Valhalla Legends Forums Archive | Battle.net Bot Development | Any Diablo II Xpac Pub Clientless INGAME Bots Out Yet?

AuthorMessageTime
BenOwns
just wondering if anyone knew of any pub ones or non pub ones that are out?
October 7, 2004, 10:49 AM
Soul Taker
[quote author=BenOwns link=topic=9040.msg83549#msg83549 date=1097146172]
just wondering if anyone knew of any pub ones or non pub ones that are out?
[/quote]
What's this got to do with bot development?
October 7, 2004, 12:30 PM
iago
Clientless? I think we went over this with somebody else: a bot IS a client, how can it possibly be clientless?
October 7, 2004, 12:32 PM
Soul Taker
[quote author=iago link=topic=9040.msg83563#msg83563 date=1097152365]
Clientless? I think we went over this with somebody else: a bot IS a client, how can it possibly be clientless?
[/quote]
Telepathy based bots!  Though, I guess your brain could be considered the client there.  Hm... but with the odds of people asking this stuff having brains.....
October 7, 2004, 12:34 PM
OnlyMeat
[quote author=BenOwns link=topic=9040.msg83549#msg83549 date=1097146172]
just wondering if anyone knew of any pub ones or non pub ones that are out?
[/quote]

I have written a so called clientless bot ( by this hes referring to terminology used by d2 client hackers which basically means a game client other than the real d2 ).

It is not public yet but i maybe releasing soon ( well a few months ) as i still have some issues to cleanup.

This release will not be source code only binaries, also to note my 'client' uses proxy support so R/D's are no longer a problem and no need to do multi xp runs (which actually just slow you down ).
October 7, 2004, 2:08 PM
iago
I guess I'll post my warning here again -- Diablo 2 as of 1.10 has hidden anti-bot stuff that they have yet to use.  Whether they will ever use it is a mystery, but checksums and such DO exist in the game's code.  I haven't seen it myself, but I was told by a very trusted friend some time ago.
October 7, 2004, 5:28 PM
OnlyMeat
[quote author=iago link=topic=9040.msg83581#msg83581 date=1097170126]
I guess I'll post my warning here again -- Diablo 2 as of 1.10 has hidden anti-bot stuff that they have yet to use.  Whether they will ever use it is a mystery, but checksums and such DO exist in the game's code.  I haven't seen it myself, but I was told by a very trusted friend some time ago.
[/quote]

That may well be true for the real client's internal memory checks and such ( anti-hacking  i.e extrawork.dll ) but  i have seen no such activity with regards to server packets directly.

This may of course be that i just have not seen it but iv been working with d2 for quite a while and have not seen anything remotely like you mentioned would you care to elaborate on the details of these anti-botting checks?
October 7, 2004, 6:34 PM
kamakazie
[quote author=OnlyMeat link=topic=9040.msg83588#msg83588 date=1097174060]
That may well be true for the real client's internal memory checks and such ( anti-hacking  i.e extrawork.dll )
[/quote]

Does anyone have any actual proof that ExtraWork.dll can be used to detect hacks within Diablo II?  I would like to see a dll capable of that, as I haven't seen any personally.
October 7, 2004, 7:17 PM
OnlyMeat
[quote author=dxoigmn link=topic=9040.msg83595#msg83595 date=1097176631]
[quote author=OnlyMeat link=topic=9040.msg83588#msg83588 date=1097174060]
That may well be true for the real client's internal memory checks and such ( anti-hacking  i.e extrawork.dll )
[/quote]

Does anyone have any actual proof that ExtraWork.dll can be used to detect hacks within Diablo II?  I would like to see a dll capable of that, as I haven't seen any personally.
[/quote]

As far as i can tell the d2 client is able to update this dll dynamically so it may not as yet check for any specific hacking but they are able to add ( or download ) a new version of that dll at anytime which means they can start doing hacking checks at anytime that suits them, of course this only applies to bots that use the actual d2 client which is not what we are discussing here, we are talking about an alternative client that supports d2 games.

But to answer your question no it currently does'nt look for hacks by the looks of the assembly, but it can change without a patch coming out so in the future yes it could very well do so <insert warning to botters using hacks> :p
October 7, 2004, 7:32 PM
Kp
[quote author=OnlyMeat link=topic=9040.msg83598#msg83598 date=1097177534]As far as i can tell the d2 client is able to update this dll dynamically so it may not as yet check for any specific hacking but they are able to add ( or download ) a new version of that dll at anytime which means they can start doing hacking checks at anytime that suits them, of course this only applies to bots that use the actual d2 client which is not what we are discussing here, we are talking about an alternative client that supports d2 games.
But to answer your question no it currently does'nt look for hacks by the looks of the assembly, but it can change without a patch coming out so in the future yes it could very well do so <insert warning to botters using hacks> :p[/quote]

On what do you base the belief that robots are safe from this DLL?  It would be trivially easy to set the banning rules to be that "if the response is missing or wrong, then ban."  Bots would ignore the message and get banned.  Cheaters would process the message, get the checksum wrong, and get banned.  Only true clients could pass the check.
October 7, 2004, 7:54 PM
OnlyMeat
[quote author=Kp link=topic=9040.msg83600#msg83600 date=1097178889]
[quote author=OnlyMeat link=topic=9040.msg83598#msg83598 date=1097177534]As far as i can tell the d2 client is able to update this dll dynamically so it may not as yet check for any specific hacking but they are able to add ( or download ) a new version of that dll at anytime which means they can start doing hacking checks at anytime that suits them, of course this only applies to bots that use the actual d2 client which is not what we are discussing here, we are talking about an alternative client that supports d2 games.
But to answer your question no it currently does'nt look for hacks by the looks of the assembly, but it can change without a patch coming out so in the future yes it could very well do so <insert warning to botters using hacks> :p[/quote]

On what do you base the belief that robots are safe from this DLL?  It would be trivially easy to set the banning rules to be that "if the response is missing or wrong, then ban."  Bots would ignore the message and get banned.  Cheaters would process the message, get the checksum wrong, and get banned.  Only true clients could pass the check.
[/quote]

I cant say for certain, i dont think anyone can in truth but i  do believe in my personal opinion  that extrawork.dll is designed to check the memory space of the real client, otherwise they would just simply send another kinda of authentication challenge packet if they intended it to check for clients other than d2 ( which they still might do ) but as of yet i have not seen any packet based challenge.

This appears to be a pure client side memory integrity check, also the fact that 99% of botting is performed by client side hacks could be the driving force behind this.

I have yet to see any public 'clientless' bots which are active so i can only assume they are trying to rid the realms of these elements first, this is a purely logical assumption which you may disagree with but everyone is entitled to their own opinion and thats mine ;D
October 7, 2004, 8:44 PM
BenOwns
as he said yes.
for diablo II clientless INGAME bot.
Meaning a bot that does not use the diablo II game ( client ) is able to enter games make actions and so forth.
October 8, 2004, 3:16 AM
bethra
these kind of programs and all that botting shit is what makes people quit D2.

Ruins the trading economy, ruins the fun, ruins the online experience, period.

bleh.
October 9, 2004, 3:59 AM
BaDDBLooD
[quote author=bethra link=topic=9040.msg83725#msg83725 date=1097294362]
these kind of programs and all that botting shit is what makes people quit D2.

Ruins the trading economy, ruins the fun, ruins the online experience, period.

bleh.
[/quote]

Not to mention it inspires people to create better and better programs, making it harder and harder for blizzard to patch each generation of Diablo2 Game Bots.
October 9, 2004, 4:16 PM
Zakath
[quote author=OnlyMeat link=topic=9040.msg83602#msg83602 date=1097181851]
[quote author=Kp link=topic=9040.msg83600#msg83600 date=1097178889]
[quote author=OnlyMeat link=topic=9040.msg83598#msg83598 date=1097177534]As far as i can tell the d2 client is able to update this dll dynamically so it may not as yet check for any specific hacking but they are able to add ( or download ) a new version of that dll at anytime which means they can start doing hacking checks at anytime that suits them, of course this only applies to bots that use the actual d2 client which is not what we are discussing here, we are talking about an alternative client that supports d2 games.
But to answer your question no it currently does'nt look for hacks by the looks of the assembly, but it can change without a patch coming out so in the future yes it could very well do so <insert warning to botters using hacks> :p[/quote]

On what do you base the belief that robots are safe from this DLL?  It would be trivially easy to set the banning rules to be that "if the response is missing or wrong, then ban."  Bots would ignore the message and get banned.  Cheaters would process the message, get the checksum wrong, and get banned.  Only true clients could pass the check.
[/quote]

I cant say for certain, i dont think anyone can in truth but i  do believe in my personal opinion  that extrawork.dll is designed to check the memory space of the real client, otherwise they would just simply send another kinda of authentication challenge packet if they intended it to check for clients other than d2 ( which they still might do ) but as of yet i have not seen any packet based challenge.

This appears to be a pure client side memory integrity check, also the fact that 99% of botting is performed by client side hacks could be the driving force behind this.

I have yet to see any public 'clientless' bots which are active so i can only assume they are trying to rid the realms of these elements first, this is a purely logical assumption which you may disagree with but everyone is entitled to their own opinion and thats mine ;D
[/quote]

*Groan*

Are people STILL not aware of the purpose of IX86ExtraWork.dll?! Skywing analyzed it in detail, and iirc even provided a utility to see what it was doing. ExtraWork carries the functions that are called to "send your system information to Blizzard" (i.e., processor type and speed, video ram, etc...). It is not, and never has been, an anti-hacking measure. Now, you can certainly say that it could be in the future, but that's absurd logic. By the same token, I could say that in the future Blizzard might modify CheckRevision to start randomly IP-banning people whose computer network name starts with the letter 'P.'
October 10, 2004, 2:53 AM
OnlyMeat
[quote author=Zakath link=topic=9040.msg83813#msg83813 date=1097376822]

*Groan*

Are people STILL not aware of the purpose of IX86ExtraWork.dll?! Skywing analyzed it in detail, and iirc even provided a utility to see what it was doing. ExtraWork carries the functions that are called to "send your system information to Blizzard" (i.e., processor type and speed, video ram, etc...). It is not, and never has been, an anti-hacking measure.

[/quote]

Yes i believe most people have a good idea of it's current implementation, but i think the point is that this can change at any time without an offical patch which makes it ideal for dealing with hacks which change rapidly.

[quote author=Zakath link=topic=9040.msg83813#msg83813 date=1097376822]
Now, you can certainly say that it could be in the future, but that's absurd logic. By the same token, I could say that in the future Blizzard might modify CheckRevision to start randomly IP-banning people whose computer network name starts with the letter 'P.'
[/quote]

I really dont see your point whats changing checkrevison to ban network names beginning with 'p' got to do with extrawork.dll checking for hacks?, i fail to see the connection // or analogy, changing checkrevision would require a patch to the physical client and it's associated libraries and extrawork.dll does not require this which makes it ideal for ever changing hacks.

Also the fact that it's loaded into the address space of the d2 client means it can do any number of memory integrity checks, making it easy to detect hooks and 3rd party processes writing to it's address space.
October 10, 2004, 4:44 AM
Quarantine
He was supporting what he said to be "absurd logic" by giving smething that could happen but likely wouldnt.
October 10, 2004, 4:47 AM
OnlyMeat
[quote author=Warrior link=topic=9040.msg83828#msg83828 date=1097383656]
He was supporting what he said to be "absurd logic" by giving smething that could happen but likely wouldnt.
[/quote]

And how is checking for client side hacks absurd logic then?
also why would'nt it likely happen?

If this dll already exists why could'nt it be used to check for hacks, it's ideally placed for anti-hack checks.

Please elaborate if you know something that we dont about what blizzards plans are in the future.
October 10, 2004, 4:53 AM
Quarantine
it could but you have nothing supporting your logic, even though it has a POSSIBILITY to happen there is no evidence showing that it WILL happen in the near future but it is very much possible , thats why he was comparing the CheckRevision to ExtraWork.dll since they can edit it to do whatever they want but there is no evidence they want to / will in the near future
October 10, 2004, 5:02 PM
Soul Taker
Has everyone forgot that the dll is only used if you opted to allow it?  Do you really think their anti-hack measures involve hackers agreeing to let Blizzard check out their stuff (regardless of whether said stuff is hack-related or just system specs)?
October 10, 2004, 5:42 PM
mentalCo.
How about disconnect on those packets.  Any client is allowed to disconnect whenever.  Hopefully the anti-bot packets wont have to be a requirement to play in a game.
October 15, 2004, 4:01 PM
Skywing
[quote author=mentalCo. link=topic=9040.msg84541#msg84541 date=1097856082]
How about disconnect on those packets.  Any client is allowed to disconnect whenever.  Hopefully the anti-bot packets wont have to be a requirement to play in a game.
[/quote]
IIRC, they are [when it's turned on].
October 15, 2004, 9:25 PM

Search