• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

OTclient no bot

shakal1994

shakal1994

Member
Joined
Nov 20, 2020
Messages
78
Reaction score
15
good evening everyone


By chance, does anyone know how to delete the otclient bot for good?

Guys is enabling bot on my server but I want it to be banned
 
Sort by date Sort by votes
Well, to "limit" number of bots you could provide custom OTClient with custom RSA/opcodes with obfuscated scripts (keep control sums on server to validate if these were not modified).
Like most of people would give up on botting.
Of course there always would be some grumpy kid who can spend time on debugging and reverse engenering your client code to eventually find some memory addresses in your client to inject some code but I don't think it's worth to spend more time on solutions to mittigate risks of such injections (depandssss).
 
Upvote 0 Downvote
lursky said:
Bem, para "limitar" o número de bots, você pode fornecer OTClient personalizado com RSA/opcodes personalizados com scripts ofuscados (mantenha as somas de controle no servidor para validar se elas não forem modificadas).
Como se a maioria das pessoas desistisse de usar bots.
Claro que sempre haveria algum garoto mal-humorado que pode gastar tempo depurando e fazendo engenharia reversa do código do cliente para eventualmente encontrar alguns endereços de memória em seu cliente para injetar algum código, mas não acho que vale a pena gastar mais tempo em soluções para mitigar riscos de tais injeções (depandssss).
Click to expand...
Entendo, já fiz a chave RSA, fiz algumas alterações... mas quando alguém pega todos os módulos e a pasta init do meu cliente e coloca no cliente original, ele consegue acessar normalmente com o bot funcionando... Eu queria remover esta opção
 
Upvote 0 Downvote
shakal1994 said:
Entendo, já fiz a chave RSA, fiz algumas alterações... mas quando alguém pega todos os módulos e a pasta init do meu cliente e coloca no cliente original, ele consegue acessar normalmente com o bot funcionando... Eu queria remover esta opção
Click to expand...


github.com

GitHub - OTAcademy/otclientv8: Mirror of official OTClientV8

Mirror of official OTClientV8. Contribute to OTAcademy/otclientv8 development by creating an account on GitHub.
github.com github.com

Build your own version of OTCv8, install the OTCv8 detection in the server sources, and read the custom client version for login:


github.com

forgottenserver/protocollogin.cpp at 2839d4d7a8ad3597eff6c786f4ceb9b1b4b4456b · OTCv8/forgottenserver

A free and open-source MMORPG server emulator written in C++, compatible with OTClientV8 - forgottenserver/protocollogin.cpp at 2839d4d7a8ad3597eff6c786f4ceb9b1b4b4456b · OTCv8/forgottenserver
github.com github.com

You can also customize many more things so that they cannot edit your client easily.
 
Upvote 0 Downvote
-stream lua from your server on launch everytime, do not store them on clients PC
-detect luaL_loadbuffer and lua_pcall hooks to prevent loading custom scripts
-invest in VMProtect
-Heuristic detection of third party bots
-low level mouse/keyboard hook to prevent or detect sending mouse/keyboard events

this will stop 99,9% bots
 
Upvote 0 Downvote
1) change RSA in otclientv8/modules/gamelib/const.lua
github.com

otclientv8/modules/gamelib/const.lua at master · OTAcademy/otclientv8

Mirror of official OTClientV8. Contribute to OTAcademy/otclientv8 development by creating an account on GitHub.
github.com github.com
1.5) change RSA in key.pem
here

OTcv8
2) delete module game_bot
3) delete this line otclientv8/features.lua at master · OTAcademy/otclientv8 (https://github.com/OTAcademy/otclientv8/blob/master/modules/game_features/features.lua#L16)
4) encrypt
5) compile


or
mehah client
github.com

GitHub - mehah/otclient: An alternative tibia client for otserv written in C++20 and Lua, made with a modular system that uses lua scripts for ingame interface and functionality, making otclient flexible and easy to customize

An alternative tibia client for otserv written in C++20 and Lua, made with a modular system that uses lua scripts for ingame interface and functionality, making otclient flexible and easy to custom...
github.com github.com
2) use mehah , defaul bot protection

or

CipSoft
2) use
or use a custom version, which can't use bot in his time there was a website called vapus or something like that

and to ensure that you cannot inject ,use a version lower than 8.1
to avoid the elfbot


there are other bots like uopilit
 
Last edited:
Upvote 0 Downvote
Error 502 said:
1) altere o RSA em otclientv8/modules/gamelib/const.lua
github.com

otclientv8/modules/gamelib/const.lua at master · OTAcademy/otclientv8

Mirror of official OTClientV8. Contribute to OTAcademy/otclientv8 development by creating an account on GitHub.
github.com github.com
1.5) alterar RSA em key.pem
aqui

OTcv8
2) exclua o módulo game_bot
3) exclua esta linha otclientv8/features.lua em master · OTAcademy/otclientv8 (https://github.com/OTAcademy/otclientv8/blob/master/modules/game_features/features.lua#L16)
4) criptografar
5) compilar


ou
mehah cliente
github.com

GitHub - mehah/otclient: An alternative tibia client for otserv written in C++20 and Lua, made with a modular system that uses lua scripts for ingame interface and functionality, making otclient flexible and easy to customize

An alternative tibia client for otserv written in C++20 and Lua, made with a modular system that uses lua scripts for ingame interface and functionality, making otclient flexible and easy to custom...
github.com github.com
2) use mehah , proteção bot padrão

ou

CipSoft
2) usar
ou use uma versão personalizada, que não pode usar bot em seu tempo, havia um site chamado vapus ou algo parecido

e para garantir que você não pode injetar, use uma versão inferior a 8.1
para evitar o elfbot


existem outros bots como uopilit
Click to expand...
Thanks for your answer my friend! So far it's working :D
 
Upvote 0 Downvote
Error 502 said:
1) altere o RSA em otclientv8/modules/gamelib/const.lua
github.com

otclientv8/modules/gamelib/const.lua at master · OTAcademy/otclientv8

Mirror of official OTClientV8. Contribute to OTAcademy/otclientv8 development by creating an account on GitHub.
github.com github.com
1.5) alterar RSA em key.pem
aqui

OTcv8
2) exclua o módulo game_bot
3) exclua esta linha otclientv8/features.lua em master · OTAcademy/otclientv8 (https://github.com/OTAcademy/otclientv8/blob/master/modules/game_features/features.lua#L16)
4) criptografar
5) compilar


ou
mehah cliente
github.com

GitHub - mehah/otclient: An alternative tibia client for otserv written in C++20 and Lua, made with a modular system that uses lua scripts for ingame interface and functionality, making otclient flexible and easy to customize

An alternative tibia client for otserv written in C++20 and Lua, made with a modular system that uses lua scripts for ingame interface and functionality, making otclient flexible and easy to custom...
github.com github.com
2) use mehah , proteção bot padrão

ou

CipSoft
2) usar
ou use uma versão personalizada, que não pode usar bot em seu tempo, havia um site chamado vapus ou algo parecido

e para garantir que você não pode injetar, use uma versão inferior a 8.1
para evitar o elfbot


existem outros bots como uopilit
Click to expand...
como faço para criptografa meu otclientv8 de forma que proteja todos os arquivos e não seja uma criptografia fraca que possa ser quebrada facilmente revelando minha rsa e outras coisas?
 
Upvote 0 Downvote
tdp157 said:
como faço para criptografa meu otclientv8 de forma que proteja todos os arquivos e não seja uma criptografia fraca que possa ser quebrada facilmente revelando minha rsa e outras coisas?
Click to expand...
If you are going to tag me, speak in English
 
Upvote 0 Downvote
tdp157 said:
how do i encrypt my otclientv8 in a way that protects all files and isn't weak encryption that can be cracked easily revealing my rsa and stuff?
Click to expand...

You need several things, one of them is the use of custom encryption, change the way values are stored in LUA files to not expose RSA related values, connect with a special Key on your client and server can be with a encrypted binary or hexadecimal values, so even if some things are read in memory, it would make it difficult to read or at least obtain that data. You can also weekly update these Keys or values with weekly "patches" to your client, so you make it even more difficult in any of the cases that this encryption may be Broken, you can use simple keys in HEXcode and then encrypt them with something very complicated like AES256. Change the calls in the client for the most basic functions, so you avoid that they can use the same client against you.

Keep in mind that things like the host IP can only be hidden with large proxies like using Cloudflare Spectrum. Or with some related changes, apart from all that with the key between client and server you would already be avoiding connecting from other clients to your server in any way.

I also remember saying that the practice of cryptography is very complicated, and you have to know how to execute it to avoid misunderstandings such as false virus detections. Thus providing in the same way a good experience with the client for the players, in loading times and so on.

I use google translate so I apologize for any mistakes.
 
Upvote 0 Downvote
NvSo said:
You need several things, one of them is the use of custom encryption, change the way values are stored in LUA files to not expose RSA related values, connect with a special Key on your client and server can be with a encrypted binary or hexadecimal values, so even if some things are read in memory, it would make it difficult to read or at least obtain that data. You can also weekly update these Keys or values with weekly "patches" to your client, so you make it even more difficult in any of the cases that this encryption may be Broken, you can use simple keys in HEXcode and then encrypt them with something very complicated like AES256. Change the calls in the client for the most basic functions, so you avoid that they can use the same client against you.

Keep in mind that things like the host IP can only be hidden with large proxies like using Cloudflare Spectrum. Or with some related changes, apart from all that with the key between client and server you would already be avoiding connecting from other clients to your server in any way.

I also remember saying that the practice of cryptography is very complicated, and you have to know how to execute it to avoid misunderstandings such as false virus detections. Thus providing in the same way a good experience with the client for the players, in loading times and so on.

I use google translate so I apologize for any mistakes.
Click to expand...
Thank you very much for your attention.

Can you create a custom encryption for me?

I will pay for it, we just need to agree on a price!

My Discord is: th1ag03585
 
Upvote 0 Downvote

Similar threads

T
  • Question
OTClient otclient configuration
Replies
2
Views
513
Tubeshop
T
T
  • Solved
OTClient how to change icon of compiled otclient exe file?
Replies
7
Views
363
Tubeshop
T
darkangel1
  • Question
OTClient OTClient error map
Replies
2
Views
363
Onimusha
Onimusha
Jpstafe
  • Question
How can I change this battle function in otclient?
Replies
6
Views
414
Fjorda
F
B
  • Question
Version incompatibility
Replies
1
Views
121
axelLmad
A
R
  • Question
Solved Compiling OTClient - Lasted Version ()
Replies
3
Views
619
roriscrave
R
Curb
  • Question
TFS 1.X+ TFS 1.4.2 + mehah OTC Market
Replies
0
Views
491
Curb
Curb
T
  • Question
OTClient Change name and icon otclient
Replies
5
Views
228
Sparkles
Sparkles
T
  • Question
TFS 1.X+ How to add pz icon in 8.0 on otclient?
Replies
0
Views
83
Tubeshop
T
Mateus Robeerto
  • Solved
Does anyone know how I activate store via otclient mehah?
Replies
3
Views
525
popa45
popa45
Back
Top