Jump to content

Logging all outbound packets


apinamies55

Recommended Posts

Does this functionality exist in the client? I'm quite sure jagex's current bot detection is just an ML solution trained on incoming packet dumps, the training data labels being packet outputs of legit players and bots. 

If this is the case, to reduce banrates to zero all you have to do is log the packet data, bot something for 10 minutes and do the same thing legit for 10 minutes, compare the differences and see what does human packet output contain that bots don't.

Edited by apinamies55
Link to comment
Share on other sites

39 minutes ago, apinamies55 said:

Does this functionality exist in the client? I'm quite sure jagex's current bot detection is just an ML solution trained on incoming packet dumps, the training data labels being packet outputs of legit players and bots. 

If this is the case, to reduce banrates to zero all you have to do is log the packet data, bot something for 10 minutes and do the same thing legit for 10 minutes, compare the differences and see what does human packet output contain that bots don't.

Wireshark

Link to comment
Share on other sites

1 hour ago, Explv said:

Wireshark

The packets have been encrypted since like 2006 to prevent sniffing and packet editing.

1 hour ago, Alek said:

I'd hate to burst your bubble, but this has been done thousands of times over the course of like 15 years:
 

 

Seems like your new to botting, so perhaps check out this article: https://runescape.fandom.com/wiki/Macro

 

I'm not talking about a packet bot.

I've worked on anticheat in other games and working with raw packets is the easiest way to detect cheating.

The same would apply to botting in runescape: when inspecting an players sent packet data, patterns will emerge when a script is used. It would be difficult for humans to detect patterns from raw data, but that's what modern machine learning algorithms are for. 

To prevent bans, all you would have to do is ensure that the packet output, that is generated by the bots actions, aka the API is close to a human to fool the machine learning tools jagex have built. I'm not talking about the structure of the sent packets or e.g mouse click packet data itself as that will obviously be the same, I'm talking about the metadata that you can infer from multiple packets e.g time between clicks, mouse movement, obvious timing patterns arising from the use of sleep in scripts.

tl;dr to not get banned, log packet outputs of both legit playing AND botting; figure out the differences between the outputs;  change the APIs used and the script itself so that when botting, the packet dump is indistinguishable from legit playing 

Edited by apinamies55
  • Like 1
Link to comment
Share on other sites

30 minutes ago, apinamies55 said:

The packets have been encrypted since like 2006 to prevent sniffing and packet editing.

I'm not talking about a packet bot.

I've worked on anticheat in other games and working with raw packets is the easiest way to detect cheating.

The same would apply to botting in runescape: when inspecting an players sent packet data, patterns will emerge when a script is used. It would be difficult for humans to detect patterns from raw data, but that's what modern machine learning algorithms are for. 

To prevent bans, all you would have to do is ensure that the packet output, that is generated by the bots actions, aka the API is close to a human to fool the machine learning tools jagex have built. I'm not talking about the structure of the sent packets or e.g mouse click packet data itself as that will obviously be the same, I'm talking about the metadata that you can infer from multiple packets e.g time between clicks, mouse movement, obvious timing patterns arising from the use of sleep in scripts.

tl;dr to not get banned, log packet outputs of both legit playing AND botting; figure out the differences between the outputs;  change the APIs used and the script itself so that when botting, the packet dump is indistinguishable from botting 

I feel that there is nothing new that you can suggest that hasn't already been tried.

Link to comment
Share on other sites

9 minutes ago, Sonysi said:

I feel that there is nothing new that you can suggest that hasn't already been tried.

What has been tried is script kiddies implementing "anti-bans" based on their gut feeling, AKA hovering mouse over woodcutting experience which leaves a completely different pattern from that of a legit player

Link to comment
Share on other sites

32 minutes ago, apinamies55 said:

What has been tried is script kiddies implementing "anti-bans" based on their gut feeling, AKA hovering mouse over woodcutting experience which leaves a completely different pattern from that of a legit player

do u mean that dis doesnt reduce ban rate if i hover to see woodcutting experience even if its very random

also why you call me a script kiddie do u want to be hacked

Link to comment
Share on other sites

14 hours ago, NoxMerc said:

Why is this necessary on the packet level? Why mess with packets at all? You can achieve the same thing by recording your screen for 10 minutes legit and then recording the bot for 10 minutes and keep tinkering with it until you're satisfied.

Not true, depending on how the client is implemented there can be many client side protections to help detect the use of 3rd party software that are protocol based.

There is a lot going on behind the scene that you might not be aware of.

If this interests you WoW did something like that to detect a packet based bot a long time ago, look it up.

Link to comment
Share on other sites

4 hours ago, HunterRS said:

Not true, depending on how the client is implemented there can be many client side protections to help detect the use of 3rd party software that are protocol based.

There is a lot going on behind the scene that you might not be aware of.

If this interests you WoW did something like that to detect a packet based bot a long time ago, look it up.

Which just validates what I'm saying even further. Rather then continually keeping up with the changes the client makes each revision to ensure the integrity of the packets (if Jagex does any of that), you just manipulate the client's mouse/kb input, which is at a higher level than its packets.

Link to comment
Share on other sites

On 12/29/2018 at 6:01 PM, apinamies55 said:

Does this functionality exist in the client? I'm quite sure jagex's current bot detection is just an ML solution trained on incoming packet dumps, the training data labels being packet outputs of legit players and bots. 

If this is the case, to reduce banrates to zero all you have to do is log the packet data, bot something for 10 minutes and do the same thing legit for 10 minutes, compare the differences and see what does human packet output contain that bots don't.

The complexity lies in the client in how it determines what packets to generate and process. You can look into some of the 317 protocols here to see the sorts of information being passed around for the older clients. However, the client and servers likely work in-tandem to make sure that when a packet is expected, bad things happen if they aren't received. There are anti-cheat packets you need to be aware of, and they are likely generated after a certain number of interactions in-game and then generated at timed intervals. Mess with those and you might set off some red flags at Jagex HQ.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...