RetroTZ
11-20-2002, 05:48 AM
As I understand it, theres only a couple ways SOE could detect us.
1. Memory 'footprint'. A ton of people using the same exe they compiled from a source posted here, could cause SOE to ban everyone who has that exact 'footprint' running while EQ is. Theres no way they could do this. Hopefully everyone has made enough minor modifications to change that 'footprint'. Even if not, this would be dodgy at best and would likely end up in a lot of innocent people being banned.
2. Detecting the read process. If the address was protected and set up to send a flag everytime that addy was read. Theres a ton of stuff out there that reads memory, including Macroquest which not only reads it all, it modifies it. Perhaps not that specific address, but certainly almost every other one. Hopefully we would be able to catch it if they did this. Not sure.
If these are the only two methods of detection (apart from the usual 'AC is UP!!!!'), then I really dont see a large risk in running these sniffers. People are getting way too uptight about it. Am I right in thinking this? I already have a sniffer I customized and have running as a service. I click a shortcut on my server, it loads the service on my gamebox, ftps the key over to my SEQ box, then I just hit F12. Reason why I am asking is that I might switch to Maggotboys code if I have underestimated the risk.
BTW: Thanks so much to everyone that has contributed to SEQ and all the Keysniffers that have been made available. Much appreciated.
1. Memory 'footprint'. A ton of people using the same exe they compiled from a source posted here, could cause SOE to ban everyone who has that exact 'footprint' running while EQ is. Theres no way they could do this. Hopefully everyone has made enough minor modifications to change that 'footprint'. Even if not, this would be dodgy at best and would likely end up in a lot of innocent people being banned.
2. Detecting the read process. If the address was protected and set up to send a flag everytime that addy was read. Theres a ton of stuff out there that reads memory, including Macroquest which not only reads it all, it modifies it. Perhaps not that specific address, but certainly almost every other one. Hopefully we would be able to catch it if they did this. Not sure.
If these are the only two methods of detection (apart from the usual 'AC is UP!!!!'), then I really dont see a large risk in running these sniffers. People are getting way too uptight about it. Am I right in thinking this? I already have a sniffer I customized and have running as a service. I click a shortcut on my server, it loads the service on my gamebox, ftps the key over to my SEQ box, then I just hit F12. Reason why I am asking is that I might switch to Maggotboys code if I have underestimated the risk.
BTW: Thanks so much to everyone that has contributed to SEQ and all the Keysniffers that have been made available. Much appreciated.