It is an infraction of FriHost rules to post someone elses work without use of proper quotes tags. These tags have been added by a moderator. It is also an infraction to copy and paste articles without adding your own thought
The game Counter-Strike has been a prime target since it came out. Hacking in the game has been widely criticized by a lot of people. To keep people safe, Valve issued anti-cheat software called VAC, or Valve Anti-Cheat. Since then it has come to version 2.0 and most servers have it equipped. Hacks include wallhacks, which allow the player to see through walls; speedhacks, which give the player super speed; and aimbots, which give an automatic headshot each time a shot is fired at someone.
History of cheating in Counter-Strike
The History of Cheating in Counter-Strike is as long as the history of Counter-Strike itself.
Up to late 2000, cheats were believed to be more isolated, if not just a phenomenon, and only started to become such a problem for the community as late as 2001, where the problem became so apparent and noticeable that Counter-Strike became the synonym with cheating that it is today. By late 2004, the battle against cheaters seemed utterly lost, with the numbers of cheaters continuously increasing and anti-cheat utilities slowly giving up their uphill battle.
When Counter-Strike hit the scene, it was an almost immediate success. Both Team Fortress Classic and Action Half-Life were popular mods at the time, and primitive protohacks were ported from these mods.
Wrapper DLLs of a particular Half-Life program file, client.dll, allowed so-called headshot scripts (sometimes known as aimbots) and gave players norecoil (a basic type of aiming help intended to reduce or negate the recoil that made aiming with most guns in Counter-Strike so tricky). Because similar hacks had been appearing for Team Fortress Classic and Action Half-Life, Valve updated server software so Half-Life servers verified the client.dll file of the players, hindering such hacks. Included with other updates, functionality of many variables that allowed an unfair advantage like lambert (which could be used to reduce the effect of a flashbang), were removed or toned down.
At this time, cheats were not deemed too big of a problem, as they either lacked the necessary power to make them useful (compare a headshot script attempt, to contemporary multihacks with zero recoil and fully automatic headshots), or were easily detected. Stealth was not considered at this time: a wallhacker would just stand behind a closed door and gun down everything he or she could see. Cheating at this point was not a way to damage competitive gameplay, but more of a new way disruptive players could harm the gaming experience of others. However, cheating subtly in online competitions occurred very soon, and occasionally even LAN parties, as simple cheats like 'spiked models' or 'lambert' weren't as stigmatized and detested by the mainstream community as they were after OGC ravaged the public servers.
XQZ2 was one of the first cheats for Counter-Strike to include an effective aimbot and a relatively simple to use interface. It also featured a wallhack (which later became known as an XQZ-style wallhack due to its difference to the Flautz-style wallhack which was popular at the time). Initially XQZ2 was a private hack, but eventually it was released to the public. It relied on wrapping (and in later versions, hooking) the OpenGL DLL file for Microsoft Windows systems (opengl32.dll) instead of replacing the client.dll.
XQZ2 was considered to be more effective than other cheats around at the time, such as Flautz and ViperG. It could be configured to not give any indication of the presence of a hack on the screen, and the aimbot could be turned on and off through subtle keyboard commands. It could be used at a LAN party without raising as much suspicion as other, more visible, cheats.
In 2001, a new public cheat appeared in the scene: OGC for Counter-Strike. OGC, short for "Online Game Cheats", became synonymous with easily-installed, powerful, multifunctional hacks that supplied the cheater with everything, from a strong aimbot to a built-in MP3 player.
Before the arrival of OGC, most cheaters were easily identified due to clumsy wallhack tactics, or more rarely, claiming to be professional players where, due to their mundane tactics and simplistic play, it was obvious that they were amateurs. Thus Counter-Strike remained relatively cheat-free until early 2001. When OGC arrived, everyone had the opportunity to completely annihilate an entire team of experienced players swiftly and violently or they could subtly just use an aimbot with a low-key configuration or a wallhack without any blatant exploiting to enhance their score.
The first anti-cheat tools
When gameplay became more and more unbearable on public servers, the outcry was loud enough to create a long succession of anti-cheat tools.
As early as 2000, Punkbuster tried to rid the scene of cheats, as it used variable checking and process validation while authorizing with the server. Soon it was followed by the short-lived, server-based 'TSC' which was the first anti-cheat tool able to detect OGC. It however was quickly rendered useless as an anti-cheat mechanism by OGC¡¦s very fast development cycle. CSGuard by OLO, another server based plugin, could utilize a script to check on variables and filenames. CSGuard was the first anti-cheat mechanism which could stop early versions of OGC consistently, along with hundreds of cheats and violations, as it was script based, and its scripts could be updated as soon as a new cheat was discovered. With its successor HLGuard, it is the only anti-cheat mechanism still in use in Counter-Strike, while Punkbuster stopped supporting CS and moved on to other FPS like Americas Army or Quake 3 Arena.
Cheating-Death is still used today and is thought by many as one of the best anti-cheat mechanism available. Its strategy is not to detect a cheat but to prevent its working in the first place. Anti-cheats like CSGuard merely checked for the presence of an already-known cheat, which required constant updating. This made such tools completely ineffective against private hacks. Cheating-Death (C-D), on the other hand, made it harder to develop working cheats, although in time C-D produced its own Code Race similar to HLGuard and Punkbuster, with cheat coders constantly finding new ways to disable and circumvent C-D.
In 2002, Valve Software released Counter-Strike update 1.4, which included VAC. VAC was Valve¡¦s answer to many players' prayers, as VAC (a client-side implementation integrated into the Half-Life engine) could be enforced by the server and didn't require any special work from the players. Forcing the players to install a separate program and keep it up to date was what kept many server admins from implementing other, less integrated client-based anti-cheat tools like the failing PunkBuster or the more successful Cheating-Death.
VAC however, had another advantage. Valve was able to ban an offender from accessing any VAC server ever again with the WON ID with which they were caught. While some cheaters may have been able to acquire new WON IDs, a large percentage of the regular, disruptive cheaters were eventually removed from VAC-secured servers and had to resort to servers which did not utilize VAC. Thus cheating in the game became much less of a nuisance to regular players on VAC servers.
Valve Software released Counter-Strike 1.6 in 2003. While it was delivered on Steam exclusively, there were not many changes to the engine and many hacks for Counter-Strike 1.5 continued to work, though sometimes only partially. Valve turned off WON in mid 2004, forcing the vast majority of the players to upgrade to 1.6. Some players however exploited the opportunity to continue use 1.5 on an alternative WON network, not operated by Valve. Today, 1.6 is the CS variant with the biggest population, although a small pocket of players are sticking with 1.5 even today.
The introduction of Steam also seems to have led to problems with the development of Cheating-Death as many of the smaller and more regular Steam updates are causing C-D to have issues.
In late 2004, Counter-Strike: Source was released. The Source engine (the engine Counter-Strike: Source uses) is a lot different from the original Half-Life engine, so it has yet to be tested against the ploys of cheaters, hackers, and mischievous players to the extent that the original engine was.
VAC 1's failure
Cheating at a time required acquiring a private hack, since both VAC and Cheating-Death used to detect public cheats within a few hours. Non-publicly released cheats remained the bane of the competitions due to anti-cheat developers being unable to analyze them. The effect of such nonpublic cheats however was at least reduced to a smaller user base than publicly available cheats. Underground trading of hacks became a side-business for many cheating clans and coders.
The state of affairs degenerated to a complete disaster for Valve Software, as VAC stopped receiving updates after March/April 2004. This had the effect of making cheating rife on public servers.
The problem is further exacerbated by the No(n)-Steam/SiX-Steam exploit, which enables people to create Steam accounts at will with full access to all of Valve¡¦s titles through Valve Software¡¦s Steam software distribution platform. Because of Valve¡¦s policy regarding VAC, where cheats are not instantly banned, even when VAC2 does eventually catch up with cheats and bans their Steam account, it appears that cheaters will still be able to generate a new Steam account and resume cheating.
In January of 2005, however, Valve Software upgraded their "ticket system". Now people using a Steam exploit such as No(n)-Steam or SiX-Steam must have a legal, purchased copy of Half-Life or any of its mods on their Steam account in order to play any game. For example, a normal user could only play Counter-Strike: Source if they had it purchased and on their account. Before January 2005, anyone using a Steam exploit could play it. Now, you must have Half-Life or Half-Life 2 registered on your account in order to play it. This has reduced the number of exploiters, as most of them do not wish to risk getting their pricey account permanently revoked.
In August 2005 Valve released a new version of their VAC program, dubbed VAC2. With the introduction of VAC2 many Counter-Strike: Source servers have seen a decreased amount of cheaters. One explanation for this may be that it is easier to protect CS:S because it is Direct3D only whereas CS 1.6 uses both Direct3D and OpenGL.
The biggest change of VAC over other anti-cheats however is the delayed banning system, that gives any detected user a high, but not 100% probability to have his Steam privileges removed by the end of a several-weeks cycle, depriving the mainstream cheaters of accurate information on which cheats are currently detected and how.
The main advantage of this approach is that a large number of cheaters are rampaging public servers, unaware that they will be banned at a later date, and thus can catch more people using the specific hack before the player's are aware it is detected.
However, with the delayed ban approach, cheating player's can exploit the time given to them with further destructive behavior. Incidents often occur where cheaters get 2 or 3 legitimate accounts banned, only to cheat happily with a new one, most often times using hacks circumventing the Steam system as a whole, making VAC2 useless.
This section describes the different types of cheats available for Counter-Strike, how they operate and how to tell when they are being used. While many single hacks may differ, they are always relatively simple, these simple hacks are however often combined into so called "multihacks" which usually include an aimbot, a wallhack and other features packaged in one handy executable.
Some of these cheats are freely downloadable from a website, sometimes even advertised by the cheat in-game with or without the cheater noticing it. Other cheats are private, although often enhanced versions of public cheats, maintained to stay undetected by anti-cheats. Due to their nature, private cheats are not normally available to anti-cheat coders which makes it very hard for them to know how to detect them. Some public hacks are released but receive so little attention that they slip by the radar of anti-cheat authors and these public hacks become just as useful to cheaters as private cheats.
While many cheats are released by the authors simply to get attention or a desire to share what they've created, a common reason why public hacks are released is to have the hack gather passwords and other potentially sensitive data for the author, see also: e-mail phishing.
Examples of executable cheats
Wallhacks and ESP
Main article: Wallhack
Wallhacks ¡X Makes walls and sometimes entities translucent to allow the user to see through walls.
ESP ¡X Extrasensory Perception, or Expanded Perception, draws player¡¦s hit-boxes and information such as status, class, names, health and current weapon on the screen or makes them more audible, allowing the cheater to see through walls and pre-aim or pre-fire, which essentially means to "aim" or "shoot" before the enemy is seen on-screen.
Spiked models ¡X Long 'spikes', attached to models to make them visible through walls, allowing the presence of enemy player's on the computer of a cheater.
These are the simplest to implement since a few changes, or sometimes even bugs in the graphics cards drivers, can lead to the ability of a player to see other players through walls. XQZ offered an alternative to this: a ball floating above all players that was visible through walls, even if the players themselves were hidden. But this so called ball-hack gave the players less information, especially about the armament or the heading of enemies, and thus was not very popular. Wallhacks can even be so simple that the addition of two lines of code in an OpenGL wrapper is enough to facilitate a wallhack.
Usually, wallhack users can eventually give themselves away by acting illogically when viewed naturally, but very straightforward when observed with a wallhack. Additionally, certain effects of being able to see through walls, such as pre-aim that seems almost indistinguishable from an aimbot, can be detected server-side. Wallhacks and other similar cheats which use visual cues are impossible to hide when playing over a LAN where other players can see the cheater¡¦s monitor.