100% Reason way our accounts are flagged as BOTs

[Harmacintyre]

The problem is that people like to talk about stuff they have no experience with. So far nobody provided any proof other than "hey i saw this it's 100% the reason we get banned!".

Thanks for saying exactly what i said. but in more words

 

[ccsutton]

I've read your suggestions and i'm not saying that they're horrible ideas, all i'm suggesting is that if people are going to continue posting about the issue then more information might help differentiate between people who actually experienced it and people who may have just had an issue with lag or a computer problem.

Although you do have quite an Easy Solution I will admit that, so then your modified and updated version of DB should be available for download sometime this afternoon then?

Maybe this can be fixed by updating gilestrinity only. Here's a snippet:

                switch (targetCurrent.ThisGilesObjectType)
                {
                    // ************************************************************************
                    // *****           Unit, use our primary power to attack              *****
                    // ************************************************************************
                    case GilesObjectType.Unit:
                        if (powerPrime.powerThis != SNOPower.None)
                        {
                            // Wait while animating before an attack
                            if (powerPrime.bWaitWhileAnimating)
                                WaitWhileAnimating(5, false);
                            // Use the power
                            ZetaDia.Me.UsePower(powerPrime.powerThis, powerPrime.vTargetLocation, powerPrime.iTargetWorldID, powerPrime.iTargetGUID);

I have not been involved in the development of this project and do not wish to spend that much time learning the entire program structure and flow. I am only trying to help. This would be an easy fix for someone more familiar with the code.

The problem is that people like to talk about stuff they have no experience with. So far nobody provided any proof other than "hey i saw this it's 100% the reason we get banned!".

Let me re-iterate: even if this is not a currently a detection method, it is safe practice to assume it can always be implemented in the future, and to emulate human behavior exactly. A good example would be, back in 2001 when people made starcraft chat bots, they would request advertisement data (for the ad at the top of the screen on old bnet) to emulate a real client.

 

[Mammon]

Just like with UFO's, What u can't explain you seek out explanations to fit the solution..
Either way, screendump the mob-id?
No biggie.

 

[packetloss]

The problem is that people like to talk about stuff they have no experience with. So far nobody provided any proof other than "hey i saw this it's 100% the reason we get banned!".

Thanks for saying exactly what i said. but in more words

If you are going to wait for PROOF you will never get it. Blizzard hasn't disclosed anything regarding how or what they have logged to determine if an account has botted or not.

If they aren't doing this, it would be a perfect way to detect a bot that is reading mob data from memory and performing actions based on them. No human player would see or could attack the phantom mobs. If I were Blizzard, I'd put these in randomly (say as frequently as a legendary drop) and if a character reacted to 5 (just picking some threshold) or more of these phantoms then you have proof that they are using some sort of 3rd party program.

The only way to research this is to continuously dump all the actor id's, and match them up against known mobs and what can actually be seen on screen in the client and if these phantoms do in fact show up, keep killing them and see if the account gets banned.

 

[solokazama]

Basically creating WhiteList what bot could hit would solve it (because hidden mob has to be different even by 1 byte / variable / flag from normal non-hidden to determine)

 

[Darkounet]

It's scary indeed. I mean, cmon devs! What do you think about it?

 

[kupaloids23]

It's scary indeed. I mean, cmon devs! What do you think about it?

Scared? then dont bot!

 

[Mungam]

Basically creating WhiteList what bot could hit would solve it (because hidden mob has to be different even by 1 byte / variable / flag from normal non-hidden to determine)

whitelisting is a good idea, but, i'd hate to be the guy to compile the list of every possible thing a bot can hit ;D

 

[conetopia]

In the fields of Misery, there is an orange circle on the ground, my bot seems to like running back n forth over it.... maybe its a fake mob target, and maybe those orange circle things are in each act, just to find botters.... simple enough trick I guess...

 

[Mookruiz]

In the fields of Misery, there is an orange circle on the ground, my bot seems to like running back n forth over it.... maybe its a fake mob target, and maybe those orange circle things are in each act, just to find botters.... simple enough trick I guess...

can you take a screenshot next time, I've never seen this but it sounds interesting

 

[mginster]

Even if this is a potential way to get banned, do you really think the DB devs will announce that they found it and fixed it? If they did, Blizzard would simply change the hidden mobs slightly and we are back to square one. As solo stated, whitelisting would probably be the best route to take.

 

[ccsutton]

Even if this is a potential way to get banned, do you really think the DB devs will announce that they found it and fixed it? If they did, Blizzard would simply change the hidden mobs slightly and we are back to square one. As solo stated, whitelisting would probably be the best route to take.

I'd like you to think about what you said. "Blizzard would simply change the hidden mobs " "whitelisting would probably be the best route" ...

Whereas sending ClickScreen(x,y) would NEVER send an attack(monster.id) packet for a mob that a normal player cannot mouse-over

Its a simple 1 line of code change vs creating a large database of all known monsters. And for all you know, a hidden monster can be a known one but with a hidden flag.

 

[selflearned]

Another possibility could be phantom legendary items. It could be that every mob always drops a phantom legendary. When it's picked up, it disappears so you never actually know your bot picked it up since it's never put in your inventory. That would be worse than phantom mobs

 

[ccsutton]

Another possibility could be phantom legendary items. It could be that every mob always drops a phantom legendary. When it's picked up, it disappears so you never actually know your bot picked it up since it's never put in your inventory. That would be worse than phantom mobs

Yeah I was thinking that too. I read that gold farm and auto-it bots did not get banned as heavily as the more advanced bots last wave. One guy said he only picked legs and avoided the bans.

ClickScreen(item.x, item.y) for the item's location would also address this. Sending a Pickup(item.id) packet for a phantom item could be a flag, whereas a clickscreen would not touch the item since the mouse could not hover over it.

 

[JoshYoJoshYo]

Yeah I was thinking that too. I read that gold farm and auto-it bots did not get banned as heavily as the more advanced bots last wave. One guy said he only picked legs and avoided the bans.

ClickScreen(item.x, item.y) for the item's location would also address this. Sending a Pickup(item.id) packet for a phantom item could be a flag, whereas a clickscreen would not touch the item since the mouse could not hover over it.

Wouldn't human players pick up these "items" as well?

 

[Johnmad]

We don't need any ClickMob(x, y) every creature should have somekind of boolean like isVisible = true. Just find where that value is stored in the game and use it to filter out all visible creatures from memory.

 

[blista08]

My theory is that Blizzard came into contact with aliens from another Galaxy and they were given a secret technology that allows them to detect bots through various simple flags such as: time played, character habbits, un-humanistic tendencies, etc.

I might be wrong here, but I'm pretty sure ET has a hand in this.

 

[heffy]

My theory is that Blizzard came into contact with aliens from another Galaxy and they were given a secret technology that allows them to detect bots through various simple flags such as: time played, character habbits, un-humanistic tendencies, etc.

I might be wrong here, but I'm pretty sure ET has a hand in this.

priceless

 

[ccsutton]

We don't need any ClickMob(x, y) every creature should have somekind of boolean like isVisible = true. Just find where that value is stored in the game and use it to filter out all visible creatures from memory.

This can easily be obfuscated. For example, give the mob exactly "23252" hp. The client sees "23252" hp and makes the mob invisible. Or the mob.id is a prime number. Client sees prime number... Those are just 2 examples. Worse yet, the obfuscation changes between each patch.

My point is, if you want a program to be 100% undetectable, then read memory only and do not execute code within the program. Only interact with normal means, ClickScreen and SendKeypress.

Now let me dive into some more details on hiding a program that only reads memory (to avoid detection):
The program doing the memory reading can be seen in the process list, unless you hide it with kernel level access. This is easily achieved through a 32bit driver, however, in 64bit you need to bypass Window's PatchGuard. Fyyre has made a publicly available PatchGuard disabler. If you read up, Skywing has written articles about subverting patchguard (Uninformed - vol 6 article 1). Even microsoft has implemented clever methods of obfuscation for their patchguard which only allows signed drivers on 64bit platforms. The first being the method that patchguard is launched.... it invokes a pagefault, which launches patchguard.
In 32bit though, you do not need to deal with patchguard. If you look at other private bots, they are looking into hiding the process in 32bit only. PatchGuard is the reason behind this.


Summary: All bots are detectable unless their only means of automation is through memory reads and mouseclicks/keyboard presses. Only then, will the process doing the memory reading and keypress simulation needs to be hidden with a kernel mode driver.

This has been discussed extensively over the years since the introduction of warden.


Tin foil hats: These actually improve warden's reception when blizzard reads your thoughts, and increases the chances of you being banned.
"The helmets amplify frequency bands that coincide with those allocated to the US government between 1.2 Ghz and 1.4 Ghz. According to the FCC, These bands are supposedly reserved for ''radio location'' (ie, GPS), and other communications with satellites " Study: http://berkeley.intel-research.net/arahimi/helmet/

 

[solokazama]

This can easily be obfuscated. For example, give the mob exactly "23252" hp. The client sees "23252" hp and makes the mob invisible. Or the mob.id is a prime number. Client sees prime number... Those are just 2 examples. Worse yet, the obfuscation changes between each patch.

WhiteList mobs to attack. this problem would be solved (its just small step, but got same problems - for eample change actorsid every patch)