- Joined
- January 25, 2017
- Messages
- 1,196
- Points
- 202
- Age
- 23
These are some basic steps regarding a "Screenshare".
I am only going to go over ONLY and ONLY the basic tips and tricks to do a screenshare.
First things first, screensharing is a method in which a user looks into another user's operating system to detect "Cheats".
Now, cheats can be anything, Autoclickers, Hacked clients, hidden Ghost Clients, Vape etc etc.
What to use while screensharing?
Anything CAN work while screensharing someone but I would not recommend using Discord as it's extremely laggy and has a terrible frame rate + quality.
I would only recommend AnyDesk screenshare as in that software, you can have mouse-control and the quality is decent to record etc.
1) If you want to find the EASIEST way to check if they've used clients or not, just go to their .minecraft folder (To be found in %appdata% folder in search bar) and open up screenshots because some people are really dumb to screenshot several things they might go over WHILE having their Hacked Client GUI on.
2) Check the usual things. - If they have a random name for their Minecraft. Usual name : http://prntscr.com/nnh3mv Un-usual name (Ghost Client) : http://prntscr.com/nnh426
What may also be super obvious for a ghost client will be "Minecraft 2.0" or "Minecraft 1.7.11" or such names like that. If you see any of these names in their Minecraft Name, you already know that they are using a ghost client.
Another type of ghost client : Some people might have a version of "1.8.9 Optifine" as a Ghost Client providing you with extra reach, aimbot etc. To check on that, you simply need to search for their Versions folder, if they have an Optifine Folder for the same Version and the same Model, they're most likely to be using normal Optifine and if they don't have a folder with the same name as their Minecraft Name or they have a different folder with Optifine on it, you've just found the user hacking with a Ghost client.
3) Go through their mods folder. People usually who are not very smart might hide their hacked clients into different folders, check if you can see the "Hidden Files" and over-all go though their whole PC with the Global Search and just search for some obvious things, like name of some hacked clients or "Auto" or "AutoClick" and more.
4) Check on their recycle bin, some people who might be getting screenshared just delete their hacked clients / autoclickers to look clean, check on their Recycle Bin and check all the hidden files there aswell, you might find something over there as-well.
5) Make them switch their "Attack" key (Which is usually Left Mouse Button) to random keys like "V" "Left Control" "Right Control" "Left / Right Shift" and some random keys as that might trigger a hacked client's GUI.
6) Check their mods, if a mod seems larger than it should be (Like usually all the small mods are around 20-100kb) a ghost client.
To detect that you MIGHT have to go over some complex features.
There is a software called "Luyten" which can be downloaded from GitHub and you can use it to check all the mod codings.
So basically, this might take some time as you need to look into all the classes and if you find anything suspicious, that means that they're using reach or a hacked client.
You wanna load up Luyten, drop the "MOD" into Luyten and start searching for everything.
Now what may be a Ghost Client renamed after a Mod? Anything UNUSUAL like if there is a mod named KeyStrokesMod, the ghost client might be just "KeyStrokes" or if the ArmorHud Mod is renamed as ArmourHud Mod or something similar to that, it might be a ghost client.
Once you have dropped the mod into Luyten, you start searching different classes and look for codes which are un-usual.
I will go over the most common one which is for "Reach".
The code will be something like this:
public class NBTMultipart (Something similar)() (
private Entity pointedEntity
extends EntityRenderer
super(Minecarft.func_number_x(). Minecraft.func_numbers_x().func_numbers_L()); (This might be usual but you want to usually look for EntityRenderer)
d0=4.65 (That is basically your reach in easy language)
Some stupid if-else statements and again
d0 = 5
else d0 = 6
(This might not be a proper code but now you know what to look for)
So you only need to look for EntityRenderer and d0 or n2 = distanceTo2. Now, the class will be really obvious like "InputHandler" or "EntityHandler" or something fishy, you'll recognise, it will be different.
There also can be a pre-defined default reach marked with x=4.8 and then d0 can be just d0=x; variable or something like that. *Brainfarts*
7) Look into their mods if they're un-usual using WinRar, if you find anything regarding "Client" or "ServerClient" or something really un-usual, you may ban them for using a ghost client. (You can look into some common legit mods using WinRar to get an idea what should be present)
8) Using Process Hacker to check their strings and pretty much checking if they have Vape Lite or AutoClicker Jars. (This might sound complicated but you just need to search "AutoClicker" or "Vape")
Open Process Hacker 2 -> Search "Explorer" in the search bar. -> Right click the explorer.exe (The normal icon) and go into Properties -> Un-tick Hide Free Regions -> Select Strings.. -> Check in every box and in Minimum String type the number "4" -> The strings will get detected and load up. Then, click on "Filter" and then "Contains Case Sensitive" and then just go over "Auto" , "AutoClicker" , "Vape" "Minecraft.exe" etc etc. in the Filter Pattern. (ASM: , cpsmod , keystrokesmod , java -jar can be searched aswell)
9) Look into their DOWNLOADS folder.
This will instantly tell you if they have downloaded a hacked client or autoclicker because things straight up downloaded from the web goes to the Downloads folder by default.
You can also check if they removed some strings regarding autoclickers but that'd be a long process so leaving it for now.
10) Use ScreenShare tools for easy work.
Most of the good ss tools are paid and hence people really don't agree on buying it, well if you are screensharing on a daily basis then might aswell get a Screensharing Tool which might help you (Paladin AntiCheat, Azran etc).
SS tools will just search the whole PC for hacks or any suspicious files but they still will NOT go through everything.
**Yes, Badlion Client is hackable, thanks**
If any problems, DM me in-game or on Discord (Andeh#7615)
Don't waste 2 hours in a screenshare, the session should be only for 20-30 minutes, that's the usual time. If you can't find anything then don't rip through every file in the computer as the might NOT be cheating, we never know.
I am only going to go over ONLY and ONLY the basic tips and tricks to do a screenshare.
First things first, screensharing is a method in which a user looks into another user's operating system to detect "Cheats".
Now, cheats can be anything, Autoclickers, Hacked clients, hidden Ghost Clients, Vape etc etc.
What to use while screensharing?
Anything CAN work while screensharing someone but I would not recommend using Discord as it's extremely laggy and has a terrible frame rate + quality.
I would only recommend AnyDesk screenshare as in that software, you can have mouse-control and the quality is decent to record etc.
1) If you want to find the EASIEST way to check if they've used clients or not, just go to their .minecraft folder (To be found in %appdata% folder in search bar) and open up screenshots because some people are really dumb to screenshot several things they might go over WHILE having their Hacked Client GUI on.
2) Check the usual things. - If they have a random name for their Minecraft. Usual name : http://prntscr.com/nnh3mv Un-usual name (Ghost Client) : http://prntscr.com/nnh426
What may also be super obvious for a ghost client will be "Minecraft 2.0" or "Minecraft 1.7.11" or such names like that. If you see any of these names in their Minecraft Name, you already know that they are using a ghost client.
Another type of ghost client : Some people might have a version of "1.8.9 Optifine" as a Ghost Client providing you with extra reach, aimbot etc. To check on that, you simply need to search for their Versions folder, if they have an Optifine Folder for the same Version and the same Model, they're most likely to be using normal Optifine and if they don't have a folder with the same name as their Minecraft Name or they have a different folder with Optifine on it, you've just found the user hacking with a Ghost client.
3) Go through their mods folder. People usually who are not very smart might hide their hacked clients into different folders, check if you can see the "Hidden Files" and over-all go though their whole PC with the Global Search and just search for some obvious things, like name of some hacked clients or "Auto" or "AutoClick" and more.
4) Check on their recycle bin, some people who might be getting screenshared just delete their hacked clients / autoclickers to look clean, check on their Recycle Bin and check all the hidden files there aswell, you might find something over there as-well.
5) Make them switch their "Attack" key (Which is usually Left Mouse Button) to random keys like "V" "Left Control" "Right Control" "Left / Right Shift" and some random keys as that might trigger a hacked client's GUI.
6) Check their mods, if a mod seems larger than it should be (Like usually all the small mods are around 20-100kb) a ghost client.
To detect that you MIGHT have to go over some complex features.
There is a software called "Luyten" which can be downloaded from GitHub and you can use it to check all the mod codings.
So basically, this might take some time as you need to look into all the classes and if you find anything suspicious, that means that they're using reach or a hacked client.
You wanna load up Luyten, drop the "MOD" into Luyten and start searching for everything.
Now what may be a Ghost Client renamed after a Mod? Anything UNUSUAL like if there is a mod named KeyStrokesMod, the ghost client might be just "KeyStrokes" or if the ArmorHud Mod is renamed as ArmourHud Mod or something similar to that, it might be a ghost client.
Once you have dropped the mod into Luyten, you start searching different classes and look for codes which are un-usual.
I will go over the most common one which is for "Reach".
The code will be something like this:
public class NBTMultipart (Something similar)() (
private Entity pointedEntity
extends EntityRenderer
super(Minecarft.func_number_x(). Minecraft.func_numbers_x().func_numbers_L()); (This might be usual but you want to usually look for EntityRenderer)
d0=4.65 (That is basically your reach in easy language)
Some stupid if-else statements and again
d0 = 5
else d0 = 6
(This might not be a proper code but now you know what to look for)
So you only need to look for EntityRenderer and d0 or n2 = distanceTo2. Now, the class will be really obvious like "InputHandler" or "EntityHandler" or something fishy, you'll recognise, it will be different.
There also can be a pre-defined default reach marked with x=4.8 and then d0 can be just d0=x; variable or something like that. *Brainfarts*
7) Look into their mods if they're un-usual using WinRar, if you find anything regarding "Client" or "ServerClient" or something really un-usual, you may ban them for using a ghost client. (You can look into some common legit mods using WinRar to get an idea what should be present)
8) Using Process Hacker to check their strings and pretty much checking if they have Vape Lite or AutoClicker Jars. (This might sound complicated but you just need to search "AutoClicker" or "Vape")
Open Process Hacker 2 -> Search "Explorer" in the search bar. -> Right click the explorer.exe (The normal icon) and go into Properties -> Un-tick Hide Free Regions -> Select Strings.. -> Check in every box and in Minimum String type the number "4" -> The strings will get detected and load up. Then, click on "Filter" and then "Contains Case Sensitive" and then just go over "Auto" , "AutoClicker" , "Vape" "Minecraft.exe" etc etc. in the Filter Pattern. (ASM: , cpsmod , keystrokesmod , java -jar can be searched aswell)
9) Look into their DOWNLOADS folder.
This will instantly tell you if they have downloaded a hacked client or autoclicker because things straight up downloaded from the web goes to the Downloads folder by default.
You can also check if they removed some strings regarding autoclickers but that'd be a long process so leaving it for now.
10) Use ScreenShare tools for easy work.
Most of the good ss tools are paid and hence people really don't agree on buying it, well if you are screensharing on a daily basis then might aswell get a Screensharing Tool which might help you (Paladin AntiCheat, Azran etc).
SS tools will just search the whole PC for hacks or any suspicious files but they still will NOT go through everything.
**Yes, Badlion Client is hackable, thanks**
If any problems, DM me in-game or on Discord (Andeh#7615)
Don't waste 2 hours in a screenshare, the session should be only for 20-30 minutes, that's the usual time. If you can't find anything then don't rip through every file in the computer as the might NOT be cheating, we never know.
Last edited:
