Tesh Posted April 18, 2019 Share Posted April 18, 2019 On 4/7/2019 at 7:14 PM, asdttt said: Look man. If you don't believe anything I'm saying about bypassing, then just leave the topic. All your doing is attacking me with assumptions, which I understand, i too would be suspicious of someone who claims to have magically bypassed bans by simply using alternative mouse movement. I don't blame you. And I understand your point that mouse movement isn't the biggest factor, nowhere did I claim it is actually. For me, it made the difference between bot freedom and daily bans, but maybe I'm just a lying cunt wasting everyone's time. I get it. But here I've served you proof of this flawed mouse movement that is absolutely picked up by heuristics. Now you can know for certainty that they have one solid link to detect OSBot, and now the dev's will be able to target it and hopefully fix it (I actually provided a possible solution, but whether or not he think's it'll work out for OSBot is another story). Imho, injection client isn't detected as a bot. Jagex has said themselves using third party clients is perfectly fine, wont lead to a ban, and their code shows no sign of code that would be used to detect whether a user is using a properly created bot client, nor do they have any streamlined classloading that could inject such a thing during runtime. Now, do they detect whether you're using an unofficial client? Possibly? As far as clients go, they can detect you are using software, they can't go as far as to detect exactly what client you are using. And as far as ive been told/heard about detection systems, mouse movement is small part or how they go about detecting bots. Other factors possibly include run time, botting hotspots, age of account, flagged IP's, similar names of bot accounts. Its pretty hard to replicate both humanlike mouse movements and botlike movements, there isnt really a way to decern which is which in my opinion. I do some weird ass mouse movements that other people don't, I click on random tabs for giggles, I examine stuff but dont read any of it. So in an honest opinion, I highly doubt OSBot's or any other bots mouse movement is massively detected due to the fact its hard to replicate both sides. Quote Link to comment Share on other sites More sharing options...
asdttt Posted April 18, 2019 Author Share Posted April 18, 2019 3 minutes ago, Tesh said: As far as clients go, they can detect you are using software, they can't go as far as to detect exactly what client you are using. And as far as ive been told/heard about detection systems, mouse movement is small part or how they go about detecting bots. Other factors possibly include run time, botting hotspots, age of account, flagged IP's, similar names of bot accounts. Its pretty hard to replicate both humanlike mouse movements and botlike movements, there isnt really a way to decern which is which in my opinion. I do some weird ass mouse movements that other people don't, I click on random tabs for giggles, I examine stuff but dont read any of it. So in an honest opinion, I highly doubt OSBot's or any other bots mouse movement is massively detected due to the fact its hard to replicate both sides. It's not really a matter of what the mouse movement means for anti-bot. Here's what we know: 1) They're sent the mouse movement 2) OSBot's mouse movement has a few nearly 100% constant flaws in nearly every movement. I've shown a sample that I got from grabbing the same mouse movement, on the same tick as Jagex and simply got the delta between each element to detect the flaws. Mouse movement detection is a lot simpler then you'd think. Hell, you could calculate if the movement has any deviation just by checking angles lol. If mouse movement is only 1% of their detection, it should still be a priority to fix it. This wont magically solve bans, but it'll be 1 step in the right direction for sure. There's NOTHING we can do to magically solve getting banned because it's no sole check. It's a network of checks, and even what appears to be a TIER'd detection system. 4 Quote Link to comment Share on other sites More sharing options...
Tesh Posted April 18, 2019 Share Posted April 18, 2019 1 minute ago, asdttt said: It's not really a matter of what the mouse movement means for anti-bot. Here's what we know: 1) They're sent the mouse movement 2) OSBot's mouse movement has a few nearly 100% constant flaws in nearly every movement. I've shown a sample that I got from grabbing the same mouse movement, on the same tick as Jagex and simply got the delta between each element to detect the flaws. Mouse movement detection is a lot simpler then you'd think. Hell, you could calculate if the movement has any deviation just by checking angles lol. If mouse movement is only 1% of their detection, it should still be a priority to fix it. This wont magically solve bans, but it'll be 1 step in the right direction for sure. There's NOTHING we can do to magically solve getting banned because it's no sole check. It's a network of checks, and even what appears to be a TIER'd detection system. On your second point, im sure the mouse movements do have flaws, as like i said, its hard to replicate either side of the coin, human or bot like. Im no coder or programmer but im sure to make it flawless would take more time then putting up with a 1% ban rate. As for your first point, If they do get sent mouse movements (which im sure they do), they would probably struggle to determine human or bot from just that alone, which is why all the other sets of information come in more so then mouse info. Quote Link to comment Share on other sites More sharing options...
asdttt Posted April 18, 2019 Author Share Posted April 18, 2019 Just now, Tesh said: On your second point, im sure the mouse movements do have flaws, as like i said, its hard to replicate either side of the coin, human or bot like. Im no coder or programmer but im sure to make it flawless would take more time then putting up with a 1% ban rate. As for your first point, If they do get sent mouse movements (which im sure they do), they would probably struggle to determine human or bot from just that alone, which is why all the other sets of information come in more so then mouse info. Well I can tell you didn't read the initial post otherwise you would of seen all the proof I've already posted... They send mouse movement, I posted their code that's on the client for that. It's also a defined packet, and is required if you decide to make a custom server. If you saw the mouse movement samples I posted, then you could see that they're very visible flaws and shouldn't take long to fix. Quote Link to comment Share on other sites More sharing options...
BiggBoss420 Posted April 18, 2019 Share Posted April 18, 2019 (edited) This is indeed a little disheartening to see, to be honest I didn't read through the github sample's to see how the code is getting sent, and I have no idea about what SendInput is, but it seems like that argument just distracted from the main point. Anyways, from I take you are saying, cut me some slack here, is that Jagex is taking mouse data collected at like 50ms, they slam that shit together, and then run simple stats on it, you called it mouseDelta or whatever the flip. Why is this unreasonable? I don't understand why this is insane, like if what you are saying is true that it can fit into 1mb for 3 hours, that's not that bad. Right? @Alek you stated previously that bot detection most likely stems from play time, skills trained ect. Wouldn't it be really easy to set a threshold, right, get the least amount of false negatives as possible, then we run the analysis on them to the point where it's like 99.9999% likely they are a bot. Is this unreasonable, why is this impossible. Honestly your responses haven't cleared up anything and your responses to asdttt have been very lackluster. Why wouldn't Jagex do this? I thought I'd look at your initial post Antiban doesn't matter - plain and simple. If you do any research into official claims made by Jagex, you can see why. They claim that both autoclickers and simulated mouse keys are detectable, and yes people do get banned for using them. For an autoclicker, the mouse doesn't move at all (don't get me started on pseudo number random generators for sleep time). So you state auto clickers and simulated mouse keys are detectable, maybe they have other behavior that makes them detectable. Gary's Hood and AutoHotKey are detected, both which use SendInput - which is Windows API. My thoughts are that they are just checking the stacktrace of mouse events and determining their source. So you think they are using SendInput... Ok that's great, asdttt has laid our proof and evidence towards his theory, you just state this without anything backing it at all. Additionally a while back they determined that HD clients are indistinguishable from botting clients, which also makes me believe they are looking at the garbage collector. Ok fair enough maybe they are but that doesn't have to do with the argument at hand But of course, go play around with antiban like everyone else has for the last 15 years - I'm really pessimistic in your results (nothing personal, but it's really a naiive approach). Then you insult him saying he's taking a naive approach. But isn't that just following Occam's razor? Then later on you guys get into a argument that made me want to jump off a bridge and die, and made me realize that I was wasting my time on a forum when I could be playing awesome games with cool hentai girls that like me for who I am ( btw I am cool and am 21 and can drink and drive [ not the driving part ] ) Oh sorry did I get off topic? My bad... Sorry to waste your time anyways... Because you're using SendInput... all Windows API functions can be hooked and detected. Look into JNI/JNA (Java). Please don't say something is undetected/hardware call when you're using a usermode public Windows API function call. You kept saying.. Ugh... Gary's Hood is literally using SendInput as well. Yes your mouse is detected because you can hook onto the windows hook chain and monitor for input thats generated by a real device vs those injected by application code - aka using SendInput directly like you are then he gives you a counter argument There's ZEROO evidence Jagex checks mouse clicks from a low level point. BUT, there is evidence they do from a HIGH level point. That point being the delay between press and release, and a few other minor details. (Which the majority of autoclickers have a delay of 0) Response Your. Autoclicker. Is. The. Same. As. Most. Autoclickers. You. Are. Using. SendInput. After that you no longer replied. He gave evidence, counter arguments, and in the end you just said the same thing over and over getting caught up about auto clickers being detectable by SendInput ( Again I don't know what the heck that is ). So to wrap up into a conclusion, can you argue his intial claims atleast can you explain why they are untrue, you just stated that they most likely detect using SendInput, why? He has code, he has evidence, can you give us that. Can you give a counter-argument, because just insulting him and going haha no stupid it's this other thing, why are you suddenly right? The truth is your not, you've done nothing to back up your claims. The only real arguments you gave were Jagex claimed they can catch autoclickers and simulated mouse keys. He gave responses to this and then you got caught up in the argument about SendInput ( what is that anyways?). Really what you need to do is disprove or make some sort of counter argument why his data is incorrect, or that Jagex does not use mouse movement as a factor in bot banning. If you are going to say that anti-ban is useless you need to be able to back it up, why should I blindly trust you? Additionally you could make a argument how Jagex detect's SendInput, if they are, is it in the code like asdttt showed with his mouse capturing. I would be more keen to believe you then, because yes, then capturing mouse movements would be pretty useuless if they could just detect fake mouse inputs, then it's pretty easy to detect a bot now isn't it, no need to grab data ect. I get what your going for but you do nothing to help your case at all. Lastly I want to say that if Jagex has the code, why not use it? Maybe they are tracking SendInput, but why not also just use the mouse tracking code as given here, asdttt gave us anecdotal evidence that it worked for him, I mean if you trust him it's pretty likely that it had a effect based on just the statistics he stated, it would be really lucky for some reason for him not to get banned after making only changes to the mouse movement. So I think that's everything I really hope you read what I have said and can try and make me understand your side because honestly I can't help but agree more with asdttt with the evidence, and better arguments laid out in this thread. edit: cut out the meat edit2: Don't hate me please edit3: Oh and bro I don't think it's a good idea to host RS's decompiled java code on your github, pretty sure they don't like that haha. Edited April 18, 2019 by BiggBoss420 5 Quote Link to comment Share on other sites More sharing options...
asdttt Posted April 18, 2019 Author Share Posted April 18, 2019 (edited) 2 hours ago, BiggBoss420 said: This is indeed a little disheartening to see, to be honest I didn't read through the github sample's to see how the code is getting sent, and I have no idea about what SendInput is, but it seems like that argument just distracted from the main point. Just to clearify on the thing about autoclickers.. He had claimed that they detected both "Gary's Hood and AutoHotKey", which he then claimed are detected through the usage of windows input API. My tests however showed that both those autoclickers had a major flaw, that being that they had 0 delay from mouse click, to release. Which is impossible on a normal mouse, which i provided some proof samples for too. I then showed the code that Jagex uses to both log, then send the mouse press->release delays to the server. It's an INCREDIBLY common anti-cheat check and I'm not surprised Jagex uses it. I then made an autoclicker, and corrected the flaw stating that it'll no longer be detectable on the JVM level (Which runescape's ran on, and assuming they don't load any code that could hook into windows API - which there's zero evidence of). So there is clear proof that Jagex could easily detect BOTH those autoclickers through means of their press->release timing logging.. Unless he's able to get banned using my autoclicker which fixes that issue, I don't think they use Inputevent's. I ran it for the night on my "main" (Only 3 weeks old ), using it to splash on a rat to get some easy magic XP. So about 7-8 hours of runtime and no ban - yet. And yes, my autoclicker still used InputEvent. Alek's absolutely correct by saying it is possible to detect emulated clicks/mouse on from low level code, but it's still possible to hide the flags using a hook, which I posted one that was already made for evidence (There's also ways to spoof a hardware click, but it's not easy). That would also only work for windows, and they'd need a different check for OS's like Linux since it's different API. I had never really thought of them using native code to escape the VM so it's a new thing I'll just need to search for and I'm glad he pointed that out. Maybe just a misunderstanding, maybe he just fucking hates my autoclicker lmao Edited April 18, 2019 by asdttt Quote Link to comment Share on other sites More sharing options...
Impensus Posted April 18, 2019 Share Posted April 18, 2019 (edited) 2 hours ago, BiggBoss420 said: This is indeed a little disheartening to see, to be honest I didn't read through the github sample's to see how the code is getting sent, and I have no idea about what SendInput is, but it seems like that argument just distracted from the main point. Anyways, from I take you are saying, cut me some slack here, is that Jagex is taking mouse data collected at like 50ms, they slam that shit together, and then run simple stats on it, you called it mouseDelta or whatever the flip. Why is this unreasonable? I don't understand why this is insane, like if what you are saying is true that it can fit into 1mb for 3 hours, that's not that bad. Right? @Alek you stated previously that bot detection most likely stems from play time, skills trained ect. Wouldn't it be really easy to set a threshold, right, get the least amount of false negatives as possible, then we run the analysis on them to the point where it's like 99.9999% likely they are a bot. Is this unreasonable, why is this impossible. Honestly your responses haven't cleared up anything and your responses to asdttt have been very lackluster. Why wouldn't Jagex do this? I thought I'd look at your initial post Antiban doesn't matter - plain and simple. If you do any research into official claims made by Jagex, you can see why. They claim that both autoclickers and simulated mouse keys are detectable, and yes people do get banned for using them. For an autoclicker, the mouse doesn't move at all (don't get me started on pseudo number random generators for sleep time). So you state auto clickers and simulated mouse keys are detectable, maybe they have other behavior that makes them detectable. Gary's Hood and AutoHotKey are detected, both which use SendInput - which is Windows API. My thoughts are that they are just checking the stacktrace of mouse events and determining their source. So you think they are using SendInput... Ok that's great, asdttt has laid our proof and evidence towards his theory, you just state this without anything backing it at all. Additionally a while back they determined that HD clients are indistinguishable from botting clients, which also makes me believe they are looking at the garbage collector. Ok fair enough maybe they are but that doesn't have to do with the argument at hand But of course, go play around with antiban like everyone else has for the last 15 years - I'm really pessimistic in your results (nothing personal, but it's really a naiive approach). Then you insult him saying he's taking a naive approach. But isn't that just following Occam's razor? Then later on you guys get into a argument that made me want to jump off a bridge and die, and made me realize that I was wasting my time on a forum when I could be playing awesome games with cool hentai girls that like me for who I am ( btw I am cool and am 21 and can drink and drive [ not the driving part ] ) Oh sorry did I get off topic? My bad... Sorry to waste your time anyways... Because you're using SendInput... all Windows API functions can be hooked and detected. Look into JNI/JNA (Java). Please don't say something is undetected/hardware call when you're using a usermode public Windows API function call. You kept saying.. Ugh... Gary's Hood is literally using SendInput as well. Yes your mouse is detected because you can hook onto the windows hook chain and monitor for input thats generated by a real device vs those injected by application code - aka using SendInput directly like you are then he gives you a counter argument There's ZEROO evidence Jagex checks mouse clicks from a low level point. BUT, there is evidence they do from a HIGH level point. That point being the delay between press and release, and a few other minor details. (Which the majority of autoclickers have a delay of 0) Response Your. Autoclicker. Is. The. Same. As. Most. Autoclickers. You. Are. Using. SendInput. After that you no longer replied. He gave evidence, counter arguments, and in the end you just said the same thing over and over getting caught up about auto clickers being detectable by SendInput ( Again I don't know what the heck that is ). So to wrap up into a conclusion, can you argue his intial claims atleast can you explain why they are untrue, you just stated that they most likely detect using SendInput, why? He has code, he has evidence, can you give us that. Can you give a counter-argument, because just insulting him and going haha no stupid it's this other thing, why are you suddenly right? The truth is your not, you've done nothing to back up your claims. The only real arguments you gave were Jagex claimed they can catch autoclickers and simulated mouse keys. He gave responses to this and then you got caught up in the argument about SendInput ( what is that anyways?). Really what you need to do is disprove or make some sort of counter argument why his data is incorrect, or that Jagex does not use mouse movement as a factor in bot banning. If you are going to say that anti-ban is useless you need to be able to back it up, why should I blindly trust you? Additionally you could make a argument how Jagex detect's SendInput, if they are, is it in the code like asdttt showed with his mouse capturing. I would be more keen to believe you then, because yes, then capturing mouse movements would be pretty useuless if they could just detect fake mouse inputs, then it's pretty easy to detect a bot now isn't it, no need to grab data ect. I get what your going for but you do nothing to help your case at all. Lastly I want to say that if Jagex has the code, why not use it? Maybe they are tracking SendInput, but why not also just use the mouse tracking code as given here, asdttt gave us anecdotal evidence that it worked for him, I mean if you trust him it's pretty likely that it had a effect based on just the statistics he stated, it would be really lucky for some reason for him not to get banned after making only changes to the mouse movement. So I think that's everything I really hope you read what I have said and can try and make me understand your side because honestly I can't help but agree more with asdttt with the evidence, and better arguments laid out in this thread. edit: cut out the meat edit2: Don't hate me please edit3: Oh and bro I don't think it's a good idea to host RS's decompiled java code on your github, pretty sure they don't like that haha. Lmao were at a time and place where an Osbot dev is getting called out by greys. He knows his stuff and doesn't have to provide 'evidence' to explain this topic to people who don't understand. He has told you about Autoclickers being detected and it's up to you if you accept his claims or not. If you believe otherwise then ignoring the advice of someone behind a large amount of Osbot's history isn't the best direction to go in. 24 minutes ago, asdttt said: Just to clearify on the thing about autoclickers.. He had claimed that they detected both "Gary's Hood and AutoHotKey", which he then claimed are detected through the usage of windows input API. My tests however showed that both those autoclickers had a major flaw, that being that they had 0 delay from mouse click, to release. Which is impossible on a normal mouse, which i provided some proof samples for too. I then showed the code that Jagex uses to both log, then send the mouse press->release delays to the server. It's an INCREDIBLY common anti-cheat check and I'm not surprised Jagex uses it. I then made an autoclicker, and corrected the flaw stating that it'll no longer be detectable on the JVM level (Which runescape's ran on, and assuming they don't load any code that could hook into windows API - which there's zero evidence of). So there is clear proof that Jagex could easily detect BOTH those autoclickers through means of their press->release timing logging.. Unless he's able to get banned using my autoclicker which fixes that issue, I don't think they use Inputevent's. I ran it for the night on my "main" (Only 3 weeks old ), using it to splash on a rat to get some easy magic XP. So about 7-8 hours of runtime and no ban - yet. And yes, my autoclicker still used InputEvent. Alek's absolutely correct by saying it is possible to detect emulated clicks/mouse on from low level code, but it's still possible to hide the flags using a hook, which I posted one that was already made for evidence (There's also ways to spoof a hardware click, but it's not easy). That would also only work for windows, and they'd need a different check for OS's like Linux since it's different API. I had never really thought of them using native code to escape the VM so it's a new thing I'll just need to search for and I'm glad he pointed that out. Maybe just a misunderstanding, maybe he just fucking hates my autoclicker lmao From my interpretation Alek was specifying that there was more ways to detect the autoclicker than you had mentioned and that all of these would have to be accounted for before you claim your autoclicker is 'undetected' as theoretically Jagex could use any single one of these methods to detect the autoclicker. Edited April 18, 2019 by Impensus Quote Link to comment Share on other sites More sharing options...
asdttt Posted April 18, 2019 Author Share Posted April 18, 2019 1 minute ago, Impensus said: Lmao were at a time and place where an Osbot dev is getting called out by greys. He knows his stuff and doesn't have to provide 'evidence' to explain this topic to people who don't understand. He has told you about Autoclickers being detected and it's up to you if you accept his claims or not. If you believe otherwise then ignoring the advice of someone behind a large amount of Osbot's history isn't the best direction to go in. Gray's gotta stick together #GrayPride Quote Link to comment Share on other sites More sharing options...
Impensus Posted April 18, 2019 Share Posted April 18, 2019 Just now, asdttt said: Gray's gotta stick together #GrayPride It's good you guys are actively pushing towards making Osbot a better client and the research etc your doing is great. From my experience here on Osbot I would definitely take Alek's advice he knows his stuff. Quote Link to comment Share on other sites More sharing options...
asdttt Posted April 18, 2019 Author Share Posted April 18, 2019 (edited) 8 minutes ago, Impensus said: Lmao were at a time and place where an Osbot dev is getting called out by greys. He knows his stuff and doesn't have to provide 'evidence' to explain this topic to people who don't understand. He has told you about Autoclickers being detected and it's up to you if you accept his claims or not. If you believe otherwise then ignoring the advice of someone behind a large amount of Osbot's history isn't the best direction to go in. From my interpretation Alek was specifying that there was more ways to detect the autoclicker than you had mentioned and that all of these would have to be accounted for before you claim your autoclicker is 'undetected' as theoretically Jagex could use any single one of these methods to detect the autoclicker. Yeah and he's absolutely right, but I never claimed it was undetectable from outside the JVM. If they execute native code to detect my input, then it's no longer inside the JVM and would be OS specific. That's allll I meant. But hey, at least I didn't create a resource injector and call it "Stealth Injection" - which WOULD be detectable from the JVM. 2 minutes ago, Impensus said: It's good you guys are actively pushing towards making Osbot a better client and the research etc your doing is great. From my experience here on Osbot I would definitely take Alek's advice he knows his stuff. Come on man. He's an orange. Can't trust 'em Edited April 18, 2019 by asdttt Quote Link to comment Share on other sites More sharing options...
BiggBoss420 Posted April 18, 2019 Share Posted April 18, 2019 (edited) 8 hours ago, Impensus said: Lmao were at a time and place where an Osbot dev is getting called out by greys. He knows his stuff and doesn't have to provide 'evidence' to explain this topic to people who don't understand. He has told you about Autoclickers being detected and it's up to you if you accept his claims or not. If you believe otherwise then ignoring the advice of someone behind a large amount of Osbot's history isn't the best direction to go in. From my interpretation Alek was specifying that there was more ways to detect the autoclicker than you had mentioned and that all of these would have to be accounted for before you claim your autoclicker is 'undetected' as theoretically Jagex could use any single one of these methods to detect the autoclicker. I don't understand... EXACTLY, you just answered my question, I should blindly trust someone. In case you didn't know that's a common fallacy people fall into as a trap ( Blind Loyalty). And you know what you are right he doesn't have to explain himself, but it looks like he tried to. Anyways I don't have a negative opinion of him, actually, I think he's probably fairly intelligent( I like OS Bot and have been writing bots from time to time, and come across his posts every once in a while and they are usually helpful ), he just can't explain himself clearly, but that doesn't mean he's not correct. But in order to convince someone like me, a position of superiority doesn't just do the trick. Maybe there is a post you could point me in, and be like "haha stupid idiot, we answered this already in X", and you know what I would do, I would read that, and if I was happy with the answers laid out there I would be done and agree, and go, "oh mouse movement really doesn't matter.", But I don't know about any post at any time in history. Why does it matter if he's been actively protesting anti-ban for 15 years, if he never made a argument as to why it doesn't work, it doesn't matter how long he's been doing it, that doesn't make him right (The Appeal to Tradition) Also sorry for using logical fallacies, it's a little dumb, and you can probably point out 20 in me, but I just wanted to explain my side and why I disagreed. See I explained, now you can understand me, but @Alek hasn't. And yeah, you are right, that's what he said, he stated that SendInput was detectable, but that didn't answer the question at hand, read my initial post I explain this. 3 hours ago, Alek said: Once again, your code is detectable from "within the JVM" as you put it. It's called stealth injector because the injector itself is not detected - it's to quell people in the Reflection/Injection arguments. Yes, I'm way more qualified to talk about detection and hacking than you. I wrote public aimbots and sold them for 2 years (Paladins, CSGO, Day of Infamy - all with my own custom updaters and AOB scanners), I'm fluent in MASM32 (x86 assembly), and I've disassembled more PEs, bypassing more DRMs and anticheat software than you have. Your best "bypass" is writing a 6 line C++ autoclicker that uses SendInput - which doesn't reverse anything and uses the same exact public Windows API functions that other Windows autoclickers use. You could have just wrote your code in C# or VBA. Please stop saying it's "not detected by the JVM" - you have not a clue what you are talking about. Just because you can't think of way it can be detected, doesn't mean it's undetected. You're an absolute joke. @Malcolm Yes, they publicly post what can be detected. asdttt is illiterate so he there's no way he would read this and understand what it means in the context of his C# autoclicker:https://secure.runescape.com/m=news/mouse-keys---changes--clarification?oldschool=1 Yikes, that is not a good response, can't you see what you are saying. Yes, I'm way more qualified to talk about detection and hacking than you. I wrote public aimbots and sold them for 2 years (Paladins, CSGO, Day of Infamy - all with my own custom updaters and AOB scanners), I'm fluent in MASM32 (x86 assembly), and I've disassembled more PEs, bypassing more DRMs and anticheat software than you have. = What the fuck did you just fucking say about me, you little bitch? I’ll have you know I graduated top of my class in the Navy Seals, and I’ve been involved in numerous secret raids on Al-Quaeda, and I have over 300 confirmed kills. I am trained in gorilla warfare and I’m the top sniper in the entire US armed forces. You are nothing to me but just another target. I will wipe you the fuck out with precision the likes of which has never been seen before on this Earth, mark my fucking words. You think you can get away with saying that shit to me over the Internet? Think again, fucker. As we speak I am contacting my secret network of spies across the USA and your IP is being traced right now so you better prepare for the storm, maggot. The storm that wipes out the pathetic little thing you call your life. You’re fucking dead, kid. I can be anywhere, anytime, and I can kill you in over seven hundred ways, and that’s just with my bare hands. Not only am I extensively trained in unarmed combat, but I have access to the entire arsenal of the United States Marine Corps and I will use it to its full extent to wipe your miserable ass off the face of the continent, you little shit. If only you could have known what unholy retribution your little “clever” comment was about to bring down upon you, maybe you would have held your fucking tongue. But you couldn’t, you didn’t, and now you’re paying the price, you goddamn idiot. I will shit fury all over you and you will drown in it. You’re fucking dead, kiddo. Honestly the resemblance is uncanny, anyone reading this that is okay with this should read up on Cognitive bias, this is no way anyone with any sense of power, or a trusted member on a forum should treat someone who has only been trying to help. That's the sad part, he's only trying to help the community, he's not attacking anyone, he could of just left and then nothing would of happened, and by posting something like this you may of just cemented your goal. You should be happy that people are testing your knowledge, not upset that they don't blindly trust you. Blind trust leads to the downfall of so many great communities, and it's sad to see that happening here... And then you actually make a decent argument, giving evidence as to why you think SendInput is detectable by Jagex, let me outline. 1. Sendinput is used in other windows auto-clickers 2. Other windows autoclickers are detectable by Jagex 3. Sendinput is detectable A decent argument, and with that Jagex post, honestly you might be right. But if I don't understand there were some points that asdttt made about delay playing a factor, and that Jagex can't poll that data from your mouse. If you could show me evidence that Jagex could find SendInput ( write a code snippet yourself, or link to one, find in the game code, or other ), then I would be 100% more keen to agree with you. But guess what that doesn't ANSWER THE QUESTION AT HAND. Why are mouse movement's futile, why should I blindly trust you o great one. Why does jagex have all this code, just to throw ignorant people like me off track? Can you answer this, because at this point it looks like you've given up and just expect us to agree based on your superiority. Edited April 18, 2019 by BiggBoss420 6 Quote Link to comment Share on other sites More sharing options...
asdttt Posted April 18, 2019 Author Share Posted April 18, 2019 (edited) 8 hours ago, Alek said: Once again, your code is detectable from "within the JVM" as you put it. It's called stealth injector because the injector itself is not detected - it's to quell people in the Reflection/Injection arguments. Yes, I'm way more qualified to talk about detection and hacking than you. I wrote public aimbots and sold them for 2 years (Paladins, CSGO, Day of Infamy - all with my own custom updaters and AOB scanners), I'm fluent in MASM32 (x86 assembly), and I've disassembled more PEs, bypassing more DRMs and anticheat software than you have. Your best "bypass" is writing a 6 line C++ autoclicker that uses SendInput - which doesn't reverse anything and uses the same exact public Windows API functions that other Windows autoclickers use. You could have just wrote your code in C# or VBA. Please stop saying it's "not detected by the JVM" - you have not a clue what you are talking about. Just because you can't think of way it can be detected, doesn't mean it's undetected. You're an absolute joke. @Malcolm Yes, they publicly post what can be detected. asdttt is illiterate so he there's no way he would read this and understand what it means in the context of his C# autoclicker:https://secure.runescape.com/m=news/mouse-keys---changes--clarification?oldschool=1 1) Post a method you can detect it within the JVM using pure javacode. NO cheating . It was made to bypass that one check I found within their code, which it does. The same check that just so happens to catch both the programs that you mentioned. Never have I claimed you can't detect it outside of the JVM.. Not sure why I have to keep repeating myself. Within the JAVA VIRTUAL MACHINE, the events are no different to that of a normal mouse. OUTSIDE the java virtual machine, that is not the case. Chill ffs 2) Whatever you're injecting could easily be detected, so why does it even matter if the injector it's self is detected lol. 3) "unless it is to remap a key to any other button" - Which would be detected as "emulated". A pretty massive portion of OSRS remaps mouse keys to their keyboard keys for efficiency. Idk if you understand the extent of sendInputEvent's use over various gaming/utility programs. And people to this day still use AHK, or mouse recorder at very low banrates surprisingly. And once again, it's not difficult to mask the fake clicks (Which there's already a hook for). There's other alternatives to spoofing hardware clicks, or even creating your own hardware/driver to send ACTUAL hardware clicks so it'd come directly from the HID stack which would bypass even a rawinput check. If you can provide evidence that they detect SendInputEvent, I will drop my argument completely and leave you be. You claim to be this amazing programmer, so prove it..? And do you honestly believe that the only reason OSBot is being detect is based off it's fake clicks....? You really don't think that the mouse movement is flawed? You think as a human, that movement is reproducible? Wtf -Btw, seen your blog. Nothing a programmer straight out of a university couldn't achieve lol. Tone down your ego Edited April 19, 2019 by asdttt 1 Quote Link to comment Share on other sites More sharing options...
asdttt Posted April 19, 2019 Author Share Posted April 19, 2019 (edited) 1 hour ago, Alek said: Congrats on single handedly defeating Jagex in a 15 year battle with bots, by using a 4 line C# script. Well my shitty C++ autoclicker obviously doesn't bypass lower level checks, but it's still possible. If you came directly from the HID stack, then what can they do? RawInput check? Nope. Just saying it's possible to bypass, not saying I solved it lmao. I just couldn't find any evidence that they were using such checks is all I mean.. I mean, can you..? Has anyone? Edited April 19, 2019 by asdttt Quote Link to comment Share on other sites More sharing options...
asdttt Posted April 19, 2019 Author Share Posted April 19, 2019 (edited) 7 minutes ago, Alek said: Explain in one sentence how you are using SendInput more correctly than Gary’s Hood. Don’t mention pseudo random numbers. There's a delay between mouse press and the mouse release event on a normal mouse, 99% of autoclickers such as Gary's Hood execute both events instantly whereas mine delays it within the bounds of a normal mouseclick (Around 50-100MS generally). Here's their code checking for that: https://github.com/zeruth/runescape-client/blob/master/src/Client.java#L3371 Yeah it's a simple thing sure, but it's important. Edit: Wrong code clip posted, I'll find the correct 1 Edited April 19, 2019 by asdttt Quote Link to comment Share on other sites More sharing options...
asdttt Posted April 19, 2019 Author Share Posted April 19, 2019 (edited) 58 minutes ago, Alek said: Delay between the events is nothing new, actually most autoclickers you can specify that amount. OSBot has a delay as well. True, but that's just the only thing that popped into my head when thinking about events fed to the JVM. I never thought of Jagex deploying anti-cheat similar to EAC so it never crossed my mind they'd check for whether the input was hardware or not. It seems silly that they'd put all this work into their anti-bot and not expand outside of the JVM but I just can't find any leads, and neither can anyone else (Or they're just being silent about it..). Or even what they'd use to load the native binaries to begin with (Without it being obvious/exposed easily).. Edited April 19, 2019 by asdttt Quote Link to comment Share on other sites More sharing options...