on jagex being able to detect client modifications

[dev027292]

First I'm going to discuss reason why Jagex does NOT detect for client modifications:

* their lock out system is rudimentary. It is certainly possible that certain forms of injections get flagged and immediately close down the client

* extensive memory searching could slow down CPU.

* implementing an accurate bot detection is incredibly hard and expensive

* although I haven't reverse engineered any code myself. It appears as if their injection detection is indeed rudimentary as I have not heard anything about it

* expensive computations as per bot detection are also expensive on the server and can add up and increase it's cost.

* It is certainly possible to inject in a read-only way and send input such as keystrokes through hardware emulation rather than using the game's associate functions such as input handling routines, etc.

* Jagex uses a lot of scare tactics which means that they probably need them, and seems to just mindlessly ban people regardless of whether they are botting or not.

     If they could easily detects peoples shit. They probably would not need to use scare tactics against us.

========

Now on reason why Jagex might be able to detect an injected client

*guaranteed the original client must leave some kind of footprint

*WINAPI offers an extensive amount of tools for scanning a processes memory

*bot makers that aren't mindful of Jagex's practices will likely provide a garbage product that would just get detected on use

========

discuss

[Easy Money]

although I haven't reverse engineered any code myself. It appears as if their injection detection is indeed rudimentary as I have not heard anything about it

 

you lose all credibility.

[dev027292]

36 minutes ago, Easy Money said:

although I haven't reverse engineered any code myself. It appears as if their injection detection is indeed rudimentary as I have not heard anything about it

 

you lose all credibility.

ahem*

I only said that because there are numerous sources with people who claim to have reverse engineered the game, and there is no need to do so myself at the moment.

This isn't even a definitive guide, it is only speculation and discussion for the benefit of the botting community.

 

And so far I have not reached a final conclusion as to whether  Jagex' injection detection is "OP" status

Edited August 31, 2021 by dev027292

[skillerkidos1]

neat

[AssertVoid]

Not an expert, but my impression is that a LARGE number of bans simply come from the bot getting reported by players.

They explained in response to one of the Rendi videos that they don't store data on a lot of actions that look suspect because the game is already generating a massive amount of data that costs money to store, I would imagine this is also true of client footprints and whatnot especially with the popularity of Runelite. There is another video where Mod Mat K talks about how runelite hurts their bot detection because it normalizes third party clients (and gets used as a bot client itself but thats another topic altogether)

 

Sure, suicide bots probably get detected easily enough and auto-banned but with a minimal amount of effort you can make accounts look legit by just chatting and playing by hand here and there.

 

Makes me wonder, what if you set up multiple bots (on different proxies perhaps) that would chat with eachother through pm's. They could recite movie scripts or reddit threads at eachother. I wonder if this would lower ban rates..

Edited September 2, 2021 by AssertVoid

[Robert718]

Just got perm banned today on 2 accounts  2 accounts left running on other other pc wth vpn

[FratbroWilliam]

On 9/2/2021 at 8:54 AM, AssertVoid said:

Makes me wonder, what if you set up multiple bots (on different proxies perhaps) that would chat with each other through pm's. They could recite movie scripts or reddit threads at each other. I wonder if this would lower ban rates..

I believe there have been some solutions created for having OSBot send updates out to a discord server; hooking a bot into a chat channel and having it distribute the chat log to accounts and parroting off roles mimicking a private chat stream would be even more difficult to detect, in theory.  

I don't think that the entirety of the internet is being scanned by any means. However, movie scripts and/or song lyrics might get noticed if a human is reviewing things; random threads are a crapshoot; private chat logs would be a minute risk vector.

[AssertVoid]

13 hours ago, FratbroWilliam said:

I believe there have been some solutions created for having OSBot send updates out to a discord server; hooking a bot into a chat channel and having it distribute the chat log to accounts and parroting off roles mimicking a private chat stream would be even more difficult to detect, in theory.  

I don't think that the entirety of the internet is being scanned by any means. However, movie scripts and/or song lyrics might get noticed if a human is reviewing things; random threads are a crapshoot; private chat logs would be a minute risk vector.

Discord logs are a good idea as well, there was another thread I saw about using AltChat which is similar to cleverbot to make your bots talk, but that cost a little bit of money for the API subscription.