I was botting 24/7 and had 3 accounts banned yesterday permanently. lol. It seems these days you have to get as much gold as possible before they perma ban you.
RebornBuddy Forums
Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!
blizzard wins, admit defeat.
- Thread starter virtual
- Start date
I was botting 24/7 and had 3 accounts banned yesterday permanently. lol. It seems these days you have to get as much gold as possible before they perma ban you.
don't even waste your time on 5man teams when they are caught you got no chance of getting them unbanned.
Owneth
Member
- Joined
- Jan 15, 2010
- Messages
- 723
/\ This. /\
And tripwire cannot detect Blizzard Scanning the Software Driven Memory Mouse have you... that is created by HB either. But shhhhh that's a secret!!! It's "Protected". Bull$hit!!!
That is the #1 reason I believe and the Software Driven Memory Keyboard "device" have you... that Blizzard is seeing. Because no one thinks to look deeply and I am sure I will get some response about how I don't know anything and I am not a DEV or Admin so how could I possibly know that...
Well... If I can detect it with some simple software that sees a keylogger device ... only when HB is ran... I am pretty certain the same thing can be detected by "Warden"...
Not to mention you click 10,000+ times with Click to move in a single session? Wouldn't that be detectable? YES IT FREAKING WOULD!!!
Along with "key presses" via "memory"...
No one needs to be a developer or genius to see the obvious.
Your software needs some serious changes.
raphus
Well-Known Member
- Joined
- Jun 17, 2010
- Messages
- 2,094
Please stop making assumptions. I wonder have you ever investigated or had the ability to check what happens when you Click to Move.
CTM is completely client side. What happens when you do a click to move is a series of Movement packets being sent to the server from your client. Here is a bit more detail for you:
Click To Move on a point right in front of the toon: Movement start packet with Forward movement flag is sent to the server. Toon reaches the point and Movement stop packet is sent to the server. This is the exact same packets being sent when you hold W key and release it.
Click To Move on a point where the toon is not facing: SetFacing packet is sent to the server with the rotation information which is followed by the same packets above. This is also exact same when you turn your toon by holding right mouse button.
All in all, stop speculating, start talking with facts.
Owneth
Member
- Joined
- Jan 15, 2010
- Messages
- 723
Fact is you did exactly what I expected. Downplayed what I said in other wording pretty much affirming what I said in a developers words.
Fact is you did exactly what I expected. Downplayed what I said in other wording pretty much affirming what I said in a developers words.
I am not a developer and i am not an admin, but i certainly understood what raphus said. I did not get one thing you said.
Correct me if i am wrong:
You said, Blizzard simply has to plug-in an usb device with a keylogger software to see if keylogging is used? Its very easy and 100 % detection.
I then ask, why do they not do it day after day, that would have drained us out of life in 2 weeks. I do not get it. They pay over 2 million in guarantees and lawyer costs, can not find our users for couple of years, if it was that simple.
Raphus said, it does not matter if you use click to move, your head, your finger or a lego made robot that presses the keys, what the wow server gets, is exactly the same response.
That one i perfectly get.
That is funny considering what Bossland said in another topic.
I am not a honorbuddy user, I was thinking to buy a license. I am DB user. However there seems to be a lot of bans in the banwave section.
Whether its safe or not, I can't comment. Nevertheless it seems they are active with banwaves as they were not in Diablo for a long time.
Whether its safe or not, I can't comment. Nevertheless it seems they are active with banwaves as they were not in Diablo for a long time.
supasitario
Member
- Joined
- Mar 19, 2014
- Messages
- 70
glad to see someone of bossland. I mean, that shows true interest from you to us (clients, friends, supporters and trolls)
Bossland just if you could tell some depvs to ban some issues around the ports to block and kill some process determination
what makes HB "not safe". I guess you already check some ways people gets the Banny hammer
i mean, It dosent make it 100% safe but a 99% its always as good as 100% right?
the blocks of memory Blizz is scanning cant be shown by doing that and that will prevent people to get banned a lot.
Just that and btw GOOD WORK with new bots and hope to find more about buddies in Legion
edit. Everyone have a nice day
Last edited:
Exite
New Member
- Joined
- Nov 17, 2014
- Messages
- 220
Wow that's the worst writen post I'v ever seen..
I've read though this thread, and I'm quite lost 'cause nobody links the topics they're citing. "Bossland said this", "Bossland said that", yet I'm lost searching that thread on a forum.
HB could've been fully moved from user-space to kernel-space (or even into a virtualization host), and there would be no single way Blizzard could challenge it. WoW would run in an environment that has lower rights than HB, and could do nothing to detect an existence of HB. Also there would be no single way to add a service to WoW that would run in the same environment and detect HB, because it would certainly create serious problems for their end-users when it malfunctions (otherwise they'd use such services for DRM in their games). Yet HB can handle running such unsafe code, because users can always play the game without HB, and because they always know what they do.
If I remember it right, HB uses C# for scripting, and there's no way C# could be run in kernel-space. Lua wouldn't be easy to setup, but it could work. Anyway, technical issues are always solvable by some amount of read manuals, smoked cigarettes and consumed coffee.
I can understand why devs didn't go this way yet. It's an enormous amount of work, anyway. But since Blizz got rampant on destroying HB, no other approach than total kernel-level paranoia can be trusted. If Bossland won't start using something similar in their Legion release, I would have started thinking they don't care anymore as they know their product is approaching its "end of life".
HB could've been fully moved from user-space to kernel-space (or even into a virtualization host), and there would be no single way Blizzard could challenge it. WoW would run in an environment that has lower rights than HB, and could do nothing to detect an existence of HB. Also there would be no single way to add a service to WoW that would run in the same environment and detect HB, because it would certainly create serious problems for their end-users when it malfunctions (otherwise they'd use such services for DRM in their games). Yet HB can handle running such unsafe code, because users can always play the game without HB, and because they always know what they do.
If I remember it right, HB uses C# for scripting, and there's no way C# could be run in kernel-space. Lua wouldn't be easy to setup, but it could work. Anyway, technical issues are always solvable by some amount of read manuals, smoked cigarettes and consumed coffee.
I can understand why devs didn't go this way yet. It's an enormous amount of work, anyway. But since Blizz got rampant on destroying HB, no other approach than total kernel-level paranoia can be trusted. If Bossland won't start using something similar in their Legion release, I would have started thinking they don't care anymore as they know their product is approaching its "end of life".
Endus
Community Developer
- Joined
- Jul 9, 2012
- Messages
- 458
The problem with that is the Buddy team depends on community developers for the majority of functionality for a lot of their bots. If they change their language they're going to lose most of the community support and the bots will become barebones. Also, I know little about the kernel, but I'm not sure there's a way to read/manipulate WoW's memory/packets without Warden knowing the source of the read/manipulation, even if it's kernel level.
The only real way I can think of would be to block the reporting process before it sends the signal back to Warden to flag you (which I assume was the function of "trip-wire"). In games like BDO it's as simple as locking down the rights to some log files and blocking a specific file's outbound connectivity (firewall) but obviously it's much more advanced with WoW.
The main problem here is Blizzard. Most other companies don't take anti-cheat so seriously. Just look at Overwatch. Most of the well-known FPS cheat websites won't touch it (while they all have aimbots and the likes for all the other popular FPS games). The Buddy team has their work cut out for them.
Last edited:
UnderratedPost
Member
- Joined
- Dec 18, 2015
- Messages
- 362
i really dont like the sound of that. being able to use third party plugins is one of the biggest features of HB that no other bot can compete with.
I'm unsure how exactly do they check the state of WoW memory, but I'd expect some well-known solutions like having several places where a certain variable is stored in different formats and memory getting constantly hashed at random moments of game loop to check for modifications. Warden hashes some part of another user-space programs' RAM. Running something in kernel-mode may not even spawn a process. It's just there, and it runs. Getting access to kernel-space RAM from a user-space program is forbidden anyway, it's usually just sending messages to drivers via DeviceIoControl. So they'd have to run something in kernel-mode and scan the whole kernel memory, having a chance to read some device-mapped memory and killing the whole system.
For a virtualization solution there's just no way to know what's going on outside. It's just the same as asking what's outside of our universe. If it doesn't want to show its traces inside, we have no way to know about it.
I've just come up with another unbreakable solution: having it done in hardware. HB runs on a computer A, WoW runs at computer B, and some piece of cheap hardware connected to computer A via USB and to computer B via another USB gets commands from computer A and emulates USB HID mouse and keyboard. In reverse direction it either reads from a virtual screen or directly from memory via something like a JTAG interface (there're lots of solutions for hardware direct memory access, and I can't tell which are the most viable 'cause I never tried them). The best think Blizz could do is to hijack a webcam to look on your PC.
Packet manipulation is a no-go, because Blizz can change the whole protocol on a weekly basis, just by adding a simple (week or two worth of work for a couple of devs) build step to their software, and I'm pretty surprised they didn't yet.
I came to this thread as it became clear to me from their efficiency that Blizz almost certainly started using some machine learning technology to find bots and I've thought to have a good battle with it. HB was always best at circumventing things that are not related to this detection measures, so I'm hoping Bossland will handle this issue somehow.
Edit. Look, a person that advocates the same and only correct solution is on a first page of official discussion of the recent banwave.
Edit 2. Actually, it's been known since 2005: http://www.theregister.co.uk/2005/11/04/secfocus_wow_bot/.
For a virtualization solution there's just no way to know what's going on outside. It's just the same as asking what's outside of our universe. If it doesn't want to show its traces inside, we have no way to know about it.
I've just come up with another unbreakable solution: having it done in hardware. HB runs on a computer A, WoW runs at computer B, and some piece of cheap hardware connected to computer A via USB and to computer B via another USB gets commands from computer A and emulates USB HID mouse and keyboard. In reverse direction it either reads from a virtual screen or directly from memory via something like a JTAG interface (there're lots of solutions for hardware direct memory access, and I can't tell which are the most viable 'cause I never tried them). The best think Blizz could do is to hijack a webcam to look on your PC.
Packet manipulation is a no-go, because Blizz can change the whole protocol on a weekly basis, just by adding a simple (week or two worth of work for a couple of devs) build step to their software, and I'm pretty surprised they didn't yet.
I came to this thread as it became clear to me from their efficiency that Blizz almost certainly started using some machine learning technology to find bots and I've thought to have a good battle with it. HB was always best at circumventing things that are not related to this detection measures, so I'm hoping Bossland will handle this issue somehow.
Edit. Look, a person that advocates the same and only correct solution is on a first page of official discussion of the recent banwave.
Edit 2. Actually, it's been known since 2005: http://www.theregister.co.uk/2005/11/04/secfocus_wow_bot/.
Last edited:
Oh, don't take it serious. MS is open-sourcing C# compiler as Roslyn and there is also Mono. C# scripts can be run in a VirtualBox, and a kernel-space driver can talk to them via a TCP (or even HTTPS) channel. Actually there are solutions that leave C# intact. I meant that something like Lua would be much easier to use, as it's developed as a standalone scripting language interpreter.
Interesting proposal/solution, however if I'm not mistaken HB send the controls via injection through memory (RAM), not via keyboard and mouse control. For this solution to work HB needs to be modified - how extensive is the modification work? Only Dev can answer that but the proposed solution seems legit to me.
Cheers..
JG
Every proper solution requires extensive modification of HB, and if that was easy, Bossland would do it long ago. Current solution with RAM modification is plain wrong, as we may see from several banwaves.
You do not earn enough to buy them nor have the privilege to even get a quote.
They have spent an insane amount of cash on the legal battle with Bossland. If they had the ability to detect the bot early on, before Bossland had the money to fight back, or before HB even gained enough popularity to be more of a threat to blizzard, then they would have. They have managed to kill other botting programs cold in their tracks. There is no logical reason why Blizzard would have waited nearly half a decade or so to start really *****ing down. They are doing it now because they can. Because its doable, and also its good at padding numbers. Any suspended account is still considered a subscriber, and if even 10% of the players banned buy new accounts then blizzard benefits. They could have done the same thing years ago, had they been able to detect Hb as easy.
Now on to the Topic of this post. No HB has never been safe. And there has always been a warning. But HB has used Tripwire as a selling point for a while. Claiming that although botting isn't safe that they could provide some protection against server side attempts. Although, Blizzard nor Bossland will disclose how Hb is begin caught. You can google and see a lot of information about plausible options. All that aside. Is HB as safe as it was Before May 2015? NO! its apparent it isn't. And you can argue blizzard "could always detect it" not really a valid argument because they never did. its a simple question. Before the past years mass waves. You were nearly 100% safe to attach HB if you did not hit start on the bot at all. Because most all bans were a product of interaction in the World of Warcraft, Now the program it self is being detected which means one who hasn't even used it but just had it attached, loaded, and running is at a fair risk of being banned. That simple fact makes it not as safe as always. Do I think that the risk of blizzard detecting HB has always been there? SURE! However, until it happens its a plausible risk and not an actual guaranteed event. Now if you bot even as safely as possible or only hang in your garrison, if you are on HB with any regularity that account will catch a ban.
Unless a whole new method of detection prevention is established then HB will continue to get banned a few times a year. Just accept it and move on. NEVER BOT ON YOUR MAIN, that's always been a rule. Yeah, the risk is higher now and I'll lose accounts a few times a year pretty much guaranteed, but they are cheap and its still worth it to me. At least at the moment.
The future is coming though. Blizzard detection is getting better everyday, and Blizzard can afford the best, I've said it before and ill say it again. Deep learning machines in time could easily identify real players from bots with little effort. Sure, there will be a few false positives here or there, at first. A human employee might have to look over flagged accounts. But, that's the thing about deep learning algorithms they only get better the more they run and learn from their mistakes. They can easily pick up on the behaviors, as well as maximum response times and reflexes of the a few million real players and then ban anyone that deviates beyond a range of that. We know Blizzard can Identify the bot, who's to say they didn't target a few 1000 known botters and have the computer watch them making note of key differences that it can identify between the known botters and the human players. Not saying they did but it is well within the realm of possibility and technology to do so.
Botting in wow as it is done now has always had a limited life span. Sure its a bit more risky now. But there may well come a day when every bots banned immediately, or where its detected even while trying to attach. GOOD news is that days not today. And probably not tomorrow either. So no question its not as safe as it was a few years ago, but also its never been totally safe anyways. Either accept the risk, or don't. The choice has always been yours. Sure Bossland shouldn't say its as safe as ever. But also YOU SHOULDN'T BOT ON ANYTHING YOU'RE NOT WILLING TO LOSE.