Jump to content
Frequently Asked Questions
  • Are you not able to open the client? Try following our getting started guide
  • Still not working? Try downloading and running JarFix
  • Help! My bot doesn't do anything! Enable fresh start in client settings and restart the client
  • How to purchase with PayPal/OSRS/Crypto gold? You can purchase vouchers from other users
  • Client Suggestions/Changes


    Defiled

    Recommended Posts

    what other things encourage a separate jvm then? and there is no unknown ground lol i have already discovered and leaked everything there is + anything new is discovered within 10 mins of looking at an update (tooling can also automatically spot significant changes)

    Link to comment
    Share on other sites

    41 minutes ago, dogaforgotema said:

    what other things encourage a separate jvm then? and there is no unknown ground lol i have already discovered and leaked everything there is + anything new is discovered within 10 mins of looking at an update (tooling can also automatically spot significant changes)

    56 minutes ago, Eclipseop said:

    They rly dont add that much shit over time when it comes to tracking. So 'overtime' you WILL be able to patch every hole :D
     

    Speaking that you can literally see exactly what they r sending via packets, i think you'll be able to see them xd

    You would think you can spot everything.. but we gotta remember the fact that Jagex has good developers and they could always come out with new shit to surprise clients like the ClusterFlutterer back in the day. The winner of every big war is the best user of Unpredictability.

    Having the heavy load on a separate JVM will remove the need to do checks for new tracking almost entirely. no need for new discoveries.

    Also through a separate JVM you could actually control multiple clients through 1 script. just think what you can do on a separate JVM...  also lets not forget the signature of the Official Client which throws out the locks problem. (I'm sure there's a way to replicate the signature but that's something I'm not interested in finding out in the moment)

    Instead of thinking of today's findings, future proofing is a good method to stay ahead of the curve. :) 

    Link to comment
    Share on other sites

    55 minutes ago, Defiled said:

    but we gotta remember the fact that Jagex has good developers

    LOl they just added a tls client 2 the gamepack which increased file size by like 1mb for no reason, on top of leaving in debug messages inside the client. + they have been copy/pasting rs3 to osrs for like the past yr.
     

    57 minutes ago, Defiled said:

    I'm sure there's a way to replicate the signature but that's something I'm not interested in finding out in the moment

    ya it's called just spoof it

    Link to comment
    Share on other sites

    1 hour ago, Eclipseop said:

    LOl they just added a tls client 2 the gamepack which increased file size by like 1mb for no reason, on top of leaving in debug messages inside the client. + they have been copy/pasting rs3 to osrs for like the past yr.
     

    ya it's called just spoof it

    If the signature is so easy to spoof, then why has no public client done it brother? :)

    Yeah I know.. many of the new updates are just RS3 content with a new name... but that doesn't mean they're not brainstorming new detection ideas.. nevertheless never underestimate your opponent no matter how stupid they are  :) 

    Link to comment
    Share on other sites

    most public bots use inferior methods such as reflection thats why they cant/havent spoofed it or they figured out there's no point because like i said its irrelevant to bot detection. to add onto this let me give you a hint, bots arent the only third party clients

     

    cluster flutterer was only an issue at the time because there were very few competent devs in the scene and less info in general about the client + i was too young/new back then. a mere obfuscation change like that doesnt do much and is a very temporary measure but i digress, their detection system hasnt changed since late 2014 when james left jagex aside from them patching loopholes such as dogaction or -1 coords

     

    jagex does not have good developers (they may have in the last) but even if they did you have to remember that the scene also has very talented and handsome individuals like eclipseop 

     

    Link to comment
    Share on other sites

    This will be my last reply to you, as honestly it's getting stretched way too far.

    Gonna break up your reply into pieces so it can be easily replied to.

    Quote

    most public bots use inferior methods such as reflection thats why they cant/havent spoofed it or they figured out there's no point because like i said its irrelevant to bot detection. to add onto this let me give you a hint, bots arent the only third party clients

    I do understand bots aren't the only third-party clients. The third-party clients that are approved by Jagex are given their own signature and even though they have their own signature they still happen to cause locks (yes, it's less than un-approved clients but they still occur) because Jagex knows that they aren't in control over these 3rd party clients.. well except OSBuddy. 

    Till this day I haven't seen anyone "spoof" the official client's signature which is impervious to locks, that's why some clients use instrumentation to take advantage of the signature which is a big deal since a high percentage of botters leave due to locks. and when locks occur it's a flag on the account. a prime example of official client instrumentation is Arbiter's RuneMate. You might counter with "but RuneMate has a high ban rate", and that's because of the scripters there, rune mate has arguably the worst scripter community out in the open. 

    Also you say this.. and that.. is irrelevant for bot detection.. well I have to disagree! I have had many accounts get banned on a normal same-jvm reflection bot and mind you.. they weren't doing anything strenuous.. merely data collection. (Wealth Checkers)

    I have done the same thing but on a very basic instrumentation bot for months! and the accounts still lived till about a week when I used them on a normal reflection same-jvm client to read widgets lol.

    I'm still adamant that instrumentation & reflection done correctly and efficiently (Ex: storing references in memory through Unsafe for an example or even direct bytebuffers transfers over sockets or rmi) is the best option out there! other than of course image recognition clients.

    Quote

    cluster flutterer was only an issue at the time because there were very few competent devs in the scene and less info in general about the client + i was too young/new back then. a mere obfuscation change like that doesnt do much and is a very temporary measure but i digress, their detection system hasnt changed since late 2014 when james left jagex aside from them patching loopholes such as dogaction or -1 coords

    Well thank god we have you in the community grown up and all! I can still argue that relatively there are still quite a few proficient client developers in the scene. I answered this in the previous reply (Wars are won by the best users of unpredictability). What if tomorrow a Jacmob 2.0 joins jagex? You're foolish to underestimate a half a billion $ company lol. That ego must be tamed sir.

    Link to comment
    Share on other sites

    9 hours ago, Defiled said:

    I do understand bots aren't the only third-party clients. The third-party clients that are approved by Jagex are given their own signature

     

    9 hours ago, Defiled said:

    and that's because of the scripters there, rune mate has arguably the worst scripter community out in the open. 

    arguable, id say its a little higher up than most bots including here no offence. supposedly has the best ban rates for casual botting (dont quote me on this)

     

    9 hours ago, Defiled said:

    they still happen to cause locks

    as i stated its an easy fix

     

    9 hours ago, Defiled said:

    What if tomorrow a Jacmob 2.0 joins jagex

    i mean it wouldnt be an issue, theres really not much they can do at this point. i have already solved and developed a solution for their current botwatch system and anything new they add would go noticed very easily, jacmob 2.9 wouldnt be a big deal either, as i said it was just at that very specific period of time, a lot of big names had retired from the scene and only a bunch of kids were left

     

    9 hours ago, Defiled said:

    Also you say this.. and that.. is irrelevant for bot detection.. well I have to disagree! I have had many accounts get banned on a normal same-jvm reflection bot and mind you.. they weren't doing anything strenuous.. merely data collection. (Wealth Checkers)

    yes because they detected your bots using gc info! pretty much every bot is detected through other means already... gc packet should be the last of anyone's concerns

     

    9 hours ago, Defiled said:

    You're foolish to underestimate a half a billion $ company

    and youre foolish to underestimate us developers :) have some faith in yourself and others in the scene

     

    very nice of you and your friends to call me foolish/egotistical/moron/racist when i am simply stating facts and helping you not waste your time. Not sure where any of that even came from, especially the racist part

     

    and im not really saying my way is the only way, just saying that its better to solve the problem at the root especially when its easier to do so

    Link to comment
    Share on other sites

    3 hours ago, Eclipseop said:

    bro u aint gonna comment on me being cute?

    heh, ur loss, punk!

    I'm not gonna call a man cute to his face lol. are you daft or somethin?

    Link to comment
    Share on other sites

    Archived

    This topic is now archived and is closed to further replies.

    ×
    ×
    • Create New...

    Important Information

    We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.