Wow Process Isolation menu

These ads disappear when you log in.

Results 1 to 7 of 7
  1. #1
    InnerSilence's Avatar Member CoreCoins User
    Reputation
    8
    Join Date
    Oct 2019
    Posts
    24
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)

    Wow Process Isolation

    Since Blizzard anti-cheating tools have decided to act like a spyware and are scanning our PC disk and memory stealthy and without most users knowing it, I have decided to research about possible methods that can be used to either isolate WoW process or our Bot processes.

    I have considered using docker containers since they are more efficient than traditional VMs, but unfortunately it seems atm it is not possible to run a 3D app inside a windows container and get view of it too. I am not sure about Linux containers though. Also, I did not want to use solutions involving more than one PC.

    For now, My solution for Pixel based bots is to run wow inside Thincast Workstation VM and run the bot from the host windows. Thincast has it's flaws but at least it runs games faster than any windows VM I have seen.
    Here is a proof of concept of my fishing bot working outside of the VM and operating on the game running in the VM. For some obvious reasons I could not include more details of the setup.

    If anyone knows other methods or interested discussing possible methods, we can discuss here or somewhere else.


    These ads disappear when you log in.

  2. #2
    MrNotSoBright's Avatar Member
    Reputation
    1
    Join Date
    Jul 2019
    Posts
    9
    Thanks G/R
    1/0
    Trade Feedback
    0 (0%)
    What is the end goal of running WoW inside a container, instead of the software for hacks/bots?
    Is it to avoid scanning through everything in the PC, or just to avoid detection of certain programs?

  3. #3
    InnerSilence's Avatar Member CoreCoins User
    Reputation
    8
    Join Date
    Oct 2019
    Posts
    24
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)
    Originally Posted by MrNotSoBright View Post
    What is the end goal of running WoW inside a container, instead of the software for hacks/bots?
    Is it to avoid scanning through everything in the PC, or just to avoid detection of certain programs?
    Well putting our software inside a container is like blindfolding ourselves. Result is that it wont be able to interact with the WoW without a proxy app which makes it pointless unless the goal is to hide majority of our tool and only expose small part of it through a proxy app. Even worse, not all types of containers are isolated from the host system.

  4. #4
    novam's Avatar Member
    Reputation
    1
    Join Date
    Dec 2008
    Posts
    8
    Thanks G/R
    1/0
    Trade Feedback
    0 (0%)
    I've been experimenting with running wow inside of Lutrix (on ubuntu linux). Its semi-contained and more than anything warden is not very likely to understand linux procs or even that its running inside a quasi emulator.

    It is not truly contained, but it's pretty good 'security through obscurity' and sending keystrokes to Lutrix is completely unprotected.

  5. #5
    InnerSilence's Avatar Member CoreCoins User
    Reputation
    8
    Join Date
    Oct 2019
    Posts
    24
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)
    Originally Posted by novam View Post
    I've been experimenting with running wow inside of Lutrix (on ubuntu linux). Its semi-contained and more than anything warden is not very likely to understand linux procs or even that its running inside a quasi emulator.

    It is not truly contained, but it's pretty good 'security through obscurity' and sending keystrokes to Lutrix is completely unprotected.
    Yeh, running wow inside a Linux disto is always a safer bet. Just remember that it is only matter of implementation for the warden to able to scan processes on the Linux too and it can happen anytime depending how popular it gets. So using known hacks alongside wow in a Linux also is not that fool proof.

  6. #6
    novam's Avatar Member
    Reputation
    1
    Join Date
    Dec 2008
    Posts
    8
    Thanks G/R
    1/0
    Trade Feedback
    0 (0%)
    Originally Posted by MrNotSoBright View Post
    What is the end goal of running WoW inside a container, instead of the software for hacks/bots?
    Is it to avoid scanning through everything in the PC, or just to avoid detection of certain programs?
    Originally Posted by InnerSilence View Post
    Well putting our software inside a container is like blindfolding ourselves. Result is that it wont be able to interact with the WoW without a proxy app which makes it pointless unless the goal is to hide majority of our tool and only expose small part of it through a proxy app. Even worse, not all types of containers are isolated from the host system.


    You wouldn't need a proxy app to wow if you are running a pixel bot in full VM. Once WoW is drawing your pixels you could read from the screen as if the VM were any other window AND you can send keys and mouse movements directly to the VM window. If wow is the active window within the VM (simplest to make WoW full screen in the VM) it would send any event as if a user was controlling the VM themselves. Doing it like this would also avoid interacting with WoW's annoying 'double window'... if you've tried to work with multibox software or direct key events you probably know what I mean.

    Something like VMware, virtualbox, or even parallels can run VMs in an entirely contain mode where the VM can't read the host OS's disk in anyway. Even the unscrupulous warden can't penetrate that. BUT, blizzard can easily tell that you are running in a VM, which I'm guessing is a red flag for them.

  7. #7
    InnerSilence's Avatar Member CoreCoins User
    Reputation
    8
    Join Date
    Oct 2019
    Posts
    24
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)
    Originally Posted by novam View Post
    You wouldn't need a proxy app to wow if you are running a pixel bot in full VM. Once WoW is drawing your pixels you could read from the screen as if the VM were any other window AND you can send keys and mouse movements directly to the VM window. If wow is the active window within the VM (simplest to make WoW full screen in the VM) it would send any event as if a user was controlling the VM themselves. Doing it like this would also avoid interacting with WoW's annoying 'double window'... if you've tried to work with multibox software or direct key events you probably know what I mean.

    Something like VMware, virtualbox, or even parallels can run VMs in an entirely contain mode where the VM can't read the host OS's disk in anyway. Even the unscrupulous warden can't penetrate that. BUT, blizzard can easily tell that you are running in a VM, which I'm guessing is a red flag for them.
    Vmware and vbox have performance issues though and all VMs have some limitations in sending inputs to them as I observed. Running wow inside a VM does not mean anything and cant get anyone banned but can indeed get them flagged for further investigation in the case of reports or suspicious game play.

Similar Threads

  1. [Example][C#] WoW Process Loader
    By wowhackz0r in forum WoW Memory Editing
    Replies: 31
    Last Post: 08-30-2011, 05:48 AM
  2. How to get read AND write access to wow process?
    By Shutzler in forum WoW Memory Editing
    Replies: 8
    Last Post: 09-26-2009, 04:16 PM
  3. [Help] Do code in Wow process
    By porabotitel in forum Programming
    Replies: 2
    Last Post: 09-09-2009, 08:08 AM
  4. Unable to load WoW process
    By Vohrana in forum WoW ME Questions and Requests
    Replies: 3
    Last Post: 05-26-2008, 05:05 PM
  5. WoW Process Guard
    By Caaltaa in forum World of Warcraft Bots and Programs
    Replies: 5
    Last Post: 02-17-2008, 03:35 AM
All times are GMT -5. The time now is 11:57 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2020 vBulletin Solutions, Inc. All rights reserved. Digital Point modules: Sphinx-based search