EAC bypass overlay flags undetectable
The bypass is based on CreateWindowEx and does not require any existing overlay to be hijacked. If you need private an undetected (UD) overlay for EAC/BattlEye. This is exactly what you want.
[+] Windows 10 Pro compatible (22H2)
[+] Bypasses every kernel (EAC, EAAC, BattlEye, ...) and user mode anti-cheat (VAC/FairFight etc.) topmost overlay window checks
[+] Screenshot safe
[+] Internal or external overlay is supported
[+] Secure Boot
[+] Source code available for purchase
1600:900
These flags are required for Windows 10/11 to get an overlay that is clickable through. EAC tries to query the window for these flags including the window size to determine whether the window is a hack overlay or not and after the query the information is sent to the server.
If the size of the queried window matches the size of the game window with the topmost style, this may result either in a flag and/or ban. The bypass is applied and cloaked before the anti-cheat is run. In reality EAC nor any other anti-cheat will never receive the original flags the overlay was created with.
Overlay windows can also be enumerated from the kernel. Kernel mode checks are much harder to bypass. The implementation of kernel mode is a significantly more difficult because it's based on an undocumented tagWND structure that needs to be reversed and tested for each version of Windows.
If you want to become a P2C or need a good external backup solution. https://overlayhack.com/eac-eaac-anti-cheat-bypass/1038 Terms for the source code:
The origin of the source code must not be misrepresented. The original author of the source code is White Byte at overlayhack.com
The source code is sold unconditionally for private or internal company use. In no event you or the company who bought the source code may not distribute or resell the source code in any form or distribute information obtained from the source code to third parties. You may only distribute the code in a compiled form.
Bitcoin (BTC) is the only payment method for individuals. The customer should pay all fees. All sales are final and non-refundable regardless of the payment method used.
The author also coded PatchGuard and DSE bypass at runtime. Learn more https://overlayhack.com/patchguard-bypass
[+] Windows 10 Pro compatible (22H2)
[+] Bypasses every kernel (EAC, EAAC, BattlEye, ...) and user mode anti-cheat (VAC/FairFight etc.) topmost overlay window checks
[+] Screenshot safe
[+] Internal or external overlay is supported
[+] Secure Boot
[+] Source code available for purchase
1600:900
An overlay is a window on top of all other windows, such as a game window. EAC's checks for topmost overlays relies on user mode API's such as IsWindowVisible. The aforementioned bypass invalidates all of these user mode checks in a sophisticated way meaning that an advanced kernel anti-cheat such as EAC or BattlEye can enumerate the window but never detects the window as a topmost overlay hack. This modification makes the overlay undetectable.
A typical topmost overlay is created using the following style:
WS_EX_LAYERED | WS_EX_COMPOSITED | WS_EX_TRANSPARENT | WS_EX_TOPMOST
These flags are required for Windows 10/11 to get an overlay that is clickable through. EAC tries to query the window for these flags including the window size to determine whether the window is a hack overlay or not and after the query the information is sent to the server.
If the size of the queried window matches the size of the game window with the topmost style, this may result either in a flag and/or ban. The bypass is applied and cloaked before the anti-cheat is run. In reality EAC nor any other anti-cheat will never receive the original flags the overlay was created with.
Overlay windows can also be enumerated from the kernel. Kernel mode checks are much harder to bypass. The implementation of kernel mode is a significantly more difficult because it's based on an undocumented tagWND structure that needs to be reversed and tested for each version of Windows.
BattlEye bypass topmost overlay detection
BattlEye's checks also relies on user mode API's such as GetWindow when it enumerates a list of windows. This is backed by https://secret.club/2019/02/10/battleye-anticheat.html. All of these user mode checks including window style checks will get invalidated or spoofed as soon as the bypass has been applied. You can create your internal or external overlay on top of the game window with the (WS_EX_TOPMOST) flag as there was no anti-cheat at all running. And the overlay is also screenshot safe.If you want to become a P2C or need a good external backup solution. https://overlayhack.com/eac-eaac-anti-cheat-bypass/1038 Terms for the source code:
The origin of the source code must not be misrepresented. The original author of the source code is White Byte at overlayhack.com
The source code is sold unconditionally for private or internal company use. In no event you or the company who bought the source code may not distribute or resell the source code in any form or distribute information obtained from the source code to third parties. You may only distribute the code in a compiled form.
Bitcoin (BTC) is the only payment method for individuals. The customer should pay all fees. All sales are final and non-refundable regardless of the payment method used.
The author also coded PatchGuard and DSE bypass at runtime. Learn more https://overlayhack.com/patchguard-bypass
| #1006 Title: Administrator |
12/11/2023 01:32 - 891 days 4 hours 42 minutes #1006 |
This bybass invalidates all of userspace window checks such as NtUserBuildHwndList, NtUserFindWindowEx and NtUserQueryWindow.
If you hook anything from a legitimate overlay text section. This can be easily detected even by a user-mode anti-cheat.
If you hook anything from a legitimate overlay text section. This can be easily detected even by a user-mode anti-cheat.
Post a comment
