Rejected Botting without rendering

Discussion in 'Client & Site Suggestions' started by mitchelldiepbrink, Mar 4, 2016.

  1. So I asked this question in the chatbox yesterday but didn't really get sufficient input. Because the bot works with reflection and not with the screen itself isn't it possible to add an option to disable rendering of the game and just let the bot do it's thing? This would drastically reduce some of the requirements and thus would allow for a better botting experience. @Arbiter said something about the method being highly detectible, if this is true, why? Perhaps @Cloud can enlighten me/us? Would be a killer feature to have. :)
     
  2. Not possible without Injection. RuneMate currently uses Reflection.
     
  3. Without getting too technical, doing what you ask would require modifying how the game client operates. RuneMate purely uses reflection, a methodology that only inspects the runtime without modifying it, for our users' account safety. As mentioned before doing something like this through a method like injection would be possible, but highly irresponsible, as I can think of numerous ways Jagex could detect it with just a few lines of code.
     
  4. In order to disable rendering you would have to make changes to the client, which is why Injection is necessary. The problem with this is that by making changes to the client you are considerably more likely be caught than if you were to use Reflection, which to my knowledge doesn't modify the client but instead queries it to a degree.

    Ahh sniped by Arbi.
     
  5. Please do go technical, I'm all in. I've created quite some "cheats" for other games in the past but this was mainly done with DLL inejction in C++ written games. I'm still quite new to the Java "take-over an application" scene which is why I'm asking. As it only uses reflection it can only query information of the client and not modify the client's game state, right?
    Can you give me some examples of Jagex being able to detect injection that alter the game state? Because you basically own the client when injecting I can't come up with detection methods that can't be bypassed by the injector.

    A good example would be injection for World of Warcraft. Warden would be able to detect these injections and report back to the server but to counter that effect you would rewrite the network packet of the detector just before it got sent to the server. How is this not an option with RuneScape?

    All of this were all assumptions, please correct me if I'm wrong.
     
  6. We dont quite know exactly if and how they are detecting injection. If we did know it would be very easy to be able to trick the server. I personally don't think that they detect injection as I have been using it for about a year now with only 1 ban. And while disabling rendering would make it run faster, you also cant click anything because none of the models are being rendered and raycasting cant do its thing.
     
  7. Using injection does not essentially mean it can be detected. "If done correctly, it can be as hard to detect as reflection" -Somebody in slack chat.
     
  8. The issue with this is, most of the time you'll be patching their detection methods, meaning that the damage is already done, which would be irresponsible as Arbiter mentioned. Unless you were to analyse the game each update and take the bot down if some unexpected code is present.
    True, and I remember Jacmob saying that any detection method can be bypassed/spoofed, a long time ago when I think they started counting methods in certain classes, or was it checking the class hashes... I can't remember the specifics. But that only applies when you know what that detection is and how it works.
     
  9. The combination of integrity checking, encryption, and realtime updates are killer. All three are actively used by Jagex. Using any sort of injection would be irresponsible to our users as it would open up a new vector for detection. Whether or not they do it right now is irrelevant; the fact that I can think of ten ways they can do it within their existing infrastructure with ease is reason enough to stay a mile away.
     
    Qosmiof2 likes this.

Share This Page

Loading...