Jump to content

OSBot's mouse movement is easily detected


asdttt

Recommended Posts

14 minutes ago, Malcolm said:

At what point in time did I deny any sort of detection claims? I didn't. So clearly I don't need to seek help :doge:

If I recall correctly @Alek had mentioned something about the client itself being detectable although I cannot find the exact post for it.

It's been known for quite some time that the injection client is detectable which goes far beyond the mouse.

My point is that the mouse is a fraction of the bigger picture.

Look man. If you don't believe anything I'm saying about bypassing, then just leave the topic. All your doing is attacking me with assumptions, which I understand, i too would be suspicious of someone who claims to have magically bypassed bans by simply using alternative mouse movement. I don't blame you. 

And I understand your point that mouse movement isn't the biggest factor, nowhere did I claim it is actually. For me, it made the difference between bot freedom and daily bans, but maybe I'm just a lying cunt wasting everyone's time. I get it. 

But here I've served you proof of this flawed mouse movement that is absolutely picked up by heuristics. Now you can know for certainty that they have one solid link to detect OSBot, and now the dev's will be able to target it and hopefully fix it (I actually provided a possible solution, but whether or not he think's it'll work out for OSBot is another story). 

 

Imho, injection client isn't detected as a bot. Jagex has said themselves using third party clients is perfectly fine, wont lead to a ban, and their code shows no sign of code that would be used to detect whether a user is using a properly created bot client,  nor do they have any streamlined classloading that could inject such a thing during runtime. Now, do they detect whether you're using an unofficial client? Possibly?

Edited by asdttt
  • Like 1
Link to comment
Share on other sites

23 minutes ago, Malcolm said:

They cannot detect what client you are using. They can tell that you are not using an official OSRS client. As far as I'm aware that's how that goes.

I don't really feel like I'm attacking you and that is certainly not what I am trying to do however I was a little sarcastic I'll admit.

If you want to get into attacks you can try and recall this. It was a little funny but you essentially attacked every scripter here by calling their scripts shitty.

image.thumb.png.8c38b939095d97350c24373f2326e6c2.png

 

There are soo many factors that go into Jagex's bot detection and we certainly don't know how they really do it.

@Patrick already admitted to you that he believes mouse movements are detected.

He also said its a small part of the system which I 100% agree with him on.

 

This isn't like using the API and using the built in mouse is praying for a conviction. Bot smart. Don't bot for 16 hours a day.

If I want to keep an account I have no problem with botting that account and not getting it banned.

 

 

 

I mean that "attack" I said was very true...? If your script is basic as hell and does nothing to seem human, it's shit. As easy as that. 

 

Anyways, I just noticed something strange inside RS's code. Mind you, it's obfuscated so I really haven't fully drawn out what exactly this does, but here it is:

https://github.com/zeruth/runescape-client/blob/master/src/Client.java#L4315
Weird right? Maybe I'm mistaking it with some dynamic classloader, but from what I believe I'm looking at is a means to load a class and read some details about it. Could they possibly be using this to figure out overridden classes? Or checking to see if certain things exist that shouldn't? 

Then they add these details to a list: https://github.com/zeruth/runescape-client/blob/master/src/Client.java#L4418

Then here they are encoding that same object into their packet buffer: https://github.com/zeruth/runescape-client/blob/master/src/class21.java#L59

Then they ship it? https://github.com/zeruth/runescape-client/blob/master/src/Client.java#L3273

 

That's really odd, although maybe it has something todo with actual ingame mechanics and I just misinterpreted it. 

Edited by asdttt
Link to comment
Share on other sites

24 minutes ago, Malcolm said:

Did you really read through all of their code?

Also, do you really think Jagex would make their bot detection methods accessible to the public?

btw, this is what you had said in your OP on the other post.

image.thumb.png.e50bdfb2a6c19eed2e386ce07771a447.png

 

Didn't say anything about if these scripts had human like movements or these scripts do whatever feature you think will help. Just flat out said they were all shit. Talk about an attack :doge:

I mean Jagex used to detect bots very efficiently (for awhile until workarounds) using client based checks, so I wouldn't put it past them. This is the same company that managed to fuck up deadman mode and killed everyone. I mean the bot "nuke" was pretty much just them tricking us into using functions that would flag us. And like I've said probably a hundred times now, and I'm sure you have too; there's no single detection method. It's made up of who the hell knows how many detection methods.  This is what makes it even more difficult to pinpoint exactly how they detect us, because we're not all being detected by the same means. 

Who knows, maybe Jagex only executes client related checks if you actively collect resources for over X hours. They too know that a bypass will soon come, and they have done as much as possible to delay it. Maybe I haven't bypassed at all. Maybe I'm just on a larger banwave to give me the illusion that I'm coming closer to cracking the anti-cheat. Maybe they're just waiting for me to bot an excesses amount of time? 

And yeah you make a valid point, I did pretty much call everyone's scripts shitty. I didn't really mean EVERYONE as in literally everyone, just public scripts and the paid one I tried. So you got me there, and for that I apologize. But to be fair, there's a lot of shitty scripts here 

 

Edit: Man this class info collector/sender is really bothering me.. They literally don't use ANY of the code collected. The only use for this I can forsee is debugging.. 

Like check this out: https://github.com/zeruth/runescape-client/blob/master/src/Client.java#L4390

Why do they need to check if the class could be found, and do absolutely nothing with it other then return whether it was successful + the data ONLY to the server...................? It has to be for debugging, or detection.. How else could this be explained wtf?

Edited by asdttt
Link to comment
Share on other sites

45 minutes ago, asdttt said:

I mean that "attack" I said was very true...? If your script is basic as hell and does nothing to seem human, it's shit. As easy as that. 

 

Anyways, I just noticed something strange inside RS's code. Mind you, it's obfuscated so I really haven't fully drawn out what exactly this does, but here it is:

https://github.com/zeruth/runescape-client/blob/master/src/Client.java#L4315
Weird right? Maybe I'm mistaking it with some dynamic classloader, but from what I believe I'm looking at is a means to load a class and read some details about it. Could they possibly be using this to figure out overridden classes? Or checking to see if certain things exist that shouldn't? 

Then they add these details to a list: https://github.com/zeruth/runescape-client/blob/master/src/Client.java#L4418

Then here they are encoding that same object into their packet buffer: https://github.com/zeruth/runescape-client/blob/master/src/class21.java#L59

Then they ship it? https://github.com/zeruth/runescape-client/blob/master/src/Client.java#L3273

 

That's really odd, although maybe it has something todo with actual ingame mechanics and I just misinterpreted it. 

If I recall correctly, what you're looking at is Jagex's class checker. They are sent classes to check for from the server and reply back with having it or not. A friend of mine has logged a few of the classes they asked for and it seems to be classes related to the actual client, nothing external.

 

1 hour ago, Malcolm said:

They cannot detect what client you are using. They can tell that you are not using an official OSRS client. As far as I'm aware that's how that goes.

I don't really feel like I'm attacking you and that is certainly not what I am trying to do however I was a little sarcastic I'll admit.

If you want to get into attacks you can try and recall this. It was a little funny but you essentially attacked every scripter here by calling their scripts shitty.

 

 

There are soo many factors that go into Jagex's bot detection and we certainly don't know how they really do it.

@Patrick already admitted to you that he believes mouse movements are detected.

He also said its a small part of the system which I 100% agree with him on.

 

This isn't like using the API and using the built in mouse is praying for a conviction. Bot smart. Don't bot for 16 hours a day.

If I want to keep an account I have no problem with botting that account and not getting it banned.

 

 

 

They can't detect what client you're using, but knowing whether you're using an official OSRS client or not isn't hard to spoof if you know what you're supposed to change. It doesn't matter whether the client is reflection or injection.

Edited by IDontEB
  • Like 1
  • Heart 1
Link to comment
Share on other sites

1 minute ago, IDontEB said:

If I recall correctly, what you're looking at is Jagex's class checker. They are sent classes to check for from the server and reply back with having it or not. A friend of mine has logged a few of the classes they asked for and it seems to be classes related to the actual client, nothing external.

Yeah it's the class checker. But it could also potentially be used to detect clients - although that's a pretty big stretch. I just thought it was odd, but now that I think about it, that's a good way to detect whether a client's oudated, or incompatible. 

Thanks for the info

Link to comment
Share on other sites

I don't really see anything wrong with this. I think most people in this forum are very pessimistic about anti-ban. That's partly due to Alek's own beliefs that spread. But It's better to explore stuff and try it out. Who knows what works and what might not work. Yes, these same things have been tested but not all tests are the same and something new could be discovered.

So yeah, just do you and try out new ways of anti-ban.

Edited by dreameo
  • Like 3
Link to comment
Share on other sites

3 hours ago, Protoprize said:

Do we forget to hover over WC?

 

On a serious note, osbot is fine as is. I'm gonna be honest and just say it. I broke the one rule everyone says not to. I bot my main.... and I started 2 months ago with no ban still because I'm botting smart ?‍♂️.

Of course, in the end, changing osbot's mouse api would change the ban rates of using the client. But right now, that is a small priority, mostly due to the fact that Jagex is making their bot detection methods more and more obvious (and osbot needs to adapt to them first and foremost). The mouse is not the reason why people get banned. 

The reason for getting banned is sometimes just luck, but most of the time, it's stupidity. If you bot smart and not hard, you won't have issues.

im sorry botting smart is not part off it i made a new account did some hand leveling and some quests did 1 hour off mining then got some sleep next day account pem banned so its more than botting smart that stops you gets banned.

Link to comment
Share on other sites

4 hours ago, Malcolm said:

They cannot detect what client you are using. They can tell that you are not using an official OSRS client. As far as I'm aware that's how that goes.

I don't really feel like I'm attacking you and that is certainly not what I am trying to do however I was a little sarcastic I'll admit.

If you want to get into attacks you can try and recall this. It was a little funny but you essentially attacked every scripter here by calling their scripts shitty.

image.thumb.png.8c38b939095d97350c24373f2326e6c2.png

 

There are soo many factors that go into Jagex's bot detection and we certainly don't know how they really do it.

@Patrick already admitted to you that he believes mouse movements are detected.

He also said its a small part of the system which I 100% agree with him on.

 

This isn't like using the API and using the built in mouse is praying for a conviction. Bot smart. Don't bot for 16 hours a day.

If I want to keep an account I have no problem with botting that account and not getting it banned.

 

 

 

They actually can. I saw a post  of a dude telling Weath he didn't bot. Weath then said "you were using a botting client, you were botting".  So I for one, think they can. The data could possibly be spoofed, but I reckon they have a way to be able to tell what clients you're using (from let's say official, runelite, osuddy and konduit). However, I don't think they take it into account when banning. The only thing I've noticed is they ban you when you have very similar interactions (doesn't matter about mouse movements).  

Link to comment
Share on other sites

1 hour ago, manko said:

im sorry botting smart is not part off it i made a new account did some hand leveling and some quests did 1 hour off mining then got some sleep next day account pem banned so its more than botting smart that stops you gets banned.

Then you gotta find me an explanation as to why my botting routines don't get me banned ?

I use mirror mode only btw. 

Link to comment
Share on other sites

5 minutes ago, Protoprize said:

Then you gotta find me an explanation as to why my botting routines don't get me banned ?

I use mirror mode only btw. 

yer iv started using MM but what happened to me still shows it more than just running a bot and no matter how long you bot even if its just logging on using the bot you can get banned so trying to say its based off time spent playing is foolish. tho it my have somethink to do with how much data they get off you botting but we all know that it a mix off stuff.

Link to comment
Share on other sites

Player reports > mouse movement

Mouse movement contributes little to none imo.
I've done tons of 100~hr progs on highly repetitive tasks such as fishing/agility/hunter etc on injection. Not a fan of mirror mode btw.
Till date, I believe player reports has the highest contributing factor to getting your account banned.

  • Heart 1
Link to comment
Share on other sites

I really enjoyed this post it's shined a little more light and goes hand in hand with my own thoughts.

 

I don't think the author is trying to "bash" OSBOT API but, rather showing issues with its current state to hopefully find a safer way to bot. Without people investigating or looking to innovate, we would be falling closer and closer to this cat and mouse chase. I really do believe that jagex has an algorithm either herustic of some form, machine learning, or whatever and lessening the patterns it can pick up on and shrinking the sample size to perform those analyses will greatly increase time with your account before being banned.

 

I think the author did a great job in pointing out that mouse movements are being sent to their servers with proof via a github repo that was RE. Good find.

  • Like 1
  • Heart 1
Link to comment
Share on other sites

  • Developer
19 minutes ago, CsharpBestLang said:

I really enjoyed this post it's shined a little more light and goes hand in hand with my own thoughts.

 

I don't think the author is trying to "bash" OSBOT API but, rather showing issues with its current state to hopefully find a safer way to bot. Without people investigating or looking to innovate, we would be falling closer and closer to this cat and mouse chase. I really do believe that jagex has an algorithm either herustic of some form, machine learning, or whatever and lessening the patterns it can pick up on and shrinking the sample size to perform those analyses will greatly increase time with your account before being banned.

 

I think the author did a great job in pointing out that mouse movements are being sent to their servers with proof via a github repo that was RE. Good find.

 

The discussion about what happens to the mouse data thats being sent to the server, is something that has been going on for years. In the end, everyone is just guessing

  • Like 1
Link to comment
Share on other sites

17 minutes ago, Patrick said:

 

The discussion about what happens to the mouse data thats being sent to the server, is something that has been going on for years. In the end, everyone is just guessing

Hmm alright, I guess the biggest thing here is the fact that they are storing the information into packets and sending them out. True this could be speculation, hell maybe they just wrote that code out for other reasons and it isn't even part of their automated detection algorithm. None the less it's still a scary thing to look at when botting.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...