1497 Tibia accounts have been detected...

[Andrewx]

It's not Xenobot's fault. (Maybe someone already said it but haven't looked through the whole thread..

Maybe you should read it then, the only bot used on that account was xenobot. I'm not claiming the bot is easily detectable. I posted my ban so the developers could try and figure out how it was detected.

Xenobot is the only bot even installed on my computer.

[Necktra]

Okay, so the theory is that these minipatches are actually bot scans. While there is no visible detection code in the client, it is very possible that, when "downloading a new .dat file," they can be sending bytecode which is then codecaved into running a quick detection sweep. The first one I saw, 2 days ago, is when I made the prediction. seems pretty accurate. Also, The dat file size seemed to stay the same, only its checksum changed.

I'm not 100% sure on this but I've kept the old installer, so I will be reinstalling raw 9.44 and stepping through code as the update occurs so I can see exactly what's going on. My bet is, if this is what they're doing, its also how Neo users have been banned. Luckily, though, thanks to my recent update, this will be much harder to do. Detecting XenoBot.dll inside of Tibia will take nothing short of a rootkit, which XenoBot already has (the word malicious is used loosely on Wikipedia to decribe rootkits, but they also give this detail "[useful for] Conceal cheating in online games from software like Warden." Don't go around thinking I'm calling XenoBot a virus, lol)


If there is a type of stealth client-sided detection associated with these updates, I will have it reversed, analysed, trumped, and counter-acted within the week.

Hm..intresting. Does that means if I avoid the bot scan, for example by start the bot after login, that it would be more safer? Aswell there should'nt be any risk for having bot installed on the computer?

[lunevil]

Guys, as I said earlier, my acc is safe, but I think i have useful information - my XenoBot was injected during mini-patch 2 times and as i said my acc is safe.Weird.

[Andrewx]

Hm..intresting. Does that means if I avoid the bot scan, for example by start the bot after login, that it would be more safer? Aswell there should'nt be any risk for having bot installed on the computer?

Having it on your computer won't be a problem, they can't legally scan your computer itself, only the tibia files.

[DarkstaR]

Even if they can scan your computer, a fair player could play on a cheating friends system. Inconclusive.

[J.Dre]

Okay, so the theory is that these minipatches are actually bot scans. While there is no visible detection code in the client, it is very possible that, when "downloading a new .dat file," they can be sending bytecode which is then codecaved into running a quick detection sweep.

I believe I have heard of this as well.

If there is a type of stealth client-sided detection associated with these updates, I will have it reversed, analysed, trumped, and counter-acted within the week.

Hopefully you are able to succeed in doing so. Good luck, Dark.

[anczej]

Its only eyewashing by darkstar. Thats problem with xenobot and his injections like icons in elfbot was.

[DarkstaR]

All of Elfbot was injected, not just Icons. I honestly would put up money betting you have absolutely no clue what "injected code" entails or how common it is.

[anczej]

Ye I dont know how tibia detect system works, but I know much about programming, even you will win money, and also I will bet on that u dont know also whats going on with this system, like we can see after massbans.

edit: Expensive is not always better than free tool

[Aydin]

Ye I dont know how tibia detect system works, but I know much about programming, even you will win money, and also I will bet on that u dont know also whats going on with this system, like we can see after massbans.

edit: Expensive is not always better than free tool

And I bet that you don't even belong here, and I also bet that you don't even use Xenobot.

All I can say is gtfo