I have recently become more interested in how spoofing works for my own personal use. With a semi-thorough CS background, I have some understanding of how certain things work.
I'm trying to get some info on how different anti cheats (EAC specifically) handle network-level identification and if a 2-router setup (one normal, one OpenWRT) is actually effective.
What does EAC actually check? Does it scan ARP table to see other devices on network, or does it only use PC's MAC address? How does this compare to something like Vanguard?
How does the 2-router setup work against AC? If I put an OpenWRT router between my PC and my main ISP router, does the AC see only the second router's MAC in the ARP table? How does OpenWRT work and are there any suggestions for OpenWRT compatible routers if this is the case. My ISP Modem is the Spectrum EN2251 if that matters.
Is there an advantage to using OpenWRT/LuCI over a standard router with MAC clone?
If I'm using a temp spoofer on the PC, can an AC still bypass it to see my real network hardware?
There is just so much misinformation here its hard to distinguish what is real and what is not.
Thank you in advance for any help
I know EAC might not be the AC related to this the most, but I was just wondering how it related, if at all.
I have recently become more interested in how spoofing works for my own personal use. With a semi-thorough CS background, I have some understanding of how certain things work.
I'm trying to get some info on how different anti cheats (EAC specifically) handle network-level identification and if a 2-router setup (one normal, one OpenWRT) is actually effective.
What does EAC actually check? Does it scan ARP table to see other devices on network, or does it only use PC's MAC address? How does this compare to something like Vanguard?
How does the 2-router setup work against AC? If I put an OpenWRT router between my PC and my main ISP router, does the AC see only the second router's MAC in the ARP table? How does OpenWRT work and are there any suggestions for OpenWRT compatible routers if this is the case. My ISP Modem is the Spectrum EN2251 if that matters.
Is there an advantage to using OpenWRT/LuCI over a standard router with MAC clone?
If I'm using a temp spoofer on the PC, can an AC still bypass it to see my real network hardware?
There is just so much misinformation here its hard to distinguish what is real and what is not.
Thank you in advance for any help
I know EAC might not be the AC related to this the most, but I was just wondering how it related, if at all.
With a cs background you should already know this basic stuff, or at least have the fundamentals to read up on this yourself. NAT, ARP, and MAC addressing are pretty standard networking topics. The eac specific behavior is harder to find documented, but the underlying protocols are well covered.
There’s so much misinformation around spoofing stuff rn half the people just repeat things they heard from others without actually testing it
It is nowhere near as simple as people make it sound. I have been testing consistently since the start of 2025.
I started out as a normal customer going around the entire scene buying different spoofers and cheats, testing pretty much everything available. I even built tools to verify serials and manually checked whether things were actually spoofing to clean or realistic values. The reality was that almost nothing truly worked for me long term.
Eventually I came across Reported’s SMBIOS scripts, which pushed me into learning permanent spoofing myself. From there, I started dumping motherboard information from friends who never cheated and used those dumps while experimenting with repairing and spoofing my own motherboard.
For a while I was able to play around 100-200 hours at a time, but I still kept getting manually banned by Facepunch Studios for ban evasion.
It took until around mid March 2026 before I finally became fully undetected after completing my setup and handling every possible serial.
At this point, it is my understanding that Facepunch Studios has its own internal systems for identifying ban evaders and building profiles against repeated offenders.
If you want to be truly Undetected on EAC Rust or Apex you will have to handle every serial possible, your method of spoofing should be Undetected on Faceit/Vanguard if you want the absolute best result.
It is nowhere near as simple as people make it sound. I have been testing consistently since the start of 2025.
I started out as a normal customer going around the entire scene buying different spoofers and cheats, testing pretty much everything available. I even built tools to verify serials and manually checked whether things were actually spoofing to clean or realistic values. The reality was that almost nothing truly worked for me long term.
Eventually I came across Reported’s SMBIOS scripts, which pushed me into learning permanent spoofing myself. From there, I started dumping motherboard information from friends who never cheated and used those dumps while experimenting with repairing and spoofing my own motherboard.
For a while I was able to play around 100-200 hours at a time, but I still kept getting manually banned by Facepunch Studios for ban evasion.
It took until around mid March 2026 before I finally became fully undetected after completing my setup and handling every possible serial.
At this point, it is my understanding that Facepunch Studios has its own internal systems for identifying ban evaders and building profiles against repeated offenders.
If you want to be truly Undetected on EAC Rust or Apex you will have to handle every serial possible, your method of spoofing should be Undetected on Faceit/Vanguard if you want the absolute best result.
Months of "testing" that amounted to buying other people's tools, running other people's scripts, and dumping other people's motherboard info. If you actually want to know what's being logged instead of guessing your way through it, try reversing it yourself.
Also, Facepunch doesn't have their own hardware ID algorithm. The game collects analytics on how it's running, that's it. The ban evasion detection comes from EAC, not Facepunch. But you'd know that if you actually reversed anything instead of guessing.
This reads like a skid diary, not research.
EAC doesn't collect ARP. Half of what you guys are spoofing is way outside the range of what EAC actually collects.
Months of "testing" that amounted to buying other people's tools, running other people's scripts, and dumping other people's motherboard info. If you actually want to know what's being logged instead of guessing your way through it, try reversing it yourself.
Also, Facepunch doesn't have their own hardware ID algorithm. The game collects analytics on how it's running, that's it. The ban evasion detection comes from EAC, not Facepunch. But you'd know that if you actually reversed anything instead of guessing.
This reads like a skid diary, not research.
EAC doesn't collect ARP. Half of what you guys are spoofing is way outside the range of what EAC actually collects.
Stop being mad, solve your 3 day ban issue instead that your customers are facing. Its funny you are talking **** when you dont even know how to make a proper seed system for your hardware system. Keep using the default fallback steamid on your customers, seems to be working great for you.
Also you have no way of knowing what Facepunch does behind the scene, or what they do on their backend / server side, I was not talking about the analytics endpoint in my message.
When it comes to reversing, dont really need 2. I know how vanguard and other anticheats catch people ban evading.
If you can ban evade on those, then you can ban evade on EAC Rust / Apex.
From the looks of it, you need to go reverse EAC. Or pay someone todo it for you
Stop being mad, solve your 3 day ban issue instead that your customers are facing. Its funny you are talking shit when you dont even know how to make a proper seed system for your hardware system. Keep using the default fallback steamid on your customers, seems to be working great for you.
Also you have no way of knowing what Facepunch does behind the scene, or what they do on their backend / server side, I was not talking about the analytics endpoint in my message.
When it comes to reversing, dont really need 2. I know how vanguard and other anticheats catch people ban evading.
If you can ban evade on those, then you can ban evade on EAC Rust / Apex.
From the looks of it, you need to go reverse EAC. Or pay someone todo it for you
"Don't really need to reverse" 🤣 that is the whole problem in one sentence.
You anre assuming EAC works the same as Vanguard because you don't want to do the actual work of finding out. Different anti-cheats collect different things. Facepunch does not have their own hardware ID algorithm, the game collects analytics, that's it.
I've been reversing EAC for over a decade. I know more about what it collects than anyone and how it works than the people who join EAC nowadays. And before you try to be clever, a seeding implementation bug and understanding what EAC collects/how it works are two completely different things. One is a code issue that was identified, publicly disclosed, and fixed. The other is reverse engineering knowledge you clearly don't have.
Reverse EAC or stop pretending you know what it does.
"Don't really need to reverse" �� that is the whole problem in one sentence.
You anre assuming EAC works the same as Vanguard because you don't want to do the actual work of finding out. Different anti-cheats collect different things. Facepunch does not have their own hardware ID algorithm, the game collects analytics, that's it.
I've been reversing EAC for over a decade. I know more about what it collects than anyone and how it works than the people who join EAC nowadays. And before you try to be clever, a seeding implementation bug and understanding what EAC collects/how it works are two completely different things. One is a code issue that was identified, publicly disclosed, and fixed. The other is reverse engineering knowledge you clearly don't have.
Reverse EAC or stop pretending you know what it does.
I am allowed to play, you are not.
end of the story, my offer still stands by the way join any Facepunch server and send me your steamid and you will have a magic red text appear on your profile
People keep bringing up spoofing in Rust threads, but the HWID system and blacklist enforcement in the game are inconsistent. From my own testing, even outdated public spoofers can still function for extended periods without detection. What’s happening with bans doesn’t even look like delayed catch-up enforcement players are getting re-banned because of repeated violations or continued rule-breaking, not because of some delayed ban wave. I recently tested a spoofer from a github repo that was dead for 6 years and it also worked in which I was not suprised.
edit- should have knocked on wood this last maybe week has been hell trying to spoof into rust or any eac game with banned hardwares went through 3 paid spoofers and did everything in between. Arp cache, dns flush, new ip, tuxler full windows reset wow.
People keep bringing up spoofing in Rust threads, but the HWID system and blacklist enforcement in the game are inconsistent. From my own testing, even outdated public spoofers can still function for extended periods without detection. What’s happening with bans doesn’t even look like delayed catch-up enforcement players are getting re-banned because of repeated violations or continued rule-breaking, not because of some delayed ban wave. I recently tested a spoofer from a github repo that was dead for 6 years and it also worked in which I was not suprised.
A 6 year old public spoofer is going to light up telemetry in more ways than most people realize - allocations, missing identifiers, leaked identifiers, inconsistent hardware data, mismatched serial comparisons, etc. Lack of an immediate ban doesn't mean lack of detection. How that enforcement is handled may vary.
gone are the days they used to just ban your ssd then
Quote:
Originally Posted by !nvictus-Load
"Don't really need to reverse" 🤣 that is the whole problem in one sentence.
You anre assuming EAC works the same as Vanguard because you don't want to do the actual work of finding out. Different anti-cheats collect different things. Facepunch does not have their own hardware ID algorithm, the game collects analytics, that's it.
I've been reversing EAC for over a decade. I know more about what it collects than anyone and how it works than the people who join EAC nowadays. And before you try to be clever, a seeding implementation bug and understanding what EAC collects/how it works are two completely different things. One is a code issue that was identified, publicly disclosed, and fixed. The other is reverse engineering knowledge you clearly don't have.
Reverse EAC or stop pretending you know what it does.
I agree with what your saying but you have to admit, stumbling about in the dark constantly walking into walls, eventually your going to find the doorway.
Most people dont even know what IDA or ollydbg is either. Let alone hex or ASM. if you said jmp or pointer on this forum 95% of the people here would think you your talking about some sort of tiktok dance.
I dont think you can come on here and argue with idiots and expect an intelligent response bro. You're asking too much there.
gone are the days they used to just ban your ssd then
I agree with what your saying but you have to admit, stumbling about in the dark constantly walking into walls, eventually your going to find the doorway.
Most people dont even know what IDA or ollydbg is either. Let alone hex or ASM. if you said jmp or pointer on this forum 95% of the people here would think you your talking about some sort of tiktok dance.
I dont think you can come on here and argue with idiots and expect an intelligent response bro. You're asking too much there.
gone are the days they used to just ban your ssd then
I agree with what your saying but you have to admit, stumbling about in the dark constantly walking into walls, eventually your going to find the doorway.
Most people dont even know what IDA or ollydbg is either. Let alone hex or ASM. if you said jmp or pointer on this forum 95% of the people here would think you your talking about some sort of tiktok dance.
I dont think you can come on here and argue with idiots and expect an intelligent response bro. You're asking too much there.
I dont think he expects an intelligent answer, but i do think he expects people to listen when people with more experience is trying to educate them. However that clearly isnt the case and is just a waste of time, ive experienced that first hand.
gone are the days they used to just ban your ssd then
I agree with what your saying but you have to admit, stumbling about in the dark constantly walking into walls, eventually your going to find the doorway.
Most people dont even know what IDA or ollydbg is either. Let alone hex or ASM. if you said jmp or pointer on this forum 95% of the people here would think you your talking about some sort of tiktok dance.
I dont think you can come on here and argue with idiots and expect an intelligent response bro. You're asking too much there.
I do know what IDA and OllyDbg is. I am not the best at reverse engineering, I mostly use them for basic assembly edits on non protected MOBA game clients.
Comparing that to deobfuscating a full anticheat is not a fair comparison at all. There is a massive gap between NOP or JMP a simple function in a game with no real protection versus actually reversing a kernel level anticheat that is fighting back against debuggers.
I do however have a lot of friends and I've been cheating since 2021 on EAC Rust, I have seen deobfuscated dumps of EAC hwid packet but their network level packet that gets sent on game start / server connect is not the only thing EAC is currently doing.
Quote:
Originally Posted by SauceMachine
I dont think he expects an intelligent answer, but i do think he expects people to listen when people with more experience is trying to educate them. However that clearly isnt the case and is just a waste of time, ive experienced that first hand.
You both are detected and none of you know currently what is causing it, how much did your intelligence help you with being down for the past 4-6 months?
[Selling] ⭐CARBON | PERMANENT SPOOFER | TOURNAMENTS | ARP + DISK BAN BYPASS | EAC/BE/VGK⭐ 04/01/2026 - Valorant Trading - 3 Replies Discord:https://join.carbonspoofer.lol/
Website:https://carbonspoofer.lol/
Tired of HWID bans keeping you out of Valorant?
Carbon Spoofer is the ultimate solution for bypassing Vanguard bans without replacing any hardware.
https://i.imgur.com/kwPouxW.png
What We Spoof:
✔️ Disk Drive Serial
✔️ SMBIOS / Motherboard
✔️ GPU
[Selling] ⭐CARBON | PERMANENT SPOOFER | TOURNAMENTS | ARP + DISK BAN BYPASS | EAC/BE/VGK⭐ 03/22/2026 - Call of Duty Trading - 1 Replies Bypassing a COD HWID Ban – The Ultimate Solution!
Are you tired of being locked out of COD due to the dreaded VPN kick error or a possible HWID ban? You’re not alone—but don’t worry, we’ve got the perfect solution for you!
Discord:https://join.carbonspoofer.lol/
Website:https://carbonspoofer.lol/
https://i.imgur.com/kwPouxW.png
A hardware ID ban is one of the toughest restrictions to bypass, but you have two options:
150$ for someone to show me how to spoof arp table 04/27/2024 - Valorant Trading - 0 Replies 150$ for someone to show me how to spoof arp table
I heard it will remove the tpm+sb error on valorant dm me on epvp
Can pay in ltc
