WoW bot

[JamesDover]

I am working on a wow bot and I am using pixelsearch with a very low rez to make it work faster. I was looking for something a bit quicker to check my health lvls and such. Would checksum work for this or is there something better? Also In a earlier post there was talk that it is better to use Sleep(Random(1500,2000)) instead of using Sleep(1500) after casting a spell is this true?

James

[koresho]

as for the randomness, yes the less set times the better.

Warden, the program Blizzard uses to detect bots, detects things like

• Every time you cast a spell, it waits the exact same milliseconds with inhuman precision
• Every time you click a button, it clicks the exact same pixel or the exact same color
• Every time you get to 10% health, you cast mana shield or a heal or a pot with inhuman precision and reflexes
• If your mouse moves the exact same speed across the screen every time
• If your mouse always stays on one single pixel while the mouse button is held down
• If your mouse moves in an exact straight line between points A and B, or even has exact points between that are always the same
• If you always single click when you mean to and never accidentally double click
• If you always double click with the exact amount of time between the two clicks
• If your loot window is only open for a couple milliseconds and then your bot chooses what it wants and clicks them really quickly.
• Any regular or repetitive action that is ever done the exact same way every time. Clicking, moving, looking, eating, anything

  done with inhuman precision or reaction times flags Warden.

• Oh and don't forget, it also analyzes processes and process names for suspicious words. I.E. Don't name your bot WoWHack or WoW anything, or World of or Warcraft or anything to do with WoW or Blizzard in any way. Best way is to have a launcher exe that generates a random filename for the real program, copies it to a temp directory, and then exits itself. Then the real program can pull data in .ini files or whatever from the registry or a specific directory.

Coding undetectable bots is VERY difficult, especially for WoW and especially for autoscript.

a simple mouseclick will have to be:

$x = 200;Choose the coordinates
$y = 200
_mouseclick($x, $y);Pass the variables to the _mouseclick UDF

Func _mouseclick($x, $y)
    $z = Random(0, 3)
    $x-$z = $x1
    $z = Random(0, 3)
    $y-$z = $x2
    $z = Random(0, 3)
    $x+$z = $x2
    $z = Random(0, 3)
    $y+$z = $y2
    $delay = Random(10, 20)
    $speed = Random(5, 15)
    Opt("MouseClickDownDelay", $delay)
    MouseClickDrag("left", $x1, $y1, $x2, $y2, $speed)
EndFunc

Or something similar to this. This isn't nearly perfectly undetectable; the mouse still moves in a straight line from where it is to where it needs to click.

Edited November 1, 2007 by koresho

[JamesDover]

Excellent example Koresho that points me in the right direction. So it looks like random is the way to go. I curse the day warden was made lol.

[ofLight]

I would like to Agree with koresho on a few thing and then disagree on a few. First Yes it is always better when making a bot to use Randoms wherever possible even if you are setting them to smaller amounts than half a second like your example, 1/4 to 1/10 will often be plenty especially if you are adding it to all possible areas.

Second, Blizzard no longer uses there original "Warden" program, they use a toned down version of warden. Information such as when u cast a spell the delay between your next action and such ARE auto logged, however this information just sits in the database unless you give reason for review. Your exact mouse movements are NOT logged, however they do log how fast you double click each time and the time between one click and the next. When logging what you specifically click on they do not log exact pixels but log the object. Also Blizzard is no longer allowed by law in the US at least to sweep your system for proccesslists.

I would also just like to Say every system is different GG, Warden, Punkbuster, and the Manny others all monitor different things so if you get in the habit of following EVERYTHING koresho just recommended its not gonna hurt.

[koresho]

Most of those are old stuff I learned from my old days of RuneScripting

Anyway I wasn't sure about how draconian Warden was anymore, I just knew what it used to be so I figured that it would still be cracked down.

Also, even if it just sits in a database lets look at this example:

You run your bot for several months and then one day it messes up in front of the wrong person or a GM notices this. They check the Warden logs and over the last few months they see this bot-like precision... Insta-Ban.

I think the extra few moments it takes per UDF are worth it for the degree of protection you want.

Also, I think that it would be better to make the delays a difference of milliseconds instead of fractions of milliseconds... even that amount of precision is suspicious to my mind. It all depends on how much risk you want to take.

Edited November 1, 2007 by koresho

[McGod]

Oh and don't forget, it also analyzes processes and process names for suspicious words. I.E. Don't name your bot WoWHack or WoW anything, or World of or Warcraft or anything to do with WoW or Blizzard in any way. Best way is to have a launcher exe that generates a random filename for the real program, copies it to a temp directory, and then exits itself. Then the real program can pull data in .ini files or whatever from the registry or a specific directory.

They cannot do this anymore.

[Blue_Drache]

Simple way to not get detected by Warden:

Don't make or use a bot.

[koresho]

hahaha i like that, Drache.

Anyway here is the thing with process names and such:

Even if they are not allowed to, there is no reason to not be careful. I don't know if you are familiar with a program made by MSX Security for hacking Source and Punkbuster games, called MiST, but they always tell you to rename the filename to something random.

PS: No I don't hack games but I used to

[deathray]

Other ideas to keep a bot undetectable. Now this is just my way of thinking, maybe it wont make any difference. But better be safe then sorry .

1. Personal favourite: TAKE ADVANTAGE OF VISTA'S UAC.

Do NOT run World of Warcraft with administrative rights. If you dont, wow will have access to everything.

RUN the bot as administrator. If you do, wow wont have the privileges to access the process.

2. Encrypt your .exe's. If I were the creator of warden, I would definetly make it identify autoit's signature so it could keep an extra eye on them.

If you need help with this create a user at http://www.governmentsecurity.org/forum/index.php and under trojans there are alot of guides on making a virus undetectable to antivirus software. Works the same with autoit scripts

Edited November 12, 2007 by deathray

[tangokilla]

Interesting points...would anyone happen to have a anti-afk bot for the new patch (2.3.0)?

[Bert]

Excellent example Koresho that points me in the right direction. So it looks like random is the way to go. I curse the day warden was made lol.

I couldn't be happier the day it was made. keeps things honest. (Which is the entire point.)

[Digi]

Stupid Question JamesDover have you made and tested a bot on wow yet?????

Ill be glad to test it if you need help