Results 1 to 15 of 15

Thread: What exactly does Jagex check for?

  1. #1
    Join Date
    Feb 2015
    Posts
    3
    Mentioned
    0 Post(s)
    Quoted
    2 Post(s)

    Default What exactly does Jagex check for?

    Hi all, I am new here and am trying to make my own bot for learning purposes + money making (I suppose).

    I am wondering what kind of things Jagex will check for.

    Mouse movement? Mouse speed? Or only mouse click locations?

    Hours played each day vs hours played in a row.

    Whether your play time matches your timezone?

    VPN? Multiple accounts per IP/Hardware?

    Dismissing vs ignoring randoms?

    Or do they just check mouse click patterns and playtime, while most are people getting banned because they are reported for looking like bots?

  2. #2
    Join Date
    Mar 2013
    Posts
    1,010
    Mentioned
    35 Post(s)
    Quoted
    620 Post(s)

    Default

    You should ask Jagex this stuff, we can only make educated guesses.
    #slack4admin2016
    <slacky> I will build a wall
    <slacky> I will ban reflection and OGL hooking until we know what the hell is going on

  3. #3
    Join Date
    Jun 2012
    Posts
    586
    Mentioned
    112 Post(s)
    Quoted
    296 Post(s)

    Default

    I wish I remembered which thread Brandon posted in, because it summarized my views on this perfectly...

    I think Jagex attempts to detect major clients. Sure, they detect obvious bot behavior like clicking the same coordinate or colour 10K times in a row with no randomized delay. But, the effort spent detecting tiny things like you mentioned, such as mouse movement or paths would be better spent detecting the client itself. Do you think Jagex can, or rather, would, monitor, store, and track all of that data?

    The most I've seen from a player's log was that they clicked w-object at x-time, then clicked the y-menu item after z-ms.




    Skype: obscuritySRL@outlook.com

  4. #4
    Join Date
    Feb 2011
    Location
    The Future.
    Posts
    5,600
    Mentioned
    396 Post(s)
    Quoted
    1598 Post(s)

    Default

    Consider:

    Simba Code:
    type data = packed record
      X, Y: Word;  //it makes sense to store mouse info as an "unsigned short" because your mouse position is never less than 0 or greater than 65535.
      info: Array[0..31] of byte; //with 32 bytes, you can store client name or whatever..
      click: integer; //You can store click (release or press) and (scroll up or down)..
    end;

    const           //you can "or" these constants to store them into the click integer if necessary. They obviously have to have unique values that can be or'd.
      SCROLL_UP = 0;
      SCROLL_DOWN = 1;
      CLICK_RELEASE = 0; //release
      CLICK_DOWN = 1; //down
      CLICK_LEFT = 0;
      CLICK_RIGHT = 1;

    var
      I, clicks, trials, perday: UInt64;
    begin
      trials := 10;

      I := GetSystemTime() + (1000 * trials);
      while(GetSystemTime() < I) do
      begin
        wait(20);
        clicks += 1;
      end;

      //with a 20 ms ping delay, we have an average of ~37 clicks second


      perday := round((3600 * (clicks / trials)) * 24);


      writeln(clicks / trials, ' clicks per second');

      writeln((3600 * (clicks / trials)), ' clicks per hour');

      writeln(perday, ' clicks per day');

      writeln(perday * sizeof(data), ' bytes');

      writeln((perday * sizeof(data)) / (1024 * 1024), ' megabytes');

      writeln((perday * sizeof(data)) / (1024 * 1024 * 1024), ' gigabytes');
    end.

    Progress Report:
    35.3 clicks per second
    127080 clicks per hour
    3049920 clicks per day
    24399360 bytes
    23.26904296875 megabytes
    0.0227236747741699 gigabytes
    Successfully executed.
    
    
    1 clicks per second
    3600 clicks per hour
    86400 clicks per day
    691200 bytes
    0.6591796875 megabytes
    0.000643730163574219 gigabytes
    Successfully executed.



    So it's quite reasonable considering all that is stored and depends on how often. Let's assume 100k bots online for 24hrs straight with 1 click every 20 ms (extreme insanity):

    We get: 2272.36747742 gigabytes of data and bandwidth gone.. 2TB is not a lot though.. especially for 100k bots for 24 hours straight with only a 20ms delay between clicks. So much so that you can even increase the amount of data stored (change info to more than 32 bytes).. So yes it's a viable option but there are better methods out there by a long shot..

    The real question is whether it is practical. If you can detect someone's client, why should you care about their mouse or anything else?
    Last edited by Brandon; 02-17-2015 at 01:19 AM.
    I am Ggzz..
    Hackintosher

  5. #5
    Join Date
    Dec 2011
    Posts
    2,147
    Mentioned
    221 Post(s)
    Quoted
    1068 Post(s)

    Default

    Quote Originally Posted by Brandon View Post
    Consider:

    Simba Code:
    type data = packed record
      X, Y: Word;  //it makes sense to store mouse info as an "unsigned short" because your mouse position is never less than 0 or greater than 65535.
      info: Array[0..31] of byte; //with 32 bytes, you can store client name or whatever..
      click: integer; //You can store click (release or press) and (scroll up or down)..
    end;

    const           //you can "or" these constants to store them into the click integer if necessary. They obviously have to have unique values that can be or'd.
      SCROLL_UP = 0;
      SCROLL_DOWN = 1;
      CLICK_RELEASE = 0; //release
      CLICK_DOWN = 1; //down
      CLICK_LEFT = 0;
      CLICK_RIGHT = 1;

    var
      I, clicks, trials, perday: UInt64;
    begin
      trials := 10;

      I := GetSystemTime() + (1000 * trials);
      while(GetSystemTime() < I) do
      begin
        wait(20);
        clicks += 1;
      end;

      //with a 20 ms ping delay, we have an average of ~37 clicks second


      perday := round((3600 * (clicks / trials)) * 24);


      writeln(clicks / trials, ' clicks per second');

      writeln((3600 * (clicks / trials)), ' clicks per hour');

      writeln(perday, ' clicks per day');

      writeln(perday * sizeof(data), ' bytes');

      writeln((perday * sizeof(data)) / (1024 * 1024), ' megabytes');

      writeln((perday * sizeof(data)) / (1024 * 1024 * 1024), ' gigabytes');
    end.

    Progress Report:
    35.3 clicks per second
    127080 clicks per hour
    3049920 clicks per day
    24399360 bytes
    23.26904296875 megabytes
    0.0227236747741699 gigabytes
    Successfully executed.
    
    
    1 clicks per second
    3600 clicks per hour
    86400 clicks per day
    691200 bytes
    0.6591796875 megabytes
    0.000643730163574219 gigabytes
    Successfully executed.



    So it's quite reasonable considering all that is stored and depends on how often. Let's assume 100k bots online for 24hrs straight with 1 click every 5 seconds:

    We get: 2272.36747742 gigabytes of data and bandwidth gone.. 2TB is not a lot though.. especially for 100k bots for 24 hours straight. So yes it's a viable option but there's better methods out there by a long shot..
    This suggests to me a tiered priority data collection system, so that only Xk accounts at a time are undergoing full data collection because of failing lower tier thresholds. Yk accounts are undergoing half of this, Zk accounts are only subject to basic data collection.

    Or hell, maybe buying treasure hunter keys takes you down a priority level.

    Just a guess. Not a lot of evidence in my experience that they have been tracking full mouse movement though, like Obs said. Focusing on clients makes a lot more sense to me.
    Last edited by Clarity; 02-17-2015 at 01:12 AM.

  6. #6
    Join Date
    Dec 2011
    Posts
    69
    Mentioned
    0 Post(s)
    Quoted
    15 Post(s)

    Default

    like people have already said the majority of bot busting probably comes through client detection
    There has been huge client wide ban waves done by jagex in the past that still go on now ( I know pbot received one recently for rs3)

    At the end of the day, there's a reason they introduced bonds. Detecting bot behavior is exponentially more difficult than avoiding detection. They know it's better to address the goldfarmers by joining them rather than trying to beat them, as the saying goes.

  7. #7
    Join Date
    Jun 2014
    Location
    Lithuania
    Posts
    475
    Mentioned
    27 Post(s)
    Quoted
    200 Post(s)

    Default

    Quote Originally Posted by aleks976 View Post
    Hi all, I am new here and am trying to make my own bot for learning purposes + money making (I suppose).

    I am wondering what kind of things Jagex will check for.

    Mouse movement? Mouse speed? Or only mouse click locations?

    Hours played each day vs hours played in a row.

    Whether your play time matches your timezone?

    VPN? Multiple accounts per IP/Hardware?

    Dismissing vs ignoring randoms?

    Or do they just check mouse click patterns and playtime, while most are people getting banned because they are reported for looking like bots?
    Mouse click locations defitenely are looked for. Had few experiments after ban waves with summoning bots who clicks like atleast 15k times per day. Not changing clicking/missing/waits between clicks habbits in a week is automatic ban. Pretty sure jagex use statistical analysis to catch bots and like 100k clicks should be enough for like 99.9% confidence to say you bot or no. Probably they looking for the repeating patterns of some actions count and compare it during time i mean the distribution. If you would do some research like i did with spamclicking recording of my own and bot i made just for funs, would be surprised how stable bot is during longer periods of time even when sometimes my antiban has like 7 inside loops of cases, compared to human. Also jagex looks for toomuch or tooless randomness. Toomuch randomness isnt very human like. Toomuch patterns too. I think my papaya bots got banned cause always went clockwise... the only flaw i see there so far.

    Longer play periods gives more data so has higher chances of recognizing bot-like patterns. From experience i can say anything above 6-8 hours is kind of suicidal. while 4-6 keeps uncomparably safer. And botting 4-6 hours a day lasts longer than 12 hours a day. Actually letting bot work 2nd shift in a day(shift is 4-6h for me) it basicly is banned after first try, like ban rates increases unproportionally with time spent in a row/a day. While distributing time in few days works very fine like atleast 50% to survive 4-6h 14days while doing one day 8-12h and other 4-6 is like 5% to survive 14 days.

    Pretty sure they dont look for ip(never used anything to hide it botting multiple accounts) or your time zones, as some people work at night.

    Dont think their priority is client detection. They dont want to rely on it cause people could use browsers like we do and feel safe? So statistics is better option, especially seeing so many people getting banned nowadays using private scripts in browsers.

  8. #8
    Join Date
    Dec 2011
    Posts
    69
    Mentioned
    0 Post(s)
    Quoted
    15 Post(s)

    Default

    Quote Originally Posted by cosmasjdz View Post

    Dont think their priority is client detection. They dont want to rely on it cause people could use browsers like we do and feel safe? So statistics is better option, especially seeing so many people getting banned nowadays using private scripts in browsers.

    The majority of botters are in some mainstream client so I don't agree that client detection is not a priority. Even among simba users botting outside of smart is probably the minority ( just assuming don't have the data).

    Also, users of major botting clients are more vocal and will let the community know of widespread bans. Jagex want this because it makes the legit players feel like real work against bots is being taken.

  9. #9
    Join Date
    Feb 2015
    Posts
    3
    Mentioned
    0 Post(s)
    Quoted
    2 Post(s)

    Default

    I ask because I whipped together a basic bot with my basic knowledge, its a level 3 skiller with a sgroearnhlg kind of name. It has run 12 hours straight and no ban.

    I am planning to make a script and bot that is really advanced and all randomized and undetectable, so that I can bot and basically not get banned, and also go through the learning experience.

    I want to know what kind of lengths I need to go to, but it seems that for now I can put a randomized / interlaced mouse movement as one of the last things I need to worry about

  10. #10
    Join Date
    Feb 2007
    Location
    Alberta, Canada
    Posts
    4,615
    Mentioned
    50 Post(s)
    Quoted
    429 Post(s)

    Default

    Quote Originally Posted by aleks976 View Post
    I ask because I whipped together a basic bot with my basic knowledge, its a level 3 skiller with a sgroearnhlg kind of name. It has run 12 hours straight and no ban.

    I am planning to make a script and bot that is really advanced and all randomized and undetectable, so that I can bot and basically not get banned, and also go through the learning experience.

    I want to know what kind of lengths I need to go to, but it seems that for now I can put a randomized / interlaced mouse movement as one of the last things I need to worry about
    Personally, I think the single most important thing to consider when you're writing a script is mimicking a human when doing the task. That might actually require more than a single task though, so if you'd like to simplify it then the single most important thing could be "taking breaks", which I find helps to stave off banning extremely efficiently.

    Scripts: Edgeville Chop & Bank, GE Merchanting Aid
    Tutorials: How to Dominate the Grand Exchange

    Quote Originally Posted by YoHoJo View Post
    I like hentai.

  11. #11
    Join Date
    Mar 2013
    Location
    Argentina
    Posts
    758
    Mentioned
    27 Post(s)
    Quoted
    365 Post(s)

    Default

    what i do in my scripts is the followiing:

    Do the task for around an hour to see how i do it, and how i perform after a while. Then, try to copy it with the script and add randomness, long breaks (going to pee, checking social media, etc, etc). Efectiveness is also something i believe they look for ... since recently they have banned a user which was not botting and said "he looked to efficient to be a human" so, yeah.. dont make a perfect bot that never misses a click.

    Although, in my experience, what counts most is breaks. I had around 12 clay miners with no breaks at all, and they lasted around 1 month. I introduced regular breaks on all my new bots and have had no bans since then (only one, went on vacations and left the script running, it messed up).

    Lastly, until the script is flawless, or near, check it regularly and add lots of failsafes, because its easy to screw up and get into an infinite loop, and bam, you banned.

    Hope this helps you, Lipcot.
    Formerly known as Undorak7

  12. #12
    Join Date
    Jun 2012
    Posts
    586
    Mentioned
    112 Post(s)
    Quoted
    296 Post(s)

    Default

    @Brandon - Now do the same for mouse movements, not just clicks. Store every mouse_event generated in a single mouse movement, along with the click, and you wind up with a lot more.




    Skype: obscuritySRL@outlook.com

  13. #13
    Join Date
    Feb 2011
    Location
    The Future.
    Posts
    5,600
    Mentioned
    396 Post(s)
    Quoted
    1598 Post(s)

    Default

    Quote Originally Posted by Obscurity View Post
    @Brandon - Now do the same for mouse movements, not just clicks. Store every mouse_event generated in a single mouse movement, along with the click, and you wind up with a lot more.
    It's not any different. The above calculations still hold. Consider the delay between each movement.


    Progress Report:
    Delay: None
    6505.7 clicks per second
    23420520 clicks per hour
    562092480 clicks per day
    22483699200 bytes
    21442.1264648438 megabytes
    20.939576625824 gigabytes
    Successfully executed.
    
    Delay: 20ms
    46.5 clicks per second
    167400 clicks per hour
    4017600 clicks per day
    160704000 bytes
    153.25927734375 megabytes
    0.149667263031006 gigabytes
    Successfully executed.



    It says clicks because I was too lazy to change it to "movements" but those are the values for "movements".. See the below programs.

    Now consider the fact that SRL uses: https://github.com/SRL/SRL-6/blob/bf...ouse.simba#L52 and https://github.com/SRL/SRL-6/blob/bf...use.simba#L200

    AND the fact that both functions add delays (via "wait(W)") such as: https://github.com/SRL/SRL-6/blob/bf...use.simba#L169 between each and every point. PLUS the fact that there is a delay between socket communications when communicating with SMART..

    Then it is safe to assume that 20ms is actually quite a small delay compared to what SRL introduces.. It's actually more than reasonable. And the above shows that for 24-hours total usage for such a delay is only 153mb.

    ALSO consider the fact that recording movement takes LESS bytes than recording clicks.. Why? Because movement only contains X and Y and whether or not the mouse is down (for dragging of course.. aka 1 byte).

    That's exactly 5 bytes per movement (2 words + 1 byte for drag flag).. Whereas the recorded data is using 40 bytes per movement which gives it more than the benefit of the doubt!



    Code:
    Simba Code:
    ///THE above data uses the same structure as for clicks:

    type data = packed record
      X, Y: Word;  //it makes sense to store mouse info as an "unsigned short" because your mouse position is never less than 0 or greater than 65535.
      info: Array[0..31] of byte; //with 32 bytes, you can store client name or whatever..
      click: integer; //You can store click (release or press) and (scroll up or down)..
    end;

    //BUT, in reality it should only be (for movement, but let's ignore that for code-reuse sake):
    type data = packed record
      X, Y: Word;  //it makes sense to store mouse info as an "unsigned short" because your mouse position is never less than 0 or greater than 65535.
      Drag: Byte; //flag for whether the mouse is being dragged (mouse button down) while moving.
    end;

    //for minimal storage and bandwidth usage..


    //test code:

      trials := 10;
      GetClientDimensions(W, H);
      ActivateClient();

      I := GetSystemTime() + (1000 * trials);
      while(GetSystemTime() < I) do
      begin
        moveMouse(randomRange(0, W), randomRange(0, H)); //using the nasty moveMouse instead of SRL-6 functions.
        wait(20);
      end;

      lock(Pointer(@mutex)); //waits until the dummy window finishes updating the memory map. Synchronisation.
      movements := getIntMap(); //Get the amount of movements from the memory map.

      //same math as for clicks..
      movements / trials;   //etc..

    Counter (code for the dummy window I created which records the number of movements it received and stores it in a memory map for Simba to read):
    C Code:
    LRESULT __stdcall WindowProcedure(HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam)
    {
        static unsigned int counter = 0;
        static shared_mutex mutex;

        switch(message)
        {
            case WM_CREATE:
            {
                lock(&mutex);
            }
            break;

            case WM_KEYDOWN: //needed to reset the counter after targeting this window with Simba's cross-hairs..
            {
                counter = 0;
            }
            break;

            case WM_MOUSEMOVE:
            {
                printf("Movements: %d\n", ++counter);
            }
            break;

            case WM_DESTROY:
                PostQuitMessage(0);
     
                putIntMap(counter);
                release(&mutex);
                break;
            default:
                return DefWindowProc (hwnd, message, wParam, lParam);
        }

        return 0;
    }


    So the calculations still hold.. In fact, they're actually more reasonable for movements rather than clicks.
    Last edited by Brandon; 02-18-2015 at 12:25 AM.
    I am Ggzz..
    Hackintosher

  14. #14
    Join Date
    Feb 2015
    Posts
    3
    Mentioned
    0 Post(s)
    Quoted
    2 Post(s)

    Default

    Ok one last thing, do I have to dismiss randoms or does it even matter since random events dont do anything?

  15. #15
    Join Date
    Dec 2007
    Posts
    289
    Mentioned
    4 Post(s)
    Quoted
    86 Post(s)

    Default

    I would be surprised if Jagex does the scale of data collection being referred to in this thread - particularly for Old School where they only seem to have 1 competent developer and 1 modeller.

    Storing the data is one thing, exploiting it is another...

    I would suggest, as someone has previously mentioned, that Jagex only record detailed data on mouse movements/clicks on players who have been flagged. If this is correct it would be interesting to know what gets an account flagged... skill imbalances? Time played in one season (average?)? Reports received?

    Interesting discussion, unfortunately I doubt anyone here can truly answer this question.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •