botting in java

[kwaadicles]

Hi - I am an experienced J2EE developer with very little botting experience.

I have written a fishing bot in pure Java, using the java.awt.Robot class.

When it comes to detection, my primary concern is the process signature. The JAR file can be named anything and there are no additional arguments being passed in, so the process name is just 'java -jar <whatever>'. I'm thinking the JAR file signature could be modified using either code encryption or just obfuscating the code pre-compile.

Any comments on detection concerns if this were to be released, or comments in general?

[Sychotix]

Blizzard does not scan outside of its process tmk due to some privacy issues.

[kixer]

So you have basically created an auto-cliker in Java, right? I am not sure how Warden detects autoclickers, but this should be pretty safe. AFAIK Warden knows about few auto-clickers, detects their processes and flags your account. If you would run your own bot that you will not share with anyone or everyone will have their own slightly modified version, you should be fine, unless you start tampering with memory. I use few custom programs (in Java and AutoIt) to automate thing myself, never been detected.

Of course if you get reported by player, that can still get you banned.

[kwaadicles]

Thanks kixer, yes this is exactly what I'm thinking

[kixer]

Blizzard does not scan outside of its process tmk due to some privacy issues.

If this is true there should be no issues with the auto-clicker at all. It might be true, but I haven't read the latest Blizzard's TOC for a while. I think the concern was, that Warden was sending the titles of the windows to Blizzard's server in non-encrypted way. So as long as Warden doesn't send anything over network and it is mentioned in TOC, it still can scan your PC and flag your account as 'suspect'.