Comments (13)
I have re-written the API layer it uses to interact with the wow process.
https://github.com/petrvecera/FishingFun/pull/1/files
I removed the PostMessage
Win API call. And move back to
keybd_event
https://docs.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-keybd_event
and
mouse_event
https://docs.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-mouse_event
The biggest down-side of these functions is the they require the wow window to be in focus. So before doing keyboard clicks/mouse clicks we need to re-focus the wow window (using SetForegroundWindow
). I expect that it's probably still gonna be detected by GetCurrentInputMessageSource
but at least we are not artificially sending messages to the process window which is not in focus at all! Any inputs for the window which wouldn't be in focus is definitely raising red flags.
Future improvements which could be considered which are totally missing in this project and I have seen in others:
- Moving the mouse on the screen from the last location to the new location
- Random mouse movements
- Random character movements
from fishingfun.
@petrvecera it was on classic.
There were no other people. In the message from Blizzard they mention "after we have analyzed some information we have detected the use of 3d party programs", so it is not due to persons or reports.
from fishingfun.
I can only think about:
- Key sending detection
- Mouse movement not "real/human" enough
Because it was not an instant ban and I haven't used it for longer than 1h. People reporting is not possible because I was never far from the laptop, so I would have checked the wisphsor them jumping or something before me.
from fishingfun.
You can detect if key press comes from software and not hardware using windows 8+ security API. all auto-it scripts etc can be relatively easily detected using that API. One workaround is to write custom driver but that is non trivial.
https://docs.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-getcurrentinputmessagesource
from fishingfun.
Update:
I got the following email from Blizzard after appealing my suspension:
I have looked into this for you - I am confident in the outcome of the investigation in that we have evidence showing that this account behaved in Battlegrounds and Arenas in a way that detracts from the in-game integrity of World of Warcraft.
So, I was banned because one guy reported me in a battleground because of not being fighting (that time I was fishing but not using the bot). He asked the whole BG to report me... even when I chatted with him.
Therefore I was not suspended because of using this bot... or maybe not directly. Maybe after the Battleground report they took a deeper look into my account and they found some "strange" behaviour.
from fishingfun.
I have thought about how detectable the bot is, but after 6 months I haven't been banned, but that doesn't mean I won't be.
The code in the following repo is interesting, it identifies the source and origin of a mouse move, click or keyboard event via cpp. https://github.com/microsoft/Windows-classic-samples/tree/master/Samples/IdentifyInputSource
Taking a look at the changes @petrvecera made (keybd_event & mouse_event) in his fork, they seem to be more obvious as the origin is 'Injected'. I think postmessage with its less obvious 'Unavailable' is better. The code I used is here: https://github.com/julianperrott/FishingFun/tree/master/IdentifyInputSource
Description | Source of action | Source | Origin |
---|---|---|---|
Mouse move | System.Windows.Forms.Cursor.Position | Unavailable | System |
Mouse move | SetCursorPos | Unavailable | System |
Mouse click | PostMessage | Unavailable | Unavailable |
Mouse click | mouse_event | Mouse | Injected |
Key press | PostMessage | Unavailable | Unavailable |
Key press | keybd_event (down) | Unavailable | Unavailable |
Key press | keybd_event (up) | Keyboard | injected |
Mouse move / click | Human | Mouse | Hardware |
Key press | Human (down) | Unavailable | Unavailable |
Key press | Human (up) | Keyboard | Hardware |
This post also talks about detecting of pixel type bots, I have tried to add a manifest file, but couldn't get it to work and wasn't willing to spend a lot of time on it.
https://www.ownedcore.com/forums/world-of-warcraft/world-of-warcraft-bots-programs/wow-bots-questions-requests/796265-why-pixel-botting-detected.html
from fishingfun.
What security feature you're talking about? When it was introduced. I guess if it's from Microsoft then it is well documented as well. Can you provide more details please ?
from fishingfun.
Do u have proof of Blizzard acting based on this? Because apps which allows multi-boxing does similar things. Also what about apps for keyboards / Razar stuff where you can create macros and such - how do they do it?
from fishingfun.
I just got a 7 Days ban last night.
I've never used it for longer than 1h and I was 90% of the time near the computer, so it has been detected due movements or keypress.
from fishingfun.
@Nenuvah other option would be to run Wow in a nested virtual machine, right?
from fishingfun.
@olaims was it on classic on retail? Where u area with other people ( someone could report you)? It's important to decide if it was automatically detected or not. I have experience using modified https://github.com/UltimateFishbot/UltimateFishbot on classic - but never for long time farming. Always a 1 hour top. I would think in total around 10 hours.
from fishingfun.
@Nenuvah do u have any links to the forums discussing this problem more? I wonder if there is something new they added and are detecting from where the key inputs are going. Or they have different things in place already and the bot I linked before is avoiding them.
The bot I linked has completely different approach to searching for the bobber. Has several anti-afk mechanics and in general acts more like real life person but still anyone seeing it in person would know it's a bot.
from fishingfun.
@julianperrott I agree with you on the PostMessage. The reason I went with mouse_event
is that the other bot I have been using for years (also on non-official servers). Was using this event and I've never got banned. I got scared by olaimed, but as we know now, he wasn't banned because of the bot.
So my changes to that file were unnecessary 🤦♂
Btw I added more things to my fork. I don't think they are "mergable" to you as I didn't care about the code quality. But if u want you can be inspired. I solved the problem with resizing the window. Now you can have it anywhere. https://github.com/petrvecera/FishingFun/blob/master/Source/FishingFunBot/Platform/WowScreen.cs
However when u have your window resized you need to tweak the parameters for triggering.
Also the bot were often missing very slight bobber triggers (a lot when the window is resized). I noticed a pattern in the chart it creates and created a new classifier for it, I have almost 100% correct trigger rate now https://github.com/petrvecera/FishingFun/blob/master/Source/FishingFunBot/Bot/PositionBiteWatcher.cs#L57
Also added lure applying
from fishingfun.
Related Issues (20)
- Right click doesnt working in SL
- Can't run app without Visual Studio HOT 1
- Not Looting
- Auto bait
- Auto Bait Timings HOT 2
- Looting issue
- Unable to Start Chrome.exe HOT 1
- Screen moves when loting HOT 1
- Multi Box Mode HOT 1
- Tons of errors when trying to 'build' HOT 5
- Sending keys / right click not working in WoW Classic TBC HOT 4
- Best Theme For Fishing Store
- Duplicate on the fishing button
- Camera going wild
- yo
- How to protect your digital business from fraud?
- Can we push github code to website where app is created with sub Folder?
- Tons of errors - Solution
- Introducing ToxicFishing: The Next Evolution of FishingFun 🎣🚀
- Access Violation
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fishingfun.