- Status
- Offline
- Joined
- Mar 3, 2026
- Messages
- 667
- Reaction score
- 457
Phasmophobia’s attempt at an 'anti-cheat' is essentially just the game triggering internal routines to force-close or crash the process if it detects unauthorized loaders like BepInEx or MelonLoader. If you have been trying to run mods and getting nuked on startup, here is the technical breakdown for a clean bypass using Harmony.
The logic involves using BepInEx 6 (specifically the bleeding edge IL2CPP builds) to intercept the management calls the game uses to terminate itself.
The Technical Execution
To keep the process alive, you need to prefix specific UnityEngine functions that the game calls when it sniffing a modded environment. By returning false in a Harmony prefix, you effectively kill the kill-command.
Bypassing the Black Screen
Even after blocking the crash, the game might hang on a black screen—this is a secondary integrity check. To jump past this, use UnityExplorer to force-load the Main_Menu scene. Once the menu is initialized, the initial startup checks are bypassed and you are in.
Badge Spoofing & Network Logic
I have been looking into spoofing the Developer badge client-side. Monitoring traffic reveals a /GetPlayerBadges endpoint returning a JSON array. Intercepting this via mitmproxy to inject the dev badge ID works once, but the game does not seem to re-request this data, making a persistent spoof difficult via simple MITM.
While others are still getting kicked by basic engine-level crash routines, Infocheats users are stripping the game's internal checks and digging into the core API.
Anyone managed to spoof the dev badge permanently without the API blocking the request?
The logic involves using BepInEx 6 (specifically the bleeding edge IL2CPP builds) to intercept the management calls the game uses to terminate itself.
The Technical Execution
To keep the process alive, you need to prefix specific UnityEngine functions that the game calls when it sniffing a modded environment. By returning false in a Harmony prefix, you effectively kill the kill-command.
- Grab the latest BepInEx 6.0.0-be IL2CPP build.
- Initialize a Harmony instance to patch the application lifecycle.
- Intercept Application.Quit and ForceCrash diagnostics.
Code:
[HarmonyPatch(typeof(Application), "Quit", new Type[] { })]
public static class QuitPatch {
public static bool Prefix() {
Debug.Log("Quit request blocked!");
return false;
}
}
// Apply similar logic to:
// Application.Quit(int)
// UnityEngine.Diagnostics.Utils.ForceCrash(ForceCrashType)
// Application.ForceCrash(int)Bypassing the Black Screen
Even after blocking the crash, the game might hang on a black screen—this is a secondary integrity check. To jump past this, use UnityExplorer to force-load the Main_Menu scene. Once the menu is initialized, the initial startup checks are bypassed and you are in.
Badge Spoofing & Network Logic
I have been looking into spoofing the Developer badge client-side. Monitoring traffic reveals a /GetPlayerBadges endpoint returning a JSON array. Intercepting this via mitmproxy to inject the dev badge ID works once, but the game does not seem to re-request this data, making a persistent spoof difficult via simple MITM.
If you are digging into the networking, remember that Phasmophobia handles player profiles via external API calls. While client-side spoofing stays on your screen, getting it to replicate to other players usually requires deeper manipulation of the auth token or the response payload before the game caches it.
While others are still getting kicked by basic engine-level crash routines, Infocheats users are stripping the game's internal checks and digging into the core API.
Anyone managed to spoof the dev badge permanently without the API blocking the request?
