Skip to content

Ape-xCV/Nika-Read-Only

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,622 Commits
r5dumper
r5dumper
 
 
CRU.jpg
CRU.jpg
 
 
GLFW.kwinrule
GLFW.kwinrule
 
 
README.md
README.md
 
 
Screenshot.jpg
Screenshot.jpg
 
 
amd616.mypatch
amd616.mypatch
 
 
autologin.sh
autologin.sh
 
 
dummy.conf
dummy.conf
 
 
dummy1080p.conf
dummy1080p.conf
 
 
edk2patch.sh
edk2patch.sh
 
 
headless.sh
headless.sh
 
 
intel616.mypatch
intel616.mypatch
 
 
items.ini
items.ini
 
 
kernelpatch616.sh
kernelpatch616.sh
 
 
keys.txt
keys.txt
 
 
libmemflow_kvm.so
libmemflow_kvm.so
 
 
libmemflow_qemu.so
libmemflow_qemu.so
 
 
libmemflow_win32.so
libmemflow_win32.so
 
 
nika
nika
 
 
nika.ini
nika.ini
 
 
offsets.ini
offsets.ini
 
 
qemupatch.sh
qemupatch.sh
 
 
splash.bmp
splash.bmp
 
 
ssdt1.dsl
ssdt1.dsl
 
 
ssdt2.dsl
ssdt2.dsl
 
 
virtio.cmd
virtio.cmd
 
 
weapons.ini
weapons.ini
 
 

Repository files navigation

Nika Read Only

  • Say No! to officially endorsed cheating.

    • Say No! to controller aim assist.

  • As of Season 23, for QEMU/KVM (formerly for Proton).

+----------+    +----------+    +------------+    +--------------+
| Linux PC | -> | QEMU/KVM | -> | Windows VM | -> | Apex Legends |
+----------+    +----------+    +------------+    +--------------+

Introduction

  • The goal of this project is to have a working Linux cheat that can run alongside Apex Legends on my i5-6600K 4c/4t Linux PC.

Screenshot.jpg

Popular games tested (patched QEMU/KVM + i5-6600K)

  • Apex Legends (Easy Anti-Cheat)
  • PUBG (BattlEye)
  • Call of Duty: Black Ops 7 | Warzone S01 (RICOCHET Anti-Cheat + TPM 2.0 + Secure Boot)

Features

  • 100% VMAware v2.6.0 undetected with AMD (host-passthrough) or Intel (select IvyBridge configuration)
  • Stable CR3 shuffle for Windows 10 20H1 with KB4598291
  • Overlay based ESP for players and items
  • Press 5 / 6 / 7 / 8 / 9 / 0 to cycle LIGHT / ENERGY / SHOTGUN / HEAVY / SNIPER / GEAR items
  • Map radar
  • Spectators list
  • Humanized aimbot
  • Inside FOV circle, hold RMB (Right Mouse Button) to aimbot skynade (even behind cover)
  • Hold SHIFT to triggerbot fire or show ITEM / PLAYER names
  • Toggle aimbot with CURSOR_LEFT; "<" symbol in the upper left corner of the screen
  • Toggle ADS locking with CURSOR_RIGHT; ">" symbol in the upper left corner of the screen
  • Toggle crosshair triggerbot with CURSOR_UP; "^" symbol in the upper left corner of the screen
  • Toggle hitbox with CURSOR_DOWN; body / neck / head / none text in the upper left corner of the screen
  • Press F6 to dump r5apex, F7 to update offsets
  • Press F9 twice to terminate cheat

0. Disclaimer

  • If you skip any detail, enjoy your ban.

1a. Standard dual GPU: iGPU (for Linux) + dGPU (for Windows)

  • Note for Fedora 43 KDE set up:
    • Avoid release 43.
    • Install Fedora 42 KDE from: Fedora website.
    • Disconnect from Internet before installing and avoid updating after.
    • Disconnect cable from dGPU before installing.
    • Without this your taskbar is assigned to your dGPU, which should never happen.

1b. Alternative single GPU: VNC (for Linux) + dGPU (for Windows)

  • You can use VNC if you don't have iGPU:

    • Install Fedora 42 MATE from: Fedora website.
    • Disconnect from Internet before installing and avoid updating after.

  • Install headless VNC and switch to terminal mode:

sudo dnf install xorg-x11-drv-dummy x11vnc mingetty
sudo firewall-cmd --permanent --add-service=vnc-server
sudo systemctl set-default multi-user.target
  • Download dummy.conf / headless.sh / autologin.sh to ~/Downloads and install:
cd ~/Downloads
sudo cp dummy.conf /etc/X11/.
#sudo cp headless.sh /etc/profile.d/.
chmod +x autologin.sh
./autologin.sh
  • WiFi from command line:
nmcli radio wifi on
nmcli device wifi connect <SSID> --ask
  • Take note of host local IP for VNC connection:
ip addr
  • Restart from command line:
sudo reboot now
  • Start X on local hardware (for VM with virtual VGA):
startx
  • Start X over headless VNC (for VM with passthrough GPU):
cd ~/Downloads
chmod +x headless.sh
./headless.sh
  • Use VNC from smartphone, tablet, or laptop to connect.

1.1. Configure libvirt

Install on Fedora Linux (Fedora 42 KDE): 
sudo dnf install @virtualization
Install on Debian Linux (Debian 13 KDE): 
sudo apt update
sudo apt install virt-manager
  • Edit /etc/libvirt/qemu.conf and uncomment (needed for audio):
#user = "libvirt-qemu"
user = "1000"
  • Edit /etc/libvirt/libvirtd.conf and uncomment:
unix_sock_group = "libvirt"
unix_sock_rw_perms = "0770"
  • Join libvirt group and enable libvirt daemon:
test $UID = 0 && exit
sudo usermod -aG libvirt $USER
sudo systemctl enable libvirtd.service
Permanently disable `SELinux` on Fedora Linux: 
sudo nano /etc/selinux/config

#SELINUX=enforcing
SELINUX=disabled
Permanently disable `AppArmor` on Debian Linux: 
sudo systemctl stop apparmor
sudo systemctl disable apparmor

  • Restart Linux PC.

  • Virtual Machine Manager >> Edit >> Preferences >> General >> check [x] Enable XML editing >> [Close]

  • Virtual Machine Manager >> Edit >> Preferences >> New VM >> Storage format: Raw >> [Close]

  • Edit default virtual network:

sudo -E virsh net-edit default

<network>
  <name>default</name>
  <uuid>01234567-89ab-cdef-0123-456789abcdef</uuid>
  <forward mode='nat'/>
  <bridge name='virbr0' stp='on' delay='0'/>
  <mac address='XX:XX:XX:XX:XX:XX'/>
  <ip address='192.168.xxx.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.xxx.2' end='192.168.xxx.254'/>
    </dhcp>
  </ip>
</network>
  • Restart default virtual network:
sudo virsh net-destroy default
sudo virsh net-start default
sudo virsh net-autostart default

2. New VM set up in QEMU/KVM

  • Virtual Machine Manager >> File >> New Virtual Machine

  • Local install media (ISO image or CDROM) >> Windows10.iso >> Choose Memory and CPU settings >> uncheck [ ] Enable storage for this virtual machine >> check [x] Customize configuration before install >> [Finish]

    • Overview >> Chipset: Q35, Firmware: OVMF_CODE_4M.secboot >> [Apply]
    • [Add Hardware] >> Storage >> Device type: Disk device >> Bus type: SATA >> Create a disk image for the virtual machine: 240 GiB >> Advanced options >> Serial: generate_your_serial >> Cache mode: none >> Discard mode: ignore >> [Finish]
    • [Begin Installation] >> Virtual Machine >> Shut Down >> Force Off

  • [Add Hardware] >> TPM >> Type: Emulated >> Model: CRB >> Version: 2.0 >> [Finish]

  • Virtual Machine Manager >> [Open] >> View >> Details >> Video QXL >> Model: VGA >> [Apply]

  • Virtual Machine Manager >> [Open] >> View >> Details >> NIC :xx:xx:xx >> XML

  • Generate your MAC (UAA) to replace <mac address="52:54:00:xx:xx:xx"/> and [Apply]:

    Spoiler 
    <mac address="xx:xx:xx:xx:xx:xx"/>

2.1. Configure VM

  • Virtual Machine Manager >> [Open] >> View >> Details >> Overview >> XML

  • Replace <domain type="kvm"> and [Apply]:

    Spoiler (do NOT use this example, instead modify it with your own SMBIOS data; sudo dmidecode) 
    <domain type="kvm" xmlns:qemu="http://libvirt.org/schemas/domain/qemu/1.0">
  <qemu:commandline>
    <qemu:arg value="-smbios"/>
    <qemu:arg value="type=1,manufacturer=HP,product=HP Laptop 14s-dq2xxx,version=23.41,serial=D3E4F56789"/>
    <qemu:arg value="-smbios"/>
    <qemu:arg value="type=2,manufacturer=HP,product=87FD,version=34.12,serial=B1C2D3E4F56789"/>
    <qemu:arg value="-smbios"/>
    <qemu:arg value="type=3,manufacturer=HP,version=23.41,serial=D3E4F56789"/>
    <qemu:arg value="-smbios"/>
    <qemu:arg value="type=4,sock_pfx=U3E1,manufacturer=Intel(R) Corporation,version=11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz,max-speed=4200,current-speed=2400"/>
    <qemu:arg value="-smbios"/>
    <qemu:arg value="type=17,manufacturer=Samsung,part=M471A5244CB0-CWE,speed=3200,serial=D3E4F5"/>
    <qemu:arg value="-smbios"/>
    <qemu:arg value="type=8,internal_reference=J1A1,external_reference=Keyboard,connector_type=0x0F,port_type=0x0D"/>
    <qemu:arg value="-smbios"/>
    <qemu:arg value="type=8,internal_reference=J1A1,external_reference=Mouse,connector_type=0x0F,port_type=0x0E"/>
    <qemu:arg value="-smbios"/>
    <qemu:arg value="type=9,slot_designation=J6C1,slot_type=0xAA,slot_data_bus_width=0x0D,current_usage=0x04,slot_length=0x04,slot_id=0x01,slot_characteristics1=0x04,slot_characteristics2=0x03"/>
  </qemu:commandline>

  • Replace </metadata> and [Apply]:

    Spoiler 
      <vmware xmlns="http://www.vmware.com/schema/vmware.config">
    <config>
      <entry name="hypervisor.cpuid.v0" value="FALSE"/>
    </config>
  </vmware>
</metadata>

  • Replace from <memory unit="KiB">4194304</memory> to <vcpu placement="static">2</vcpu> and [Apply]:

    Spoiler (use a commercial memory size like 8, 16, or 24 GiB; vcpu example for 8 threads host CPU) 
    <memory unit="GiB">24</memory>
<currentMemory unit="GiB">24</currentMemory>
<vcpu placement="static">8</vcpu>

  • Replace from <features> to </clock> and [Apply]:

    Spoiler (example for 4 cores 8 threads host CPU) 
    <features>
  <acpi/>
  <apic/>
  <hyperv mode="custom">
    <relaxed state="off"/>
    <vapic state="off"/>
    <spinlocks state="off"/>
    <vpindex state="off"/>
    <runtime state="off"/>
    <synic state="off"/>
    <stimer state="off"/>
    <reset state="off"/>
    <vendor_id state="off"/>
    <frequencies state="off"/>
    <reenlightenment state="off"/>
    <tlbflush state="off"/>
    <ipi state="off"/>
    <evmcs state="off"/>
    <avic state="off"/>
  </hyperv>
  <kvm>
    <hidden state="on"/>
  </kvm>
  <ioapic driver="kvm"/>
  <msrs unknown="fault"/>
  <pmu state="on"/>
  <smm state="on"/>
  <vmport state="off"/>
  <ps2 state="on"/>
</features>
<cpu mode="host-passthrough" check="none" migratable="off">
  <topology sockets="1" cores="4" threads="2"/>
  <cache mode="passthrough"/>
  <feature policy="disable" name="hypervisor"/>
  <feature policy="require" name="svm"/>
  <feature policy="require" name="vmx"/>
  <feature policy="disable" name="x2apic"/>
  <feature policy="require" name="topoext"/>
</cpu>
<clock offset="localtime">
  <timer name="tsc" present="yes" tickpolicy="discard" mode="native"/>
  <timer name="hpet" present="yes"/>
  <timer name="rtc" present="yes"/>
  <timer name="pit" present="yes"/>
  <timer name="kvmclock" present="no"/>
  <timer name="hypervclock" present="no"/>
</clock>

  • Replace from <memballoon model="virtio"> to </memballoon> and [Apply]:

    Spoiler 
    <memballoon model="none"/>

  • Replace <audio id="1" type="spice"/> and [Apply]:

    Spoiler (for pipewire sound, not required) 
    <audio id="1" type="pipewire" runtimeDir="/run/user/1000">
  <input name="qemuinput"/>
  <output name="qemuoutput"/>
</audio>

  • Virtual Machine Manager >> [Open] >> View >> Details >> Tablet >> [Remove]

  • Virtual Machine Manager >> [Open] >> View >> Details >> Serial 1 >> [Remove]

  • Virtual Machine Manager >> [Open] >> View >> Details >> Channel (spice) >> [Remove]

  • Virtual Machine Manager >> [Open] >> View >> Details >> Controller VirtIO Serial 0 >> [Remove]

2.2. Remove excess PCI

  • Virtual Machine Manager >> [Open] >> View >> Details >> Overview >> XML

  • Remove:

    <controller type="pci" index="5" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="5" port="0x14"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x4"/>
    </controller>
    <controller type="pci" index="6" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="6" port="0x15"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x5"/>
    </controller>
    <controller type="pci" index="7" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="7" port="0x16"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x6"/>
    </controller>
    <controller type="pci" index="8" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="8" port="0x17"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x7"/>
    </controller>
    <controller type="pci" index="9" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="9" port="0x18"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x03" function="0x0" multifunction="on"/>
    </controller>
    <controller type="pci" index="10" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="10" port="0x19"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x03" function="0x1"/>
    </controller>
    <controller type="pci" index="11" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="11" port="0x1a"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x03" function="0x2"/>
    </controller>
    <controller type="pci" index="12" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="12" port="0x1b"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x03" function="0x3"/>
    </controller>
    <controller type="pci" index="13" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="13" port="0x1c"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x03" function="0x4"/>
    </controller>
    <controller type="pci" index="14" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="14" port="0x1d"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x03" function="0x5"/>
    </controller>

3. Environment set up in Linux

  • Enter BIOS and enable Virtualization Technology:

    • VT-d for Intel (VMX).
    • AMD-Vi for AMD (SVM).
    • Enable "IOMMU".
    • Disable "Above 4G Decoding".

  • Nested Virtualization for Intel:

sudo su
echo "options kvm_intel nested=0" > /etc/modprobe.d/kvm.conf
echo "options kvm ignore_msrs=1" >> /etc/modprobe.d/kvm.conf
  • Nested Virtualization for AMD:
sudo su
echo "options kvm_amd nested=0" > /etc/modprobe.d/kvm.conf
echo "options kvm ignore_msrs=1" >> /etc/modprobe.d/kvm.conf
  • Preload vfio-pci module so it can bind to PCI IDs:
sudo su
echo "softdep radeon pre: vfio-pci" >> /etc/modprobe.d/kvm.conf
echo "softdep amdgpu pre: vfio-pci" >> /etc/modprobe.d/kvm.conf
echo "softdep nouveau pre: vfio-pci" >> /etc/modprobe.d/kvm.conf
echo "softdep nvidia pre: vfio-pci" >> /etc/modprobe.d/kvm.conf
  • Update initramfs:
<Fedora> sudo dracut --force
<Debian> sudo update-initramfs -c -k $(uname -r)

3.1. VFIO GPU passthrough (on Linux PC)

  • Find GPU location with: lspci -v | grep -i VGA
00:02.0 VGA compatible controller: Intel Corporation HD Graphics 530 (rev 06) (prog-if 00 [VGA controller])
02:00.0 VGA compatible controller: NVIDIA Corporation TU106 [GeForce RTX 2070] (rev a1) (prog-if 00 [VGA controller])
  • GeForce RTX 2070 has 4 PCI IDs: lspci -v | grep -i NVIDIA
02:00.0 VGA compatible controller: NVIDIA Corporation TU106 [GeForce RTX 2070] (rev a1) (prog-if 00 [VGA controller])
        Subsystem: NVIDIA Corporation TU106 [GeForce RTX 2070]
02:00.1 Audio device: NVIDIA Corporation TU106 High Definition Audio Controller (rev a1)
        Subsystem: NVIDIA Corporation Device 1f02
02:00.2 USB controller: NVIDIA Corporation TU106 USB 3.1 Host Controller (rev a1) (prog-if 30 [XHCI])
        Subsystem: NVIDIA Corporation Device 1f02
02:00.3 Serial bus controller: NVIDIA Corporation TU106 USB Type-C UCSI Controller (rev a1)
        Subsystem: NVIDIA Corporation Device 1f02
  • Find PCI IDs with: lspci -n -s 02:00
02:00.0 0300: 10de:1f02 (rev a1)
02:00.1 0403: 10de:10f9 (rev a1)
02:00.2 0c03: 10de:1ada (rev a1)
02:00.3 0c80: 10de:1adb (rev a1)
  • Edit /etc/default/grub, use either intel_iommu=on or amd_iommu=on:
GRUB_CMDLINE_LINUX="nofb vfio-pci.ids=10de:1f02,10de:10f9,10de:1ada,10de:1adb split_lock_detect=off intel_iommu=on iommu=pt"

  • For single GPU vfio-pci.ids is actually not required as the host is in terminal mode.

    • You can switch TTY with CTRL+ALT+F2 / CTRL+ALT+F3 / ... while the VM is not running.

  • Update GRUB and restart Linux PC:

<Fedora> sudo grub2-mkconfig -o /boot/grub2/grub.cfg
<Debian> sudo grub-mkconfig -o /boot/grub/grub.cfg
  • Inspect kernel driver in use with: lspci -k -s 02:00
02:00.0 VGA compatible controller: NVIDIA Corporation TU106 [GeForce RTX 2070] (rev a1)
        Subsystem: NVIDIA Corporation TU106 [GeForce RTX 2070]
        Kernel driver in use: vfio-pci
        Kernel modules: nouveau
02:00.1 Audio device: NVIDIA Corporation TU106 High Definition Audio Controller (rev a1)
        Subsystem: NVIDIA Corporation Device 1f02
        Kernel driver in use: vfio-pci
        Kernel modules: snd_hda_intel
02:00.2 USB controller: NVIDIA Corporation TU106 USB 3.1 Host Controller (rev a1)
        Subsystem: NVIDIA Corporation Device 1f02
        Kernel driver in use: xhci_hcd
02:00.3 Serial bus controller: NVIDIA Corporation TU106 USB Type-C UCSI Controller (rev a1)
        Subsystem: NVIDIA Corporation Device 1f02
        Kernel driver in use: vfio-pci
        Kernel modules: i2c_nvidia_gpu
  • Not loaded as a module, xhci_hcd will be managed by libvirt.

3.2. Add passthrough GPU devices to Windows VM

  • Start VM and install Windows.

    • For single GPU switch to VNC after Windows install.

  • Virtual Machine Manager >> [Open] >> View >> Details >> [Add Hardware] >> PCI Host Device:

    • 02:00.0 NVIDIA Corporation TU106 [GeForce RTX 2070] >> [Finish]
    • 02:00.1 NVIDIA Corporation TU106 High Definition Audio Controller >> [Finish]
    • 02:00.2 NVIDIA Corporation TU106 USB 3.1 Host Controller >> [Finish]
    • 02:00.3 NVIDIA Corporation TU106 USB Type-C UCSI Controller >> [Finish]

  • Install GPU drivers on Windows VM.

  • Set shader cache size to 10 GiB with Nvidia Control Panel.

4. Configure evdev passthrough (on Linux PC)

  • Find your mouse and keyboard with:
ls -l /dev/input/by-id/

usb-COMPANY_USB_Device-event-if02 -> ../event7
usb-COMPANY_USB_Device-event-kbd -> ../event4
usb-COMPANY_USB_Device-if01-event-mouse -> ../event5
usb-COMPANY_USB_Device-if01-mouse -> ../mouse0
usb-COMPANY_USB_Device-if02-event-kbd -> ../event6
usb-SONiX_USB_DEVICE-event-if01 -> ../event9
usb-SONiX_USB_DEVICE-event-kbd -> ../event8

  • By symlink ../mouse0 you find that usb-COMPANY_USB_Device is your mouse.

  • You are looking for event-mouse and event-kbd:

    • usb-COMPANY_USB_Device-if01-event-mouse -> ../event5 is your mouse.
    • usb-SONiX_USB_DEVICE-event-kbd -> ../event8 is your keyboard.

  • Edit /etc/libvirt/qemu.conf and uncomment:

cgroup_device_acl = [
        "/dev/null", "/dev/full", "/dev/zero",
        "/dev/random", "/dev/urandom",
        "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
        "/dev/rtc", "/dev/hpet",
        "/dev/input/by-id/usb-COMPANY_USB_Device-if01-event-mouse",
        "/dev/input/by-id/usb-SONiX_USB_DEVICE-event-kbd",
        "/dev/input/event0",
        "/dev/input/event1",
        "/dev/input/event2",
        "/dev/input/event3",
        "/dev/input/event4",
        "/dev/input/event5",
        "/dev/input/event6",
        "/dev/input/event7",
        "/dev/input/event8",
        "/dev/input/event9",
        "/dev/userfaultfd"
]

  • Include cgroup_device_acl as above, replacing event-kbd, event-mouse, and the path to each symlink /dev/input/eventX.

  • Restart libvirtd:

sudo systemctl restart libvirtd
  • Toggle input with LEFT_CTRL + RIGHT_CTRL when needed.

4.1. Configure VM

  • Virtual Machine Manager >> [Open] >> View >> Details >> Overview >> XML

  • Replace </qemu:commandline> and [Apply]:

    Spoiler 
      <qemu:arg value="-object"/>
  <qemu:arg value="input-linux,id=kbd1,evdev=/dev/input/by-id/usb-SONiX_USB_DEVICE-event-kbd,grab_all=on,repeat=on"/>
  <qemu:arg value="-object"/>
  <qemu:arg value="input-linux,id=mouse1,evdev=/dev/input/by-id/usb-COMPANY_USB_Device-if01-event-mouse"/>
</qemu:commandline>

  • Join input group:

test $UID = 0 && exit
sudo usermod -aG input $USER
  • Restart Linux PC.

5. Usage

  • For KDE window settings:

    • System Settings >> Window Management >> Window Rules >> Import... >> GLFW.kwinrule
    • Also check; System Settings >> Display & Monitor >> Scale: 100%

  • For MATE taskbar settings:

    • Top taskbar >> Right-click >> Add to Panel... >> Window List >> [Add] >> [Close]
    • Bottom taskbar >> Delete This Panel
    • Top taskbar >> Properties >> Orientation: Bottom >> check [x] Show hide buttons >> [Close]

  • Virtual Machine Manager >> [Open] >> View >> Details >> Video VGA >> Model: None >> [Apply]

  • You will be using video output from passthrough GPU instead of VGA virtual GPU.

Method Latency ESP Cons
Cable 0 ms Glow Overlay on 2nd monitor
Capture card 30-300 ms Overlay+Glow Investment for faster device
Steam Remote Play 10 ms Overlay+Glow Encoded video

5.1. Cable

  • Plug monitor into passthrough GPU.

5.2. Capture card

Install `gstreamer1.0-tools` on Debian Linux: 
sudo apt install gstreamer1.0-tools

  • Plug capture card into passthrough GPU.

  • Open capture card raw feed with:

gst-launch-1.0 -v v4l2src device=/dev/video0 ! video/x-raw,width=1920,height=1080,framerate=60/1 ! videoconvert ! autovideosink

5.3. Steam Remote Play

  • Take note of guest local IP:
C:\>ipconfig

Windows IP Configuration


Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   IPv4 Address. . . . . . . . . . . : 192.168.122.221
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.122.1

C:\>
Install `Steam` on Fedora Linux: 
sudo dnf install https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
sudo dnf install steam
  • Start Steam on host with:
steam -console

  • Steam >> Console >> connect_remote 192.168.122.221:27036 >> [KEY_ENTER]

    • You need to manually specify guest local IP for direct connection.
    • This will lower stream delay to 10 ms.

  • Steam >> Settings >> Remote Play >> Computers & Devices >> DESKTOP-XXXXXX >> [Connect]

Hardware decoder with Intel Skylake and newer: 
sudo dnf install intel-media-driver
Hardware decoder with AMD: 
sudo dnf install https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
sudo dnf swap mesa-va-drivers mesa-va-drivers-freeworld
sudo dnf swap mesa-vdpau-drivers mesa-vdpau-drivers-freeworld
Hardware decoder with Nvidia: 
sudo dnf install nvidia-vaapi-driver
Hardware decoder with Firefox: 
sudo dnf install https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
sudo dnf install ffmpeg --allowerasing

6. Nika Read Only (on Linux PC)

  • Install:
cd path/to/extracted/repository
chmod +x nika
  • Run:
cd path/to/extracted/repository
sudo -E ./nika

7. Spoof QEMU (mandatory)

  • This script is based on: Scrut1ny/Hypervisor-Phantom.

    Build on Fedora 42: 
    sudo dnf install acpica-tools bzip2-devel gcc git glib2-devel libfdt-devel libusb1-devel libuuid-devel ninja-build pipewire-devel pixman-devel SDL2_image-devel spice-server-devel usbredir-devel zlib-ng-compat-devel
    Build on Debian 13: 
    sudo apt install acpica-tools
sudo apt build-dep qemu

  • Edit qemupatch.sh, use your own lspci -nn data:

lspci -nn

00:1f.0 ISA bridge [0601]: Intel Corporation Tiger Lake-LP LPC Controller [8086:a082] (rev 20)
00:1f.4 SMBus [0c05]: Intel Corporation Tiger Lake-LP SMBus Controller [8086:a0a3] (rev 20)
00:1f.3 Multimedia audio controller [0401]: Intel Corporation Tiger Lake-LP Smart Sound Technology Audio Controller [8086:a0c8] (rev 20)
02:00.0 Non-Volatile memory controller [0108]: Intel Corporation SSD 660P Series [8086:f1a8] (rev 03)
00:1c.0 PCI bridge [0604]: Intel Corporation Tiger Lake-LP PCI Express Root Port #8 [8086:a0bf] (rev 20)
00:14.0 USB controller [0c03]: Intel Corporation Tiger Lake-LP USB 3.2 Gen 2x1 xHCI Host Controller [8086:a0ed] (rev 20)
00:00.0 Host bridge [0600]: Intel Corporation Tiger Lake-UP3/H35 4 cores Host Bridge/DRAM Registers [8086:9a14] (rev 01)


lpc_8086="a082"         # Tiger Lake-LP LPC Controller
smbus_8086="a0a3"       # Tiger Lake-LP SMBus Controller
hdaudio_8086="a0c8"     # Tiger Lake-LP Smart Sound Technology Audio Controller
hdaname_8086="Tiger Lake-LP Smart Sound Technology Audio Controller"
sata_8086="f1a8"        # SSD 660P Series
rootport_8086="a0bf"    # Tiger Lake-LP PCI Express Root Port #8
xhci_8086="a0ed"        # Tiger Lake-LP USB 3.2 Gen 2x1 xHCI Host Controller
hostbridge_8086="9a14"  # 11th Gen Core Processor Host Bridge/DRAM Registers

  • Run qemupatch.sh to clone, patch, and build QEMU with generated data.

  • Virtual Machine Manager >> [Open] >> View >> Details >> Overview >> XML

  • Make sure that pc-q35-9.2 is specified in your XML:

<type arch="x86_64" machine="pc-q35-9.2">hvm</type>

  • Replace from <pm> to </emulator> and [Apply]:

    Spoiler 
    <pm>
  <suspend-to-mem enabled="yes"/>
  <suspend-to-disk enabled="no"/>
</pm>
<devices>
  <emulator>/usr/local/bin/qemu-system-x86_64</emulator>

  • Replace </qemu:commandline> and [Apply]:

    Spoiler 
      <qemu:arg value="-acpitable"/>
  <qemu:arg value="file=/usr/local/bin/ssdt1.aml"/>
  <qemu:arg value="-acpitable"/>
  <qemu:arg value="file=/usr/local/bin/ssdt2.aml"/>
</qemu:commandline>

7.1. Spoof OVMF (mandatory)

  • This script is based on: Scrut1ny/Hypervisor-Phantom.

    Build on Fedora Linux: 
    sudo dnf install g++ nasm python3-virt-firmware
    Build on Debian Linux: 
    sudo apt install g++ nasm python3-virt-firmware

  • Run edk2patch.sh to clone, patch, and build OVMF with generated data.

  • Virtual Machine Manager >> [Open] >> View >> Details >> Overview >> XML

  • Replace from <os firmware="efi"> to </os> and [Apply]:

    Spoiler 
    <os>
  <type arch="x86_64" machine="pc-q35-9.2">hvm</type>
  <loader readonly="yes" secure="yes" type="pflash" format="qcow2">/usr/share/edk2/ovmf/OVMF_CODE_4M.patched.qcow2</loader>
  <nvram format="qcow2">/usr/share/edk2/ovmf/OVMF_VARS_4M.patched.qcow2</nvram>
  <bootmenu enable="yes"/>
</os>

7.2. Install virtio ethernet (mandatory)

  • Download virtio-win.iso from: fedorapeople.org.

  • [Add Hardware] >> Storage >> Device type: CDROM device >> Manage... >> Browse Local >> virtio-win.iso >> [Finish]

  • Download virtio.cmd to network folder in Desktop (on Windows VM).

  • Run virtio.cmd, it will copy necessary files from CDROM device.

  • Virtual Machine Manager >> [Open] >> View >> Details >> NIC :xx:xx:xx >> Device model: virtio >> [Apply]

  • Restart VM.

  • Install virtio ethernet from network folder (use Device Manager).

  • Open an Administrator Command Prompt, disable testsigning, then restart:

bcdedit /set testsigning off

7.3. Build custom Linux kernel (not required, memflow-kvm incompatible)

Build on Fedora Linux: 
sudo dnf install util-linux-script
  • Run kernelpatch.sh to clone, patch, and build custom Linux kernel.

7.4. memflow-kvm (memflow-qemu alternative, memflow-win32 error)

  • Edit /etc/default/grub, add ibt=off:
GRUB_CMDLINE_LINUX="ibt=off ..."
  • Update GRUB and restart Linux PC:
<Fedora> sudo grub2-mkconfig -o /boot/grub2/grub.cfg
<Debian> sudo grub-mkconfig -o /boot/grub/grub.cfg
Install dkms on Fedora Linux: 
sudo dnf install kernel-devel-$(uname -r)
sudo dnf install kernel-devel-matched-$(uname -r)
sudo dnf install dkms
Install dkms on Debian Linux: 
sudo apt install linux-headers-amd64=6.12.38-1
sudo apt install dkms

sudo dkms install --archive=memflow-0.2.1-source-only.dkms.tar.gz
  • Run:
sudo modprobe memflow
cd path/to/extracted/repository
sudo -E ./nika

7.5. Spoof EDID

  • Pinnacle of HWID ban (EAC case).
Ban # Public IP Router MAC Monitor 1 Monitor 2
1 Flagged Flagged Flagged
2 Flagged Flagged Banned
3 Flagged Flagged Flagged
4 Flagged Banned Banned

  • Download CRU from: CRU thread.

  • Backup original EDID (1).

  • Modify current EDID (2).

  • Apply modified EDID (3).

  • Save modified EDID (1).

CRU.jpg

Capture Card Dummy Plug
Game Capture HD60 S+ Fueran HDMI-2K-1P (NA)
Game Capture HD60 X Fueran HDMI-2K-1P (EU)
Game Capture 4K60 Pro
Game Capture 4K60 Pro MK.2
Game Capture 4K60 S+
Game Capture 4K X
Game Capture 4K Pro

7.6. Spoof GPU (tested from 51x to 57x)

  • Disable ROM BAR for each PCI Host Device:

    • Virtual Machine Manager >> [Open] >> View >> Details >> PCI 0000:xx:xx.x >> ROM BAR: [ ] uncheck >> [Apply]

  • Check old UUID with nvidia-smi -L.

  • Run the cheat BEFORE the game at least once.

  • Check new UUID with nvidia-smi -L.

8. Spoof network (not required, ignore this)

  • This step is a journey on it's own. Initially you should skip it, but return later when you feel prepared.

  • You should set another router between your machine and your ISP router.

  • Most routers allow you to change (clone) WAN and WLAN network identifier (MAC address), yet what you need to periodically change is LAN network identifier, because that is what will be in your ARP table (arp -a) and what is collected for identification.

  • Educate yourself about DD-WRT or OpenWRT, and then shop locally for a compatible router:

    • Shop locally as you will be looking at the product tag for brand, model, and specially version.
    • Updating will be as simple as selecting factory-to-ddwrt.bin file in your router update page, for that specific brand+model+version.

  • For DD-WRT go to: Administration >> Management >> Remote Access >> Telnet Management >> check [x] Enable >> [Save] >> [Reboot Router]

  • Telnet to your router, authenticate and enter:

nvram set lan_hwaddr=XX:XX:XX:XX:XX:XX (set LAN new MAC address)
nvram get lan_hwaddr
nvram commit
reboot

  • For DD-WRT go to: Setup >> MAC Address Clone >> check [x] Enable >> [Save]

    • Clone WAN MAC (set WAN new MAC address)
    • Clone Wireless MAC (set Wireless new MAC address)
    • [Save]

  • For DD-WRT go to: Administration >> Management >> [Reboot Router]

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

88 stars

Watchers

6 watching

Forks

35 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages