This project was created as a learning experience to understand how game anti-cheat systems work — from basic concepts to a complete implementation that can run standalone or be integrated with a game client like Ragnarok Online.
With the help of AI , open documentation, and real-world code references, GretelHS v1.0 has officially been completed.
14. **Test Mode Spoof Checker**
Deteksi registry/key BCD yang di-spoof
15. **HWID Generator**
Gabungkan CPU ID, Disk, MAC ke HWID hash unik
16. **File Integrity Checker**
MD5 hash checker buat validasi file penting (`ragnarok.exe`, `.grf`, dll)
17. **Server Communication via TCP**
Kirim log, HWID, heartbeat ke server backend
18. **LSASS/CSRSS Handle Proteksi**
Cegah akses ke proses system penting (anti hijack)
19. **Manual-Mapped Driver Detector**
Deteksi driver mencurigakan dari usermode
---
**Build Final**
Sudah support **Debug** dan **Release** Bisa dijalankan **mandiri (standalone)** Bisa diintegrasikan ke:
- Ragnarok Launcher
- RO Client
- GM Tool
Mudah di-convert ke **.DLL untuk inject juga**
The main goal of this project is not just to create an Anti-Cheat system, but to understand and learn how client-side security works, how exploits happen, and how they can be detected or prevented.
What’s Next?
I plan to continue improving GretelHS beyond version 1.1 — adding kernel-level protections, better integration tools, and even a web-based monitoring dashboard.
Development will continue gradually, of course, as time allows alongside my main work. and This is still far from perfect and nowhere near the level of big-name anti-cheat solutions.
Untuk selanjutnya **Gretel V1.1**
| Fitur / Arah | Deskripsi | Status |
|-------------|-----------|--------|
| Kernel Driver (`AntiCheat.sys`) | Akses penuh ke kernel-mode buat proteksi total (driver anti-cheat) | Belum |
| SSDT / IDT Hook Detection | Deteksi patching kernel di System Service Table dan Interrupt Table | Belum |
| `g_CiEnabled` Checker | Deteksi jika Cheat tool mem-patch signature enforcement via kernel | Belum |
| PatchGuard Bypass Monitor | Pantau patch anti-cheat kernel yang mem-bypass Windows integrity | Belum |
| Manual Unlink Module | Deteksi unlink dari `PsLoadedModuleList` (manual mapped drivers) | Belum |
| Kernel Mode Anti Injection | Blokir `ZwMapViewOfSection`, `NtWriteVirtualMemory` dari kernel | Belum |
| Code Injection Detector (.DLL) | Buat versi `AntiCheat.dll` buat inject balik ke RO client | Belum |
| Hook API Protection | Deteksi & repair `NtOpenProcess`, `NtQueryInformationProcess`, dll dari inline hook | Belum |
| Secure Server Sync | Enkripsi data HWID/log pakai AES/SSL ke server anti-cheat | Belum |
| Advanced HWID Spoof Guard | Deteksi virtual machine, spoofed MAC, SMBIOS patch | Belum |
| Launcher & Patcher Lock | Integrasi AntiCheat ke launcher RO, lock sebelum patch/jalan game | Belum |
| Memory Scan All Processes | Scan proses selain diri sendiri, cari memory pattern cheat dari luar (game scan) | Belum |
| GRF / Resource Tamper Detection | Cek checksum GRF, sprite, effect, dll → jika modif = ban | Belum |
| Integrasi ke Ragnarok Client via DLL/pipe | | Bisa lanjut |
| Build versi Kernel Driver (`AntiCheat.sys`) | | Tahap selanjutnya |
| Bikin installer (NSIS, Inno Setup) | | Bisa lanjut |
| Web panel dashboard untuk log monitoring | | Bisa juga |
---
Feedback, suggestions, or bug reports are very welcome — feel free to open an issue or contribute via PR!
Asli Jatuh Bangun buat beginian, ternyata susah banget, bahkan gw sempat berkali kali mau nyerah tapi gw mau coba berusaha pokoknya harus jadi hehehe thanks all ^^
Question
monyet
This project was created as a learning experience to understand how game anti-cheat systems work — from basic concepts to a complete implementation that can run standalone or be integrated with a game client like Ragnarok Online.
This project use Visual Studio 2022
1. **Process & Thread Watcher**
Pantau semua proses & thread aktif (anti hidden process)
2. **Heartbeat System**
Logging berkala untuk status checking
3. **Overlay Scanner**
Deteksi window overlay cheat (ESP, CE, dll)
4. **Driver Scanner**
Scan driver yang terload dari usermode
5. **Anti Debug**
Deteksi debugger: `IsDebuggerPresent`, `NtQueryInformationProcess`, dll
6. **Anti Suspend Threads**
Proteksi thread dari suspend/kill
7. **Anti Injection**
Scan DLL inject, modul asing di memory
8. **Digital Signature Scanner**
Verifikasi .DLL/.EXE signed atau tidak
9. **Anti TestMode**
Deteksi Windows boot dengan `/testsigning on`
10. **Signature Scanner (Memory Pattern)**
Scan byte pattern memory untuk hook/injection
11. **Pipe Communication**
Komunikasi `AntiCheat.exe` dengan game client via Named Pipe
12. **Hijacked Thread Detector**
Cek thread dari source mencurigakan
13. **IAT Hook Checker**
Deteksi hook pada Import Address Table (API redirect)
14. **Test Mode Spoof Checker**
Deteksi registry/key BCD yang di-spoof
15. **HWID Generator**
Gabungkan CPU ID, Disk, MAC ke HWID hash unik
16. **File Integrity Checker**
MD5 hash checker buat validasi file penting (`ragnarok.exe`, `.grf`, dll)
17. **Server Communication via TCP**
Kirim log, HWID, heartbeat ke server backend
18. **LSASS/CSRSS Handle Proteksi**
Cegah akses ke proses system penting (anti hijack)
19. **Manual-Mapped Driver Detector**
Deteksi driver mencurigakan dari usermode
---
- Ragnarok Launcher
- RO Client
- GM Tool
I plan to continue improving GretelHS beyond version 1.1 — adding kernel-level protections, better integration tools, and even a web-based monitoring dashboard.
and This is still far from perfect and nowhere near the level of big-name anti-cheat solutions.
Development will continue gradually, of course, as time allows alongside my main work.
Untuk selanjutnya **Gretel V1.1**
| Fitur / Arah | Deskripsi | Status |
Kernel Driver (`AntiCheat.sys`) | Akses penuh ke kernel-mode buat proteksi total (driver anti-cheat) | 
Belum |
SSDT / IDT Hook Detection | Deteksi patching kernel di System Service Table dan Interrupt Table | 
Belum |
`g_CiEnabled` Checker | Deteksi jika Cheat tool mem-patch signature enforcement via kernel | 
Belum |
PatchGuard Bypass Monitor | Pantau patch anti-cheat kernel yang mem-bypass Windows integrity | 
Belum |
Manual Unlink Module | Deteksi unlink dari `PsLoadedModuleList` (manual mapped drivers) | 
Belum |
Kernel Mode Anti Injection | Blokir `ZwMapViewOfSection`, `NtWriteVirtualMemory` dari kernel | 
Belum |
Code Injection Detector (.DLL) | Buat versi `AntiCheat.dll` buat inject balik ke RO client | 
Belum |
Hook API Protection | Deteksi & repair `NtOpenProcess`, `NtQueryInformationProcess`, dll dari inline hook | 
Belum |
Secure Server Sync | Enkripsi data HWID/log pakai AES/SSL ke server anti-cheat | 
Belum |
Advanced HWID Spoof Guard | Deteksi virtual machine, spoofed MAC, SMBIOS patch | 
Belum |
Launcher & Patcher Lock | Integrasi AntiCheat ke launcher RO, lock sebelum patch/jalan game | 
Belum |
Memory Scan All Processes | Scan proses selain diri sendiri, cari memory pattern cheat dari luar (game scan) | 
Belum |
GRF / Resource Tamper Detection | Cek checksum GRF, sprite, effect, dll → jika modif = ban | 
Belum |
Integrasi ke Ragnarok Client via DLL/pipe | | 
Bisa lanjut |
Build versi Kernel Driver (`AntiCheat.sys`) | | 
Tahap selanjutnya |
Bikin installer (NSIS, Inno Setup) | | 
Bisa lanjut |
Web panel dashboard untuk log monitoring | | 
Bisa juga |
|-------------|-----------|--------|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
---
Special thanks and inspiration go to:
https://github.com/Pokye/Sagaan-AntiCheat-V2.0
Edited by monyetBig respect for the open-source contribution that helped kickstart this journey.
Asli Jatuh Bangun buat beginian, ternyata susah banget, bahkan gw sempat berkali kali mau nyerah tapi gw mau coba berusaha pokoknya harus jadi hehehe thanks all ^^
memperbaiki
Link to comment
Share on other sites
0 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.