Was planning to make a simple AHK script where I press one button and have it send a key based on image searching.
Detectable and bannable?
Well, that's not the only windows API that can be used to get simulated inputs. About legit software, Windows on screen keyboard sends simulated inputs too! Or when you use steam or other software to stream your game those probably send simulated inputs too. Anyway hiding inputs with UIAccess even if was possible was as bad as sending simulated inputs to the game.
Looking in the hard drive is pretty lame and they wont do it, still they can search memory for signature of known bots as u said just like what antiviruses do. And to be honest it is not easy to hide from signature detection methods for public bots. Using bot on a remote PC prevents signature detection but still you are sending simulated inputs to WoW which is suspicious and can get you flagged.
Yes there are some ways, but not without hassle. If you want hardware input you need to do it from driver level.
True, there are actually many papers about bot detection. Most bots are detectable because they act very stupidly. i.e. no human player can move his mouse from point A to point B instantly or on a perfectly straight line. Or when honnerbuddy used to work I always knew that despite what they claim their bot was so detectable because all path findings where based on a single algorithm which caused all bots that wanted to move from a point A to B walk through a similar path. You could easily see this in BGs where all bots moved together.
I was playing with it a bit and managed to use "mouse_event" and still have INPUT_MESSAGE_ORIGIN_ID set to: IMO_HARDWARE. It is important to meet ALL those 3 requirements(described here: Security Considerations for Assistive Technologies - Windows applications | Microsoft Docs ):
1] Be signed with a certificate to interact with applications running at a higher privilege level.
2] Be trusted by the system. The application must be installed in a secure location that requires a user account control (UAC) prompt for access. For example, the Program Files folder.
3] Be built with a manifest file that includes the uiAccess flag.
For 1, I used OpenSSL and generated CA key+cert, then generated user certificate used for signing. Then exported it to .pfx and used with signtool.exe to sign my .NET app. Also I had to import this CA cert into computer's trusted root CA.
For 2, I moved it into C:\Program Files\Test. I think you might be missing this part. When I was running it from C:\Users\xxx\repos\.... I was not getting any errors/warnings, but result was IMO_INJECTED.
For 3, It is quite simple, no need to describe it more.
Last edited by Hazzbazzy; 4 Weeks Ago at 08:21 AM.
i need something like this 403 Forbidden if anyone knows a software or a device like this lmk
Anti-AFK Undetectable Hardware Device - YouTube
hardware bot Basic AFK Leveling - YouTube
Last edited by REGELE33; 10-28-2019 at 09:44 AM.
For Mouse Clicks you could build this. I tested this when blizz random disconnects me on classic launch. Wanted to test of they check real hardware inputs. Worked well. Open Java/C# libary for switching the relais and sending mouse 1,2,3
t7MHjhl.jpg
Emulating hardware input is not only point of interest of wow. There are many games out there people looking for such methods for long time. As I said before solution depends on howmuch trouble you can endure. There are some unsigned drivers out there you can use but you need to configure windows to allow it. Also there is well knowned one named 'interception driver' which is signed but free version has some limitations and is not easy to use.
Allowed software such as multiboxing tools or key scramblers or whatever use the same APIs, so would this be a major problem for non-public bots at all?
Just tryed on a VM (Windows 10, ESXi 6.7u3 Host, latest VMware-Tools) with "IdentifyInputSource" (Windows-classic-samples/Samples/IdentifyInputSource at master . microsoft/Windows-classic-samples . GitHub.
Inputs over VMware Console and RemoteDesktop are recognized as hardware input. PixelBots via RemoteDesktop or Vmware console should not be detectable via this method.