apinamies55 Posted December 29, 2018 Share Posted December 29, 2018 (edited) Does this functionality exist in the client? I'm quite sure jagex's current bot detection is just an ML solution trained on incoming packet dumps, the training data labels being packet outputs of legit players and bots. If this is the case, to reduce banrates to zero all you have to do is log the packet data, bot something for 10 minutes and do the same thing legit for 10 minutes, compare the differences and see what does human packet output contain that bots don't. Edited December 29, 2018 by apinamies55 Quote Link to comment Share on other sites More sharing options...
Explv Posted December 29, 2018 Share Posted December 29, 2018 39 minutes ago, apinamies55 said: Does this functionality exist in the client? I'm quite sure jagex's current bot detection is just an ML solution trained on incoming packet dumps, the training data labels being packet outputs of legit players and bots. If this is the case, to reduce banrates to zero all you have to do is log the packet data, bot something for 10 minutes and do the same thing legit for 10 minutes, compare the differences and see what does human packet output contain that bots don't. Wireshark Quote Link to comment Share on other sites More sharing options...
apinamies55 Posted December 29, 2018 Author Share Posted December 29, 2018 (edited) 1 hour ago, Explv said: Wireshark The packets have been encrypted since like 2006 to prevent sniffing and packet editing. 1 hour ago, Alek said: I'd hate to burst your bubble, but this has been done thousands of times over the course of like 15 years: Seems like your new to botting, so perhaps check out this article: https://runescape.fandom.com/wiki/Macro I'm not talking about a packet bot. I've worked on anticheat in other games and working with raw packets is the easiest way to detect cheating. The same would apply to botting in runescape: when inspecting an players sent packet data, patterns will emerge when a script is used. It would be difficult for humans to detect patterns from raw data, but that's what modern machine learning algorithms are for. To prevent bans, all you would have to do is ensure that the packet output, that is generated by the bots actions, aka the API is close to a human to fool the machine learning tools jagex have built. I'm not talking about the structure of the sent packets or e.g mouse click packet data itself as that will obviously be the same, I'm talking about the metadata that you can infer from multiple packets e.g time between clicks, mouse movement, obvious timing patterns arising from the use of sleep in scripts. tl;dr to not get banned, log packet outputs of both legit playing AND botting; figure out the differences between the outputs; change the APIs used and the script itself so that when botting, the packet dump is indistinguishable from legit playing Edited December 29, 2018 by apinamies55 1 Quote Link to comment Share on other sites More sharing options...
Reminiscence Posted December 29, 2018 Share Posted December 29, 2018 30 minutes ago, apinamies55 said: The packets have been encrypted since like 2006 to prevent sniffing and packet editing. I'm not talking about a packet bot. I've worked on anticheat in other games and working with raw packets is the easiest way to detect cheating. The same would apply to botting in runescape: when inspecting an players sent packet data, patterns will emerge when a script is used. It would be difficult for humans to detect patterns from raw data, but that's what modern machine learning algorithms are for. To prevent bans, all you would have to do is ensure that the packet output, that is generated by the bots actions, aka the API is close to a human to fool the machine learning tools jagex have built. I'm not talking about the structure of the sent packets or e.g mouse click packet data itself as that will obviously be the same, I'm talking about the metadata that you can infer from multiple packets e.g time between clicks, mouse movement, obvious timing patterns arising from the use of sleep in scripts. tl;dr to not get banned, log packet outputs of both legit playing AND botting; figure out the differences between the outputs; change the APIs used and the script itself so that when botting, the packet dump is indistinguishable from botting I feel that there is nothing new that you can suggest that hasn't already been tried. Quote Link to comment Share on other sites More sharing options...
apinamies55 Posted December 29, 2018 Author Share Posted December 29, 2018 9 minutes ago, Sonysi said: I feel that there is nothing new that you can suggest that hasn't already been tried. What has been tried is script kiddies implementing "anti-bans" based on their gut feeling, AKA hovering mouse over woodcutting experience which leaves a completely different pattern from that of a legit player Quote Link to comment Share on other sites More sharing options...
Script Kid Posted December 29, 2018 Share Posted December 29, 2018 32 minutes ago, apinamies55 said: What has been tried is script kiddies implementing "anti-bans" based on their gut feeling, AKA hovering mouse over woodcutting experience which leaves a completely different pattern from that of a legit player do u mean that dis doesnt reduce ban rate if i hover to see woodcutting experience even if its very random also why you call me a script kiddie do u want to be hacked Quote Link to comment Share on other sites More sharing options...
NoxMerc Posted December 29, 2018 Share Posted December 29, 2018 Why is this necessary on the packet level? Why mess with packets at all? You can achieve the same thing by recording your screen for 10 minutes legit and then recording the bot for 10 minutes and keep tinkering with it until you're satisfied. Quote Link to comment Share on other sites More sharing options...
HunterRS Posted December 30, 2018 Share Posted December 30, 2018 14 hours ago, NoxMerc said: Why is this necessary on the packet level? Why mess with packets at all? You can achieve the same thing by recording your screen for 10 minutes legit and then recording the bot for 10 minutes and keep tinkering with it until you're satisfied. Not true, depending on how the client is implemented there can be many client side protections to help detect the use of 3rd party software that are protocol based. There is a lot going on behind the scene that you might not be aware of. If this interests you WoW did something like that to detect a packet based bot a long time ago, look it up. Quote Link to comment Share on other sites More sharing options...
NoxMerc Posted December 30, 2018 Share Posted December 30, 2018 4 hours ago, HunterRS said: Not true, depending on how the client is implemented there can be many client side protections to help detect the use of 3rd party software that are protocol based. There is a lot going on behind the scene that you might not be aware of. If this interests you WoW did something like that to detect a packet based bot a long time ago, look it up. Which just validates what I'm saying even further. Rather then continually keeping up with the changes the client makes each revision to ensure the integrity of the packets (if Jagex does any of that), you just manipulate the client's mouse/kb input, which is at a higher level than its packets. Quote Link to comment Share on other sites More sharing options...
liverare Posted December 30, 2018 Share Posted December 30, 2018 On 12/29/2018 at 6:01 PM, apinamies55 said: Does this functionality exist in the client? I'm quite sure jagex's current bot detection is just an ML solution trained on incoming packet dumps, the training data labels being packet outputs of legit players and bots. If this is the case, to reduce banrates to zero all you have to do is log the packet data, bot something for 10 minutes and do the same thing legit for 10 minutes, compare the differences and see what does human packet output contain that bots don't. The complexity lies in the client in how it determines what packets to generate and process. You can look into some of the 317 protocols here to see the sorts of information being passed around for the older clients. However, the client and servers likely work in-tandem to make sure that when a packet is expected, bad things happen if they aren't received. There are anti-cheat packets you need to be aware of, and they are likely generated after a certain number of interactions in-game and then generated at timed intervals. Mess with those and you might set off some red flags at Jagex HQ. Quote Link to comment Share on other sites More sharing options...
jakealaka9 Posted December 30, 2018 Share Posted December 30, 2018 From what I've heard, Anti-ban is a meme and getting banned is inevitable if you're trying to 99 all skills. Not an if, but a when. Especially since no one has any real clue about what the bot-detecting actually does to detect bots. Quote Link to comment Share on other sites More sharing options...
