerShell which is flagged by VAC
- Using the COM object registered in step 1, execute Invoke-ReflectivePEInjection.ps1
- Reflectively inject our server component into
mbam.exe(signed 32-bit Malwarebytes binary)
We assume that AV binaries are ignored by VAC heuristics. After all, it wouldn't be odd for mbam.exe to be reading process memory as that's just what it does :)