[Cana]

*snip*

...The server that bans injection and easyuo is *snip*, that server is a T2A era style server that bans the use of them programs. They watch server logs and can pin point players that use it.

*snip*

Logged on to the server you mentioned. Ran around for a while macroing using both injection and EUO. As I thought, they have no detection other than a strong suspicion which is just wrong way of "catching" people. It's just to scare people from using other 3rd party programs. There's probably plenty of people using these programs, they just don't admit to it. I don't see any shard being able to enforce banning these programs unless they make a custom client, custom launcher or some other way of monitoring how you interact with your game. Even then it'd be very unethical because it'd have to be somewhat intrusive to get the job done.

I'll give it a little while more to see if I get banned, but I doubt it.

[Kander]

Keep running. There have been many baned. I know of one case where a player was baned just to copy books to leave on door steps of houses.

[Cana]

Keep running. There have been many baned. I know of one case where a player was baned just to copy books to leave on door steps of houses.

but that's obvious case of running a third party program other than razor. I mean, if you are smart about it and you don't tell anyone you can most likely get away with running any 3rd party program. There is no detection method other than spying on players and that's inefficient and many times based on assumptions rather than concrete evidence.

[Avatar_]

Most of you cry coz of all the ingame staff problems, but u forget staff is on the same situation you are, they dont have time to focus on the server, and you are also walking on the same lazy road, injection its hard the first hour learning it... once you get all the logic you will also be able to script your own stuff...

Ill paint you other picture...
What if u were a Brave warrior, with a weapon of power? would you ban vanq ones?

Stop being lazy people, clear your mind and avoid society manipulations!

[Nasir]

I'm failing to understand how Injection or EasyUO could possibly be detected... as far as I'm aware, it's using the same packets any normal client would. In fact, that's the whole point.

Maybe an algorithm that's looking for packets being sent out of logical order...like bypassing things you'd normally have to interact with in-game before triggering the send? But that seems like it would be extremely unreliable.

It might be interesting to turn on SpyUO and see the differences between the patterns of packets sent by razor vs injection vs EasyUO. ...for Science!

[Nasir]

Actually I might reinstall UO tonight just to try that... having a background thread running on the server that's just analyzing packets and building a probability index for an IP using "banned utilities."

[Cana]

If you'd customize your client you could have it enumerate dlls in client process and check for injection.dll or search for patterns of it by scanning the client process memory. Injection injects itself to the client process and that'd be fairly easy to detect with custom client. Detecting EUO is more complicated because you'd need admin privs to get access to processes that aren't child processes of your program. It used to work without privs in XP but since Vista and it's UAC it's been a pain. Still, for every method of detection there is a way around it. In the end, it would be just endless game fo hide and seek and a huge waste of time for everyone.

I haven't checked if packet order would give it away but I doubt there is any clearly different patterns. I did have a program that monitored UO packets at one time but didn't test any 3rd party programs with it. Noticed something interesting though... Back on INX where everyone tried to hide when they were casting by spam and running around a packet logger could easily determine if someone was casting or not. The packet about playing the casting animation was always sent even though the animation itself never was seen and the power words from casting a spell and using .wop were identical. Doesn't even matter anymore since spam was removed.

[Hal]

If you'd customize your client you could have it enumerate dlls in client process and check for injection.dll or search for patterns of it by scanning the client process memory. Injection injects itself to the client process and that'd be fairly easy to detect with custom client. Detecting EUO is more complicated because you'd need admin privs to get access to processes that aren't child processes of your program. It used to work without privs in XP but since Vista and it's UAC it's been a pain. Still, for every method of detection there is a way around it. In the end, it would be just endless game fo hide and seek and a huge waste of time for everyone.

I haven't checked if packet order would give it away but I doubt there is any clearly different patterns. I did have a program that monitored UO packets at one time but didn't test any 3rd party programs with it. Noticed something interesting though... Back on INX where everyone tried to hide when they were casting by spam and running around a packet logger could easily determine if someone was casting or not. The packet about playing the casting animation was always sent even though the animation itself never was seen and the power words from casting a spell and using .wop were identical. Doesn't even matter anymore since spam was removed.

Injection is banned on second age and IPY and when i played both they routinely banned ppl for using it. So they must know how to.

[Nasir]

Technically the IN Launcher could see all the dlls loaded in that process... a custom client isn't even needed. And to enforce running the client through the launcher, the launcher could essentially 2-step authenticate with a unique token provided by the server. Then hook the login packet and append the token to that. So much effort hahahaha. Too much effort.

The packet about playing the casting animation was always sent even though the animation itself never was seen and the power words from casting a spell and using .wop were identical

I remember Maka changing it so power word packets were always sent as speech packets. I'd be interested in looking up how/where he did it for science. ...but I think that was a core change and I don't feel like torrenting .NET Reflector to get the code ;[

[Galehaut]

So much effort hahahaha. Too much effort.
... I don't feel like torrenting .NET Reflector to get the code ;[

You seems pretty lazy to me.

[Be|gar]

i poop too much

am i going to die? ;[

[Nasir]

You seems pretty lazy to me.

I've had to poop for 2 hours but have been putting it off because I don't want to get off the couch... If that says anything.