SqueezeTheorem Posted March 4, 2021 Share Posted March 4, 2021 (edited) Introduction Sporadically over the past year or two, I've been experimenting with unorthodox botting methods hoping to figure out how BotWatch works. It's a complete black box. We have no insight into precisely how it works, and it likely changes over time, but some of the experiments I've done lead me to believe I've figured out a significant component of it. For me, figuring it out is the ultimate engineering challenge. Initial Testing - Multiboxing (~1 year ago) I began my research by making a very primitive multiboxing script using another botting client that offers finer control over mouse movement. For those who aren't familiar with the term (since it's far more common in other MMOs), multiboxing software allows you to have your actions mirrored across many accounts. If you click at a certain coordinate on one OSRS client, all of the other clients click at the exact same coordinate. If you move your mouse on one client, the mouse moves in the exact same way for all the others. I used this script to control 8 accounts at once in free-to-play making golden jewelry and get enough money for a bond. None of the accounts were banned for multiboxing despite the fact that I was using an injection client to control them. The total play time was around 6 or 7 hours, which for free to play seemed fairly good to me. I was confident enough in this initial anecdotal evidence to try more experimenting with control over the mouse as a means of evading bans. Phase 2 - Macro Recording (~1 year ago) Next, I cobbled together a very basic macro recorder. It could track mouse movements and play them back on a loop. In designing the macro recorder, I made sure that the mouse playback was as precise as possible. Inputs are played back within a few milliseconds of the correct timing, which is about as good as it's going to get. Using one of the accounts I had multiboxed on, I cautiously made an hour-long recording of me enchanting sapphire jewellery at castle wars. It was slow profit and xp, but it allowed the account to increase its playtime using a very non-intensive training method. Within a day or two, the account was at ~50 magic. Given my past experience with botting and getting banned extremely easily on newer accounts, I felt confident enough to try botting way more hours per day. I got the account to 55 fletching manually. From there, I made an hour-long recording of me stringing bows at castle wars. I then played this recording back for 6 hours a day, and then eventually upped it to 12 and finally 18 hours per day. I was able to bot this much on a daily basis until the bond on the account ran out and finally had to renew it. I knew I was on to something, so I decided to expand beyond just one account to see how other accounts did. Phase 3 - Expansion (~ 1 year ago) I took more of the accounts I had previously multiboxed on and bonded them up. I gave membership to 4 or 5 total, and tried to suicide bot using my macro recorder. Curiously, all but one of the fresh accounts were banned within the first day or two of them starting to bot while the original account continued to bot heavily with no issues. What was even more bizarre is that once an account hit a certain age (~24 hours playtime), I was able to bot continuously for ~18 hours per day without any problems. It seemed to be that there was an initial "screening" period where Jagex more heavily monitored new accounts. Either more computing power was dedicated to analyzing their behavior during this window, or they were simply viewed more suspiciously by the system due to their age. After an account survived this initial screening period, it became seemingly unbannable using my macro recorder. In total, 2 out of 6 accounts survived this screening period and I was free to bot on them basically as much as I wanted without consequence. Phase 4 - Bot Busting: Moderate (Recent) More recently, I got back into botting and decided to REALLY push the limits of my macro recorder. I bonded up 2 of the original accounts I had botted on previously using the cash I had saved on them and ran them for 20 - 22 hours per day. The recording that I used had a total runtime of 2 hours and 15 minutes. Keep in mind that right now, Jagex is going all in on stopping bots because of the Steam launch and ban rates have skyrocketed. After running them for 4 days straight, I finally got hit with a 2 day ban on each of them. On one of the accounts, I was able to get to 99 fletching by stringing bows with a 1 hour recording and 91 crafting by crafting golden bracelets (30k xp/hr) using the 2 hour and 15 minute recording. This means, in total, I was able to run the crafting recording for like 200 hours before a temp ban. I'm not sure how long I ran the fletching recording for, but I suspect it was around 100 - 150 hours because I was making maple longbows instead of higher EXP bows back when they were the highest profit. Conclusions & Future Experimentation While Jagex almost certainly uses a large variety of methods to detect and ban bots, mouse data seems to play a very significant role. The fact that mobile bots initially had such a low ban rate seems to support this. If you are able to incorporate human mouse data into your bot, that mouse data isn't publicly available, and you bot 12 hours per day or less, you should be able to dramatically decrease your ban rates. Going forward, I would like to collect more mouse data and make an even longer recording by combining a series of smaller ones. The ideal length is 4 - 6 hours worth of data. With recordings that long, moderate botting should be virtually undetectable. I would also like to experiment with creating new recordings every ~100 hours of botting time to see if this helps. I attribute the success of this method to the fact that over small periods of time, it's very difficult to distinguish a recording of human behavior from actual human behavior. I was able to take around 3 hours of recordings and get 300 hours out of it before a ban. Not bad imo. Edited March 4, 2021 by SqueezeTheorem typo 3 Quote Link to comment Share on other sites More sharing options...
JMo Posted March 4, 2021 Share Posted March 4, 2021 Thanks for the findings. You should check out ghost mouse may help in your endeavors. Quote Link to comment Share on other sites More sharing options...
Rooged Posted March 4, 2021 Share Posted March 4, 2021 This was a great read. Do you have any plans to make any of the macro software publicly available? Quote Link to comment Share on other sites More sharing options...
SqueezeTheorem Posted March 4, 2021 Author Share Posted March 4, 2021 (edited) 16 minutes ago, Rooged said: This was a great read. Do you have any plans to make any of the macro software publicly available? It already is, but it needs a couple of stability improvements. I'd post the link here but I'm not sure if that's allowed per the OSbot rules. Edited March 4, 2021 by SqueezeTheorem typo Quote Link to comment Share on other sites More sharing options...
FushigiBot Posted March 4, 2021 Share Posted March 4, 2021 (edited) Interesting data. Something to add. I recently started botting on one of my older accounts. It's an account that I created in 2003 but hadn't played on since 2012. I got hit with a 2 day ban with just 2 hrs of botting. Therefore, the age of the account doesn't seem to matter. What seems to matter is the playtime; recent playtime to be exact. Another thing I discovered is that sudden, big changes in the xp rates also affect ban rates. I discovered this when changing botting activities from fighting to cooking. It wasn't the script because I was using the same script for other accounts. However, once I went from 30k combat xp an hour to 150k cooking xp an hour, it apparently triggered some sort of red flag in the system. Which multiboxer do you recommend? I want to try out some tests of my own. Edited March 5, 2021 by xhannyah Quote Link to comment Share on other sites More sharing options...
zixxy Posted March 5, 2021 Share Posted March 5, 2021 Great post, thanks for the update. Quote Link to comment Share on other sites More sharing options...
Rooged Posted March 5, 2021 Share Posted March 5, 2021 3 hours ago, SqueezeTheorem said: It already is, but it needs a couple of stability improvements. I'd post the link here but I'm not sure if that's allowed per the OSbot rules. If you'd be willing to message me the link, I'd greatly appreciate it. Or if you know of any other macro software you'd recommend, that would be cool too. I'm pretty new to all of this, just looking for insight from people who seem to know what they're talking about Quote Link to comment Share on other sites More sharing options...
kurdzz46 Posted March 12, 2021 Share Posted March 12, 2021 Then the real question is, what's the best mouse recorder, jitbit is very nice in a lot of ways but it doesn't like long recordings.... Quote Link to comment Share on other sites More sharing options...
Block Posted June 13, 2021 Share Posted June 13, 2021 thanks for this good info Quote Link to comment Share on other sites More sharing options...
