Jump to content

Scripting 99s 1 @a time


yfoo

Recommended Posts

preface: 150+ug LSD atm. So text doing its wavy thing, and if any text seems off.

Starting ground:

https://imgur.com/OHzb1PS

I am the Original Owner of these accounts. They were not phished or w/e.

Bankstanding skills are EZ...

https://imgur.com/SoFMqbR

This script is a unf potions script but By adding an enum value I can do Fletching/Crafting/Herblore. One method in training these skills is combining 2 items together (which is what creating unf potions is), and as you know in RS bankstanding skills are essentially the same. 

bublic enum CombinationRecipes {

    AVANTOE("Avantoe", "Vial of water", "Avantoe potion (unf)", "avan", 261, 227, 103, Skill.HERBLORE, 50, true),
    TOADFLAX("Toadflax", "Vial of water", "Toadflax potion (unf)", "toadfl", 2998, 227, 3002, Skill.HERBLORE, 34, true),
    RANARR("Ranarr", "Vial of water", "Ranarr potion (unf)", "ranar", 257, 227, 99, Skill.HERBLORE, 30, true),
    IRIT("Irit leaf", "Vial of water", "Irit potion (unf)", "irit", 259, 227, 101, Skill.HERBLORE, 45, true),
    KWUARM("Kwuarm", "Vial of water", "Kwuarm potion (unf)", "kwu", 263, 227, 105, Skill.HERBLORE, 55, true),
    HARRALANDER("Harralander", "Vial of water", "Harralander potion (unf)", "harra", 255, 227, 97, Skill.HERBLORE, 21, true),
    
    AIR_BATTLESTAFF("Battlestaff", "Air orb", "Air Battlestaff", "", 1391, 573, 1397, Skill.CRAFTING, 66, false),
    YEW_LONGBOW("Yew longbow (u)", "Bow string", "Yew longbow", "yew long", 66, 1777, 855, Skill.FLETCHING, 70, false),
    MAGIC_LONGBOW("Magic longbow (u)", "Bow string", "Magic longbow", "magic long", 70, 1777, 859, Skill.FLETCHING, 85, false); 

}

// ignore static ids, exist b/c osbot-grandexchange-api needs them for item matching.

99 fletching is next. After that If I'm not permed why not hunter. I legit grinded that in rs2, lets make it easier the second time around. Or if I don't feel like adding more code, continue running the same script.

 

 

Edited by PayPalMeRSGP
clarification
  • Like 2
  • Heart 1
Link to comment
Share on other sites

Sorry about the imgur links, for some reason the forum's "Insert image from URL" not working.

4 minutes ago, Mickey Mouse said:

One script? or Multiple?

1. The script just combines items together.

If you mean the combat 99s, I have code (seperate scripts) for them aswell.

Edited by PayPalMeRSGP
Link to comment
Share on other sites

18 minutes ago, PayPalMeRSGP said:

Sorry about the imgur links, for some reason the forum's "Insert image from URL" not working.

1. The script just combines items together.

If you mean the combat 99s, I have code (seperate scripts) for them aswell.

Ye I was curious about the combats. Is there any way to integrate it all into 1? How hard would it be? Like maybe have it set to a specific order i.e. 50 wc , fish , fm , cook , ranged , def , att , etc....? It could be like a "Base 50" script. Gets all Base levels to 50.. as anti ban maybe it could take like 3-5 hour breaks between each level 50 skill.. but instead of it just logging out (bot like) it could walk to GE and buy the materials for the next level 50 then log out. (as if its waiting for the items to buy overnight)  Is there any anti ban within the script you made? I see you're basically suicide botting...

Edited by Mickey Mouse
Link to comment
Share on other sites

48 minutes ago, Mickey Mouse said:

Ye I was curious about the combats. Is there any way to integrate it all into 1? How hard would it be? Like maybe have it set to a specific order i.e. 50 wc , fish , fm , cook , ranged , def , att , etc....? It could be like a "Base 50" script. Gets all Base levels to 50.. as anti ban maybe it could take like 3-5 hour breaks between each level 50 skill.. but instead of it just logging out (bot like) it could walk to GE and buy the materials for the next level 50 then log out. (as if its waiting for the items to buy overnight)  Is there any anti ban within the script you made? I see you're basically suicide botting...

Very good thinking, would be useful asf for bot farms...

 

OP is a boss for taking LUCY and breaking the rules of runescape with your scripts <3 Keep expanding your mind OP 

 

  • Heart 1
Link to comment
Share on other sites

20 hours ago, Mickey Mouse said:

Ye I was curious about the combats. Is there any way to integrate it all into 1? How hard would it be? Like maybe have it set to a specific order i.e. 50 wc , fish , fm , cook , ranged , def , att , etc....? It could be like a "Base 50" script. Gets all Base levels to 50.. as anti ban maybe it could take like 3-5 hour breaks between each level 50 skill.. but instead of it just logging out (bot like) it could walk to GE and buy the materials for the next level 50 then log out. (as if its waiting for the items to buy overnight)  Is there any anti ban within the script you made? I see you're basically suicide botting...

For integration it depends on if you have a set scripting style. If I were to do this I would utilize Object oriented programming, this means separating multiple functionalities (wc, fish, fm, ect.) into their  individual classes/packages. Then have some a supervising class that decides which functionality to execute; ex: on script start choose a skill to do, run that skill until a desired level, choose next skill, decide whether to do GE operations, repeate. If you were want to do something like this, decide early because it is very difficult to write a bunch a separate skilling scripts then attempt to merge them together unless you have planned your code structure out.

For my script there is some randomness involved, basically I code the same interaction multiple times with variations between each. For example, I wrote a splash - alching script that when alching would rarely but intentionally misclick on earth blast (since the spells are adjacent) or go to cast high-alch but click in area where the hitbox for the alching item is not directly under the cursor once the game auto shifts to the inventory tab. Typically when coding slightly different interactions I go for common errors that a human would do, when I manually stun-alched I would occasionally do some these errors. A supervising class would randomly choose a logical subsequent action (ex: after stunning, choose either a normal alch or alching error). IMO most easiest way to implement antiban for a bankstanding script (such as cooking, fletching, crafting, etc.) is to wait a bit after an inventory of crap has been processed.

I am not certain that this actually reduces/delays bans because I also bot moderately and legit play the account too. I like to think that some mild randomization and reasonably botting hours can sneak under the anticheat of company that has made wonky business decisions over the past 10years.

Also I don't suicide bot.

  • Like 1
Link to comment
Share on other sites

22 hours ago, PayPalMeRSGP said:

For integration it depends on if you have a set scripting style. If I were to do this I would utilize Object oriented programming, this means separating multiple functionalities (wc, fish, fm, ect.) into their  individual classes/packages. Then have some a supervising class that decides which functionality to execute; ex: on script start choose a skill to do, run that skill until a desired level, choose next skill, decide whether to do GE operations, repeate. If you were want to do something like this, decide early because it is very difficult to write a bunch a separate skilling scripts then attempt to merge them together unless you have planned your code structure out.

For my script there is some randomness involved, basically I code the same interaction multiple times with variations between each. For example, I wrote a splash - alching script that when alching would rarely but intentionally misclick on earth blast (since the spells are adjacent) or go to cast high-alch but click in area where the hitbox for the alching item is not directly under the cursor once the game auto shifts to the inventory tab. Typically when coding slightly different interactions I go for common errors that a human would do, when I manually stun-alched I would occasionally do some these errors. A supervising class would randomly choose a logical subsequent action (ex: after stunning, choose either a normal alch or alching error). IMO most easiest way to implement antiban for a bankstanding script (such as cooking, fletching, crafting, etc.) is to wait a bit after an inventory of crap has been processed.

I am not certain that this actually reduces/delays bans because I also bot moderately and legit play the account too. I like to think that some mild randomization and reasonably botting hours can sneak under the anticheat of company that has made wonky business decisions over the past 10years.

Also I don't suicide bot.

 

Regarding your antiban this is a little long winded but I'd like to hear your thoughts. 

I have always believed that the anti cheat looks for patterns, intervals between clicks, time spent doing the same action repeatedly (such as fletching for 6 hours perfectly and never pausing or moving the mouse of screen etc). I think we all know this, but I know a lot of scripters "randomize" the movements but it usually just seems to swap between a few different patterns that eventually the anticheat learns and picks up on. 

 

I think breaks are good but kind of useless if you are nonstop fletching, logout, log back in and start fletching nonstop again with no mistakes. You get the idea. Your idea about misclicking is exactly what I have been requesting with my private scripts. Along with random pauses varying in time, right clicking players, moving the mouse across the inventory and screen in different patterns etc with occasional misclicks. I also have good luck with double clicking things like food occasionally and constantly checking the skill tab and hovering over the xp left. Anything that can break up the repetitive appearing nature of botting. I think it all comes down to pattern detection. I believe they have stated that can they detect if the client is using injection, if they see you are injecting the client and also displaying common bot characteristics that is probably enough to cause a ban. They have also stated on a livestream that they can detect a bot logging in. Not sure how accurate this is though. 

 

What I really want to know is if the bot detection system is always running. Do you think something has to trigger it for the anticheat to start watching your account? I imagine if it was always watching logging and calculating every players behavior it would take up an insane amount of resources right? Could it be built into the client itself? They didn't like that Runelite was not obfuscated maybe there is something to that? What do you think?

Link to comment
Share on other sites

3 hours ago, Miesha said:

 

Regarding your antiban this is a little long winded but I'd like to hear your thoughts. 

I have always believed that the anti cheat looks for patterns, intervals between clicks, time spent doing the same action repeatedly (such as fletching for 6 hours perfectly and never pausing or moving the mouse of screen etc). I think we all know this, but I know a lot of scripters "randomize" the movements but it usually just seems to swap between a few different patterns that eventually the anticheat learns and picks up on. 

 

I think breaks are good but kind of useless if you are nonstop fletching, logout, log back in and start fletching nonstop again with no mistakes. You get the idea. Your idea about misclicking is exactly what I have been requesting with my private scripts. Along with random pauses varying in time, right clicking players, moving the mouse across the inventory and screen in different patterns etc with occasional misclicks. I also have good luck with double clicking things like food occasionally and constantly checking the skill tab and hovering over the xp left. Anything that can break up the repetitive appearing nature of botting. I think it all comes down to pattern detection. I believe they have stated that can they detect if the client is using injection, if they see you are injecting the client and also displaying common bot characteristics that is probably enough to cause a ban. They have also stated on a livestream that they can detect a bot logging in. Not sure how accurate this is though. 

 

What I really want to know is if the bot detection system is always running. Do you think something has to trigger it for the anticheat to start watching your account? I imagine if it was always watching logging and calculating every players behavior it would take up an insane amount of resources right? Could it be built into the client itself? They didn't like that Runelite was not obfuscated maybe there is something to that? What do you think?

I try to depatterize as much as possible with an implementation of a markov chain. In the item combinator script (the one doing the fletching) I coded multiple ways to...

  • withdraw items
    • (withdraw 14, misclick withdraw 10, misclick withdrawX)
    • sometimes I the script purposefully withdraw 10, I will have a fix component that will make a subsequent withdraw attempt so that the final inventory is 14 of one item and 14 of the other
  • combine items
    • (randomly select an item about where the primary and secondary items intersect. i.e: select the first item at a rand inv slot 10-13, select the second item at rand inv slot 14-16.
  • Interact with the banker
    • sometimes when interacting with the make-all button I will immediately right click hover the banker
    • sometimes mouse offscreen, and afk for a bit after every item has been processed
    • sometimes wait a bit then then hover the banker
    • sometimes wait a bit, hover the banker but over-eagerly press bank before every item have been processed (there would be like 1 or 2 left to combine).

The markov chain is used to randomly select a some variation of an action to run. Some actions occur more frequently than others (optimal actions most frequent). An image to better illustrate what I mean: https://imgur.com/CtAP0Tl.

W14P means to withdraw 14 of the primary item. Other abbreviations follow the same convention. There end up being 48 distinct possible paths (6 * 3 *3  = 48) (distinct ways to combine items). While there probably still a pattern it is much harder to detect (or takes longer) resulting in what hopefully is less frequent bans. Or none as I do other legit content on my main to mix it up

On injection botting, I can't say that it is detectable or not. But what I can hypothesize is that because 3rd party clients are all the rage, and these 3rd party clients reverse engineer osrs just like botting clients (injection/reflection) jagex has a harder time knowing if someone is botting based only on foreign code detection. Someone may be using a 3rd part client that just happens to use injection to pull game data.

You're probably right with Jagex not being able to run bot detection on all accounts, I heavily suspect accounts newly created are flagged. This flag is lifted after some playtime to give the anticheat some time to screen new accounts. The majority of new accounts created are f2p suicide bots right, and they get banned relatively quickly.

I don't think anticheat is built into the game client, I read java code is easy to de-obfuscate in comparison to other languages. If you look at the decompiled source code of the osbot client you will notice variable names being changed to a variation iliiIlili, while difficult to look through it still is possible. I think the reason that java is easy to decompile is the reason there are so many 3rd party clients.

^ I am not positive that the above is true, I don't have experience reverse engineering java code and can only give my naive observations.

One more thing, I think that some operations in the game are purely client side. My justification for this is that they can be implemented client side. For example hovering xp for a skill is a matter of reading loaded memory on your computer, when you hover a skill the rs client probably does not send a request to a Jagex server requesting the xp for a skill. Other things I think are client side are camera rotation, examining items, selecting an item but not using it on a related item, and right clicking somewhere. Operations that are client side are opening the bank, withdrawing or depositing items, placing a GE offer, trading or following another player, and walking somewhere (duh). This distinction is important because if anticheat is not in the client then only data that involves both the client and a Jagex server can be used to detect botting.

Edited by PayPalMeRSGP
  • Like 1
Link to comment
Share on other sites

5 hours ago, shreder said:

De-patternization is good however as humans we have human patterns which I believe that  Jagex uses machine learning they have internal test of bots they collect data and with that data they match it up to the data on the accounts and they will have a probability of it being a bot.

You're probably right. Jagex likely uses bans as a form of reinforcement learning.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...