These are chat archives for EasyHook/EasyHook

22nd
May 2016
Jeff Lee
@orangebread
May 22 2016 14:17
have any of you had bot writing experience?
i'm wondering if/how game clients can detect injection into the internal process
Nikolaj Mariager
@TinkerWorX
May 22 2016 16:05
@orangebread, that's impossible to answer. There are endless of ways to look for injection, just like there are endless ways to inject.
They can look for known process names, known executable patterns, look for calls to things like CreateThread/ReadProcessMemory, check if common injection sites have been altered.
You'd need to analyze the tool they use for detection to know exactly what they do.
They might also employ delayed reaction. I know Warden for WoW did that. It gathered information on accounts that used known bots, and after a while, banned them.
This makes it hard to test. Like if you were using a trial account, everything would seem fine, since nothing happens.
It's an arms race really. The more clever you get, the more clever they get. :)
Nikolaj Mariager
@TinkerWorX
May 22 2016 16:19
It should be noted though, that you can be relatively safe on some things. The call detection thing is pretty lax, since those calls also get used be legitimate programs, like Fraps. But I know some games, especially Asian like Maple Story detects those, effectively killing Fraps.