Skip to main content

· 6 min read
doga

Unveiling the Secrets of RuneScape Bot Detection

Introduction

This blog highlights the core of the RuneScape bot detection system. What causes bans, how we combat each method and what we plan on doing in the future, as well as what other bot clients currently do correctly and incorrectly.

Glossary

  • BotWatch: The name of the RuneScape bot detection system
  • Profile: A comprehensive and dynamic amalgamation of player actions within the game environment. This includes a combination of mouse movements, clicks, and menu actions performed by a player during a specific timeframe. A profile encapsulates the unique behavioural patterns exhibited by an individual player during gameplay.
  • HWID / UID / random.dat: A unique identifier Jagex assigns to your system.

Section 1: Understanding BotWatch

BotWatch is a fully server sided system which Jagex utilises in order to detect bots. Since it's server sided, we know that anything they can do is limited to what the game sends to the server. Through years of reverse engineering, extensive packet analysis and general testing, we have concluded that BotWatch mostly utilises 3 things that are sent to the server.

1. Mouse motion

The game snapshots your mouse position at regular intervals (50ms on the Java Client). While this doesn't tell Jagex 100% how you move your mouse, the snapshots give them a rough idea of it, and they're able to gauge things like speed.

2. Mouse clicks

When you click, the game sends all mouse movement snapshots that led up to that click. With this they're able to analyse the context of that click, which offers them insight regarding the action you just did.

3. Menu Actions

When you perform an action, (e.g. attacking an npc) they send the action data to the server. While this data serves to update the game/player state, it's also of value for comprehensive analysis of player behaviour. Knowing exactly what action you did and when, Jagex are able to notice patterns such as spamming an action.

How does this data all work together?

Jagex efficiently categorizes profiles by activity through the seamless integration of mouse movements, clicks, and menu actions. This approach allows the game system to create a nuanced understanding of player behaviour. Notably, most bot clients employ suboptimal mouse algorithms that fail to consistently align movements with specific in-game activities.

Section 2: Inubot Antiban

Contextual mouse algorithm

As mentioned prior, a generic mouse algorithm would never be a good solution for BotWatch because it doesn't take into account activity. One of the systems we have in place allows users to record their own mouse data. Just like the game does, we store and categorize this data by activity, so our algorithms can process them easily and generate contextual mouse movements and clicks. This essentially ensures that any activity you bot aligns with genuine user behaviour and interactions.

Upcoming systems

Data generation

Our future plan regarding the above is to reduce and remove the requirement for users to record data for activities that aren't covered by using a more advanced neural network to generate them based on existing data. Unfortunately this plan is heavily reliant on users recording more data, so it may take a while.

Automatic picking up on unintended behaviour

Not all scripts are perfect - especially when developing or testing. Sometimes you might run your script, go outside and come back to it stuck, either afk or spamming the bank. Not great, is it? We feel that Jagex can easily pick up on unintended repetitive actions or prolonged inactivity so we plan on adding something to pick up on it ourselves and stop your script!

Section 3: System Information & HWID based detection

Two of the packets that we didn't mention earlier are your System Information and a derivative of a HWID that Jagex sends to the server. These don't fall under the behavioural analysis that BotWatch employs, but they are very well used.

System Information

While this doesn't sound like a big deal, verified clients such as RuneLite and the official Java client send somewhat unusual, tampered values. This can essentially be thought of as a signature that they send to Jagex, so they're able to tell what client you're using.

If you used a RuneLite based client such as OpenOSRS in June 2022, there was a huge third party client ban scandal around that time which was caused by Jagex detecting this. Another similar wave happened just last month (November 2023)! If you used Hydra plugins or RLPL, you most likely got hit during this time for the same reason. While this isn't a common occurrence, it is still something that should be taken care of. Since Inubot uses the C++ client, we don't have to modify any of this since there is no detection in place for us regarding System Information.

HWID

Jagex has a UID system in place called random.dat. In this file they store the UID they assigned to you, allowing them to easily identify what accounts you logged into on your system. If you use a proxy without resetting the UID, they're able to tell it's you on the same computer. A lot of other bots seem to just delete this UID whenever you log in, which makes Jagex give you a new one. While this works to some extent, it's a bit odd if you're logging into an account with a new UID every session. Inubot requests and stores your UIDs, as well as groups them by IP address, Jagex are unable to use this as a means to detect us. Usually this method of banning is common in chain bans.

Conclusion

The inner workings of Jagex's BotWatch system have been unveiled, exposing its reliance on mouse data, clicks, and menu actions to discern player behaviour. This comprehensive analysis forms the backbone of our systems, specifically designed to align with genuine user interactions while outsmarting the limitations of algorithms used by other bots.

As highlighted in our explanations, the meticulous categorization of profiles by activity enables Inubot to integrate mouse movements, clicks, and menu actions in a sophisticated and safe manner which makes it difficult to distinguish bots from players. Inubot's contextual mouse algorithm, as detailed in Section 2, stands as a testament to our commitment in regards to antiban measures. By allowing users to record and categorize their own mouse data, we've pioneered a system that mirrors genuine user behaviour across various in-game activities.

Looking towards the future, our focus on data generation through advanced neural networks aims to further diminish the need for manual recording, promoting a more user-friendly experience. Additionally, our upcoming systems will automatically identify unintended behaviours, ensuring scripts remain effective and responsive.

In Section 3, we visit the significance of system information and hardware-based detection, emphasizing how Inubot deals with this all to provide a secure and undetectable environment for users. Our meticulous handling of system information and the grouping of HWIDs ensures a reliable experience, minimizing the risk of chain bans.

As the game continues to evolve, so too will Inubot, providing you the best botting experience possible.

· 3 min read
doga

We are excited to announce some updates regarding the progress of our development efforts, as well as some new features that we are working on to improve your overall experience.

Firstly, we are happy to inform you that we will be supporting the new authentication system called Jagex Accounts, which was recently added by Jagex to enhance security measures. Our team is working diligently to ensure that our client is fully compatible with this new system, and we look forward to providing a seamless experience for our users.

In addition, Jagex are in the process of developing a new game client for OSRS, which is written in C++. Although this client is already available on Steam, it will take some time to fully replace the current java client, which is still widely used by the majority of the player base. We are aware that this change will affect all botting clients, but we are confident in our team's reverse engineering ability to quickly adapt and make any necessary modifications to ensure continued functionality. For script developers, we want to assure you that the Java SDK we offer for scripting will remain unchanged, even with the introduction of the new client. We understand the importance of minimizing any potential disruptions, and we will work to ensure a smooth transition.

Regarding RuneLite, we are aware that there has been some heavy misleading going in the community claiming that RuneLite based cheats are safer. We'd like to clarify that this is not true. Despite this, we do see plugins being quite useful and essential to players in this day and age. As such, we have decided to add support for RuneLite, but in a much safer and more secure way than other clients - which build on top of OpenOSRS or older RuneLite forks rather than working with RuneLite directly. Not quite the safest, is it? Our team is working to integrate Inubot with RuneLite, by injecting into the client's memory itself, to provide a natural and undetectable state. Of course this will simply be an optional feature, the primary client will always remain as our own.

Finally, we want to provide an update on our progress with other games. We have made significant progress in developing cheats for RuneScape 3 and Path of Exile, and we look forward to sharing more updates with you in the near future.

As always, we appreciate your continued support and feedback. Please feel free to reach out to us with any questions or concerns.

· 4 min read
doga

Hello community,

As some of you have noticed from our last informational post, ⁠announcements, and the name change from RSPeer to Inubot - a lot has changed recently. This blog should clear things up for you all while allowing us to discuss what you can expect along with plans for the near future.

First and foremost, Inubot is a complete 100% rewrite from its predecessor. We’ve spent all this time thinking of and implementing new ideas to improve your botting experience from each and every angle. From resources being lower to the UI being cleaner, the API being more powerful and overall bot function performance and efficiency improvements. Nothing special so far, but moving on - we’ve gone several steps deeper and focused on the core issue that the botting scene has experienced for the last half a dozen years; which is ban rates.

Humans all play the game differently. Every activity is accommodated with different behaviour. A player training agility will not produce the same data that they would when training woodcutting. As RSPeer previously had, we have reworked the mouse system which worked under the hood into a new one which uses your recorded data accompanied with context dependent modulation in order to generate optimal data for each botting session and activity. The downside of this is that you will be required to record some data - not a lot is required, it can be as little as a few minutes worth!

We have also put a limited slot access system in place to cap the amount of users so our overall footprint remains low. However, this slot access will be expanded way further than just the OSRS bot. Going forward into the future we plan on capitalizing on other games and this slot access is a requirement to access the store, so is needed to access those products.

Internal changes

  • The entire injection system has been optimized, resulting in faster processing of the gamepack and lower resource usage. Alongside this we have been working on optimizing our updating service in preparation to allow for near 24/7 uptime, even throughout game updates.
  • The scripting engine now supports a model synchronized with the game tick, this generally makes scripts smoother and overall more robust, along with offering the ability to easily implement features such as tick manipulation and prayer flicking.
  • UIs and paints are much easier to implement in Inubot. A few simple annotations bound to fields and methods, and you’ll end up with a fine result! This of course comes with saving ui configs and autofilling them.
  • The event dispatcher has been reworked to better support multicasting and is now based around a @Subscribe annotation rather than the old listener approach.
  • The vars api has been reworked to support other variable types such as Varcs.`
  • Core API is entirely query based
  • Inventories are abstracted and now support overridden implementations, such as the backpack interface being overridden by the bank interface.
  • New and improved global pathfinding and traversal
  • Action to string and string to action is more accurate and adheres to game standards
  • Production now supports the crafting interface in addition to the standard Make-X interfaces

Future plans

As previously mentioned, we would like to expand our platform and the best way to do this is to grow both, horizontally and vertically. Once we have the OSRS bot at a state that we are happy with, including a nice collection of scripts we will have new specialist developers continue work on the project, while we branch out to other games. We haven’t decided too much on this as it is not something to expect imminently, so we’re open to suggestions on what games you’d like to see us work with.