Hackerone.com Riot Games bug bounty scam

I got a suggestion from a cheat community to try the Riot Games bug bounty program at hackerone.com. I thought of why not.

According to the bounty announcement: Cheat Development Methods to bypass obfuscation, debugging protection, techniques that enable reverse engineering our games $250 - $20,000. It sounded too good to be true...

The bounty advert should've mentioned clearly that you have to use your own manual mapper or so called original findings (if an original finding is such as user mode exploit). Now that that the bounty advert was "incomplete". They can use whatever reason to not pay the reward depending on their moods.

The fact is that my technique bypassed VGC and enables reverse engineering their games. The "test.exe" could by my own tool https://hexderef.com that has somewhat IDA PRO equivalevent multi-threaded disassembler what with you can reverse engineer the game dynamically and also scan the game memory similarly to Cheat Engine (CE). The method I used applied DSE bypass at runtime followed by an old style handle elevation DKOM for "test.exe" as shown in the poc video.

Taking the above into account. I would say, questionable activity. Especially when if their site is to be considered as authoritative.

An enormous amount of my time got wasted without getting paid as advertised. I provided them (as they asked me to upload) with an advanced semi-private kernel level anti-cheat bypass technique that bypasses many other anti-cheats as well such as the most popular main stream anti-cheat EAC.


Here is the video PoC:


My efforts that represents today's attack techniques got deemed as "informative" even though I provided them with an obvious hack development method, and I neither not got any amount of the advertised bounty.

It's also worth to mention. The bypass itself requires easily a several years of experience in terms of kernel driver coding and reverse engineering.

Anyone who think about contributing to hackerone.com. Should read this post before providing any information to them.

The proof of concept is a 3-step easy to reproduce that anyone can do. They said that's is something they cannot support. So hilarious.

I think the "team" who participated were just incapable to reproduce a simple thing.

The author can easily bypass VanGuard's debugging protection as well.

Post a comment

Registered users do not have to enter captcha. A line in the code tag is currently limited to maxium of 160 characters.
Posting guidelines: You may not post any personal information. When you report an issue: Always mention which version and operating system and briefly describe the issue. Any support request post that does not include this information will be removed as spam without a reply.
Tags You may use the following tags: [QUOTE] [/QUOTE] [B] [/B] [URL] [/URL] [CODE] [/CODE]
Captcha Please enter the text you see (case insensitive). The listed characters must be entered clockwise starting from twelve o'clock.
Comments are moderated Y