dantan Posted August 29, 2014 Share Posted August 29, 2014 (edited) Disclaimer : post taken from another forum which will not be named. I would like if script writers read this post and express their own opinion, draw their own conclusion and the validity of the statement below. Client detection (client-side): Jagex detects if you're logging in from another client than the original one. How do they detect the client? - Check the title of the window (They did this in 2012) - Checksum of all files are being send to the server and they check if the values are the same (http://en.wikipedia.org/wiki/Checksum) - They count the methods/fields of all files and see if any code (hooks) have been injected like *** does now ("private int getHealth();") - They can check if cookies have been updated and where they're directing from, if there's a valid user agent according to your operating system and standard browser (http://en.wikipedia....Request_Headers) These are the only client detection methods I can come up now but there are definitely more Behaviour Analysis (Server-side AKA BotWatch): This is software running on the Jagex servers. Every action that you do will send a command to the server. If you click the rs-map ingame the client will send a command to the server like this: "Packet Id:137 X:3125 Y:1253" the server will calculate the path and send movement info with animations to the client which will display them. These packets can be used to track all activity on your account. And this is what they use for their BotWatch system How does BotWatch work? Well first of all nobody is sure but there are speculations/theories. I have searched some papers on Server side bot detection written by Profs/Students who are located in some of the best universities in the world. But here are some that I think Jagex applies: - Command timing: This is where they time the reaction time of a player when the server send data to the client. If the delay is too short or the delay is static you are detected. If you ploth this out on a graph you can easily spot out the botters. - Heat maps: They track all your mouse clicks and build heat maps where you clicked on an object / path. If you graph this out over time you will see bots use the same points but randomized by 20 coordinates while real players have different heat maps - Packet patterns: Tracking of all packets with their parameters and running a neural network with heuristics over it to see if any patterns have been detected - Simulation: (Probably used in the very early days of BotWatch) Jagex has a team of people which load whole a player's session (packet recording) in a closed environment and decide if the account looks like a bot. Thus they can watch your acitivity even though several days/weeks have been passed For more technical information on how BotWatch could work please take a look http://asp.eurasipjournals.com/content/pdf/1687-6180-2009-797159.pdf The reason why bots like (R** - cant mention bot name ) aren't so easy detectable is. It uses colors thus no modification (no client detection). It's slow because all it's actions are being sent from their server to the program. If a bot is not very functional the system is less likely to detect it. I can imagine Jagex setting a high enough treshold for their system not to detect any false-positive bots. If Bot's client wasn't decectable and you wrote a slow script with alot of unneeded camera / mouse moves you wouldn't also get detected. What does the future hold? Today bots and Jagex are in a code war, currently their client detection is very strong which we hope to surpass it within several weeks. After that Jagex will try to update their client detection. So you have to think Jagex ALWAYS has to take the first step and then we can anticipate. Eventually Jagex will run out of methods to detect the client and will mainly focus on scrambling data (which will also be killed in a matter of time) and their BotWatch system. If we can fully withdraw our attention from the client we can work on AI behaviour systems. There's no way they can defeat bots unless they can take legal actions or the owners get bored. Edited August 29, 2014 by dantan 2 Link to comment Share on other sites More sharing options...
Laz Posted August 29, 2014 Share Posted August 29, 2014 I really like this thread because everyone of your points is valid. However, OSBot features stealth-injection (it modifies internal JVM class files to make it impossible to detect injected methods like Character.getHealth() VIA reflection (the only known technology they use to detect injections). I deobfuscate, fully refactor, and decompile the OldSchool gamecode every couple updates (OSBot's cool updater makes it easy to make their client human-readable, refactored & compilable within minutes!). They haven't changed it one bit. What I can say is that client-based detection is no longer the immediate threat. It's bot-watch and it's macro analysis based algorithms that really hurt. Jagex has even said it themselves that they're abandoning old bot-detection techniques like random events because bots have been smart enough to the point where all these old techniques no longer work efficiently. What's causing the problem is that botters, by nature are very lazy people. Most people are probably using the same script that makes the most amount of money, only training one skill, etc. They're not really playing the game... and this is by far too easy to see. How do we solve this? Well I haven't simply ignored these issues, I've been quite aware that some steps need to be taken to make bots play less like macros, and more like REAL players. Here at OSBot we're currently working on our dynamic web-walker which will be used to be able to schedule scripts around. This is an added plus, since botters are too lazy to switch scripts themselves! The scripts can be schedules in a way that will be almost random but smart. However all this is easier said than done. We're putting a lot of effort and yes these technologies will be available in the future. Again, there are many more things than what I have mentioned to prevent bans. More discussion is definitely welcomed . 4 Link to comment Share on other sites More sharing options...
Pug Posted August 29, 2014 Share Posted August 29, 2014 in my own opinion as Laz has stated above. The most effective weapon Jagex has against bots is simply analysing an account and looking for a few key things. Logged in time, What the player has been doing for the last 12 hours. I'm sorry but if you have been botting one skill since the creation of your account with no breaks you are asking for a insta-ban. Randomization is the key to keeping your account. An example perhaps? say I'm runecrafting, i want 1-44 rc asap. A real player isnt going to spend roughly 13 hours making airs/fires in one go, it simply wouldn't happen. So maybe you need to think i know i am going to go and train my agility so i can run longer. Or i know im going to have a break and go and quest. Or simple things as daft as that might sound go and sit in the bank talking to people. Having no friends on your list and not saying a word for 24 hours wouldnt happen either. Just a touch of common sense can help. On all of the above i think its really good content, keep the thread up and going, Pug Link to comment Share on other sites More sharing options...
Volta Posted August 30, 2014 Share Posted August 30, 2014 (edited) @@Laz should our methods (and what we know mind you) be posted here in such detail ? D: Shouldn't you keep it a little more private Edited August 30, 2014 by Volta Link to comment Share on other sites More sharing options...
addrian Posted August 30, 2014 Share Posted August 30, 2014 I was thinking the same thing as Volta, tbh as I know there are probably JaGex scouts, scouting botting forums to find any detail they can to use against us. Truthfully tho, Laz I honestly feel this really is the safest bot around, and I'm really only committed and trust fourm/bot more than any other out there. I just hope the scripts will pile up again as they did back in 0Sbot 1. But thanks for the update and really good thread, and points. These things are vital and informative. Link to comment Share on other sites More sharing options...
Volta Posted August 30, 2014 Share Posted August 30, 2014 I was thinking the same thing as Volta, tbh as I know there are probably JaGex scouts, scouting botting forums to find any detail they can to use against us. Truthfully tho, Laz I honestly feel this really is the safest bot around, and I'm really only committed and trust fourm/bot more than any other out there. I just hope the scripts will pile up again as they did back in 0Sbot 1. But thanks for the update and really good thread, and points. These things are vital and informative. If we just didn't talk about the matter from the origin of botting, jagex would not have progressed (in opposition) as much as they have. Afterall, it isn't necessary to discuss because what can non-devs do about it lol. I know it can make for interesting and intellectual conversation, but it's kinda like talking formally vs. informally, or like talking infront of a cop (jagex). You could choose to keep quite, or you could talk about things that are against the law (rules of the game) and create a scene. In this case, talking "formally" wins. Obviously you can't control what people say, and shit has already been leaked, and jagex has already developed trends out of user opinions. Oh well, just a little bit of my "rational mentality" coming through l0l Link to comment Share on other sites More sharing options...
Alek Posted August 30, 2014 Share Posted August 30, 2014 This is the first thread I've seen that brings very valid arguments about Runescape bans. Great read from both Dantan and Laz. 1 Link to comment Share on other sites More sharing options...
dantan Posted September 4, 2014 Author Share Posted September 4, 2014 Would it be illegal if jagex scans your disk for folder names? eg OSBot Link to comment Share on other sites More sharing options...
