AlliedModders - [CS:GO] [G]amerX Anti-Cheat (Copy Pasta of Cow Anti-Cheat)

[CS:GO] [G]amerX Anti-Cheat AKA Cow Anti-Cheat Pasta

ABOUT:
Ladies and Gentlemen grab your popcorn, because this thread is about to be LLIIIIIITTTTTTT. I expect this thread to get deleted or unapproved btw as yes it's pretty toxic <3. However I feel like regardless this type of behavior from a AM community member and community owner at that shouldn't be tolerated.

So let me start by saying I did not create this plugin and I want absolutely no credit for anything to do with this plugin. Even though most all of the detection methods are copy pasted directly from Cow Anti-Cheat. I am releasing this so no other SM/AM community members get scammed.

I was made aware that a steam user under the name "The [G]amerX" http://steamcommunity.com/profiles/76561197964477177 https://forums.alliedmods.net/member.php?u=142306 was selling an anti-cheat for CS:GO servers that was marketed as a high quality, and robust anti-cheat system. He was selling this plugin for $140. Once I contacted him I said it's very disrespectful to copy paste my detection methods and violates copy right. I then asked for him to put the GNU License back on the file and give me credit for my work, he said "I don't care what you think of me" and blocked me. Without further ado lets take a deep dive into this "Top SHELf PremiuM QuALiTy AnTi-cheAT".

QUALITY CODE:
Lets start with the first thing that caught my eye while I was looking through this masterpiece of a plugin.

EZFrags Detection Method

PHP Code:


		
			
if(IsValidClient(client) && detectEzFrags[client])

    {

        char text[512];

        text[0] = '\0';

        GetCmdArgString(text, sizeof(text));

        StripQuotes(text);

        TrimString(text);

        if(

        StrEqual(text, "Visit www.EZfrags.co.uk for the finest public & private CS:GO cheats", false) ||

        StrEqual(text, "If I was cheating, I'd use www.EZfrags.co.uk", false) ||

        StrEqual(text, "Stop being a noob! Get good with www.EZfrags.co.uk", false) ||

        StrEqual(text, "Think you could do better? Not without www.EZfrags.co.uk", false) ||

        StrEqual(text, "I'm not using www.EZfrags.co.uk, you're just bad", false))

        {

            detectEzFrags_count[client]++;

            FormatEx(discord, sizeof(discord), "%N %s has been detected for EZfrags cheats! (Check #%i)", client, nonprime[client]?"[Non-Prime]":"", detectEzFrags_count[client]);

            SendMessageToAdmins(discord);

            FormatEx(discord, sizeof(discord), "**%N** (%s) %s has been detected for **EZfrags cheats**! (Check #%i)", client, f_authid[client], nonprime[client]?"[Non-Prime]":"", detectEzFrags_count[client]);

            SendMessageToDiscord("anticheat", discord);

            if(detectEzFrags_count[client] > 1)

            {

                FormatEx(discord, sizeof(discord), "%N %s has been detected for EZfrags cheats! (Banned)", client, nonprime[client]?"[Non-Prime]":"");

                SendMessageToAdmins(discord);

                FormatEx(discord, sizeof(discord), "**%N** (%s) %s has been detected for **EZfrags cheats**! (Banned)", client, f_authid[client], nonprime[client]?"[Non-Prime]":"");

                SendMessageToDiscord("anticheat", discord);

                SBBanPlayer(0, client, 0, "Mutli-Hack");

            }

        }

    }

This anti-cheat is marketed as "100% detect ezfrags". With this detection method a legit player could type one of these chat messages 2 times and get permanently banned for "Mutli-Hack" (yes I know he even spells Multi-Hack wrong).

Name Stealer Detection Method

PHP Code:


		
			
public void CheckClientName(int client)

{

    char steamid64[512];

    GetClientAuthId(client, AuthId_SteamID64, steamid64, sizeof(steamid64));

    char url[PLATFORM_MAX_PATH];

    Format(url, sizeof(url), "http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v0002/?key=6723D12183165E70AA8630ED992F01C7&steamids=%s", steamid64);

    Handle request = SteamWorks_CreateHTTPRequest(k_EHTTPMethodGET, url);

    if(request == null) return;

    SteamWorks_SendHTTPRequest(request);

    float timeouttime = GetEngineTime() + 5.0;

    int responsesize = 0;

    while(GetEngineTime() < timeouttime)

    {

        SteamWorks_GetHTTPResponseBodySize(request, responsesize);

        if(responsesize > 0)

        {

            OnInfoReceived(request, false, true, k_EHTTPStatusCode200OK);

            checking_name = client;

            return;

        }

    }

    OnInfoReceived(request, true, false, k_EHTTPStatusCode5xxUnknown);

}

public int OnInfoReceived(Handle request, bool failure, bool requestSuccessful, EHTTPStatusCode statusCode)

{

    if(!failure && requestSuccessful && statusCode == k_EHTTPStatusCode200OK)

        SteamWorks_GetHTTPResponseBodyCallback(request, APIWebResponse);

    delete request;

    return 0;

}

public void APIWebResponse(char[] response)

{

    KeyValues Kv = new KeyValues("response");

    Kv.SetEscapeSequences(true);

    if(Kv.ImportFromString(response))

    {

        if(Kv.JumpToKey("players"))

        {

            if(Kv.JumpToKey("0"))

            {

                char szGameName[MAX_NAME_LENGTH]; GetClientName(checking_name, szGameName, sizeof(szGameName));

                char szSteamName[MAX_NAME_LENGTH]; Kv.GetString("personaname", szSteamName, sizeof(szSteamName));

                if(!StrEqual(szGameName, szSteamName, true))

                {

                    FormatEx(discord, sizeof(discord), "%N %s has been detected for Name Stealer/Faker! [Game Name %s | Steam Name: %s]", checking_name, nonprime[checking_name]?"[Non-Prime]":"", szGameName, szSteamName);

                    SendMessageToAdmins(discord);

                    FormatEx(discord, sizeof(discord), "**%N** (%s) %s has been detected for **Name Stealer/Faker**! [Game Name **%s** | Steam Name: **%s**]", checking_name, f_authid[checking_name], nonprime[checking_name]?"[Non-Prime]":"", szGameName, szSteamName);

                    SendMessageToDiscord("anticheat", discord);

                    checking_name = 0;

                    delete Kv;

                }

            }

            else delete Kv;

        }

        else delete Kv;

    }

    else delete Kv;

    checking_name = 0;

}

In case you don't want to read the spaghetti above, he is querying the SteamAPI to grab players names to check for name stealing. Only if GetClientName didn't already exist....

COPIED CODE:

[G]amerX copied every single detection method from Cow Anti-Cheat line for line. This is just an example of one of them. You can look through so source if you would like more proof.
https://cdn.discordapp.com/attachmen...520/COW_AC.png

He also stole methods line for line from SMAC. Pretty wild, probably would have been less time consuming to just write his own instead of moving everything over...
https://cdn.discordapp.com/attachmen...18081/SMAC.png

I don't really have much left to say. Except [G]amerX is the scum of the SM/AM community and I would like to see him banned. Don't buy into his scams and if anyone is contacted by him to purchase a plugin "he made", just message me and I will personally make it for free. :)