How is the private bot less likely to be detected compared to a public one?

[henyouliaoa]

I am working on making a wow bot but getting stuck on anti-warden detection. From the forum posts, it seems that for a privately made bot, dealing with client side anti detection is not necessary, such as manual mapping or hooking endscene or...
Afaik a common way of injection is enough for a private bot, so I am deciding not working on this part anymore if it's safe.
But i am just curious technically what is the factor that will make the public bots easily detected provided that they do not work on any anti detection just as a private one do?
The injection part? Or others?
Could you explain with some details? Thx

[daCoder]

I messed a little with the warden client in the last days, you can read it by clicking this link: Warden Client Question ([Question] Warden Scanner and hooking).
Warden is only monitoring some bytes of some functions and data. If there is a function patched for hacks, than warden can/will scan for this offset, but as an hacker you patch on another position which warden don't scan and as long as you keep it private, there shouldn't any problem.
If you want to write a bot and not a hack, than this shouldn't be a big think to consider in my opion. Just keep attention on the warden scan list and don't patch anything that is monitored and you should be fine.

[TOM_RUS]

Warden is only monitoring some bytes of some functions and data.

That's not true. Warden also scans for injected modules (DLL's), codecaves and such things using memory hashing.

[Frosttall]

That's not true. Warden also scans for injected modules (DLL's), codecaves and such things using memory hashing.

But doesn't warden send a message about injected modules only if a blacklisted (md5, pattern, whatever) is listed? That would mean that a private injected dll wouldn't matter since they would never be able to blacklist it, right?

[Xelper]

Basically it is this:

If Blizzard has no idea what your bot does, or how it does it, and it isn't doing things the same exact way as a public bot, then they have no way of knowing what they need to detect. With a public bot Blizzard can reverse engineer it since it has the binaries, find a good way to detect a certain function of the bot, then go ahead and implement that detection.

[TOM_RUS]

But doesn't warden send a message about injected modules only if a blacklisted (md5, pattern, whatever) is listed? That would mean that a private injected dll wouldn't matter since they would never be able to blacklist it, right?

Yes, they can't use this method to detect private hacks, that's why private hacks more safe.

[Tanaris4]

Pretty sure blizzard just uses lawsuits now anyways heh