🖥️
DMA Cheating
  • Cheating with DMA Devices
  • DMA Devices
    • Device List
      • Screamer PCIe USB-C (R04)
        • Building custom gateware
        • Flashing custom gateware
      • Raptor DMA
        • Building custom gateware
        • Flashing custom gateware
      • Ranger DMA (legacy)
        • Building custom gateware
        • Flashing custom gateware
      • CaptainDMA 75T
        • Building custom gateware
        • Flashing custom gateware
      • ZDMA Thunderbolt
        • Building custom gateware
        • Flashing custom gateware
    • Usage
    • Limitations
  • Anticheat Evasion
    • Detection Vectors
    • Device Spoofing
    • Clearing Device History
    • Advanced Evasion
  • DMA Development
    • MemProcFS Library
    • Using VMMDLL
    • Windows Kernel
  • Other Resources
    • PCILeech
    • LeechCore
    • PCILeech-FPGA
    • MemProcFS
    • MemStream
Powered by GitBook
On this page
  • Customizing our Device Identifiers
  • Spoofing Real-World Devices
  • Retrieving Device Identifiers
  • Customizing the Device Serial Number

Was this helpful?

  1. Anticheat Evasion

Device Spoofing

Information on customizing the PCI Configuration space to spoof device IDs.

PreviousDetection VectorsNextClearing Device History

Last updated 2 years ago

Was this helpful?

Customizing our Device Identifiers

In order to avoid current approaches to DMA device detection, we need to build custom gateware for our device with unique device identifiers. Using Xilinx Vivado, this is extremely easy to do. For devices that use pcileech-fpga, can be found with details on how to customize these identifiers.

Spoofing Real-World Devices

Spoofing the identifiers of a real-world PCI device ensures that you don't stumble into some previously device identifiers. It also makes the anticheat's job of differentiating between bad and good devices much more difficult.

Retrieving Device Identifiers

In order to spoof a real-world device, we'll need to extract information about the device.

Using LSPCI

Plug the real PCI device into your system and run . This command enables us to dump PCI device information. For windows users, a Windows variant of lspci can be found . With LSPCI we can dump the entire configuration space of our PCI card. This will enable us to build gateware to spoof this config space.

The device information of your stock Screamer PCIe USB-C (R04) device can be found with the following command: lspci -d 10ee:0666 -vvv -xxxx

Using Device Manager

Simple device identifiers can be extracted using the Device Manager application on Windows. We can't get the entire configuration space, so this approach doesn't provide enough information to fully spoof our target device, but for Xilinx devices, it provides enough.

Customizing the Device Serial Number

As part of our anticheat evasion, we'll want to customize the DSN. For pcileech compatible devices, this is outlined as part of the build readme (). You'll want this to be unique, so don't change it to some meme.

example
build instructions
lspci
here
Example hardware ids viewed from Device Manager.