process scanner?

[phacemeltar]

on this page it says

Quote:

Verant discovered that they could detect the windows version of ShowEQ (AKA "WinSEQ") by scanning the end user computers task manager list.

i was hoping someone could explain how this is done, and also how i can prevent something like this from happening to me while playing p99.

[Bamz4l]

nice read, but this part is more intriguing:


Guilds and ShowEQ[edit]

Quote:

Many "raiding guilds" have been known to use ShowEQ in order to coordinate raids on high-end content. So much so, in fact, that SOE introduced a number of special features only visible to ShowEQ that taunted the guilds for making use of it (e.g. the infamous "ShowEQ Users Are Lame." message in the Plane of Hate).

[phacemeltar]

im more interested in the part where it says that verant was scanning the processes of their users. does this hint to a built-in vulnerability in EQ allowing it to snoop into other processes?
im concerned with Verant's methods of so-called snooping, if anyone can find information regarding that.

[Kydat]

Quote:

Originally Posted by phacemeltar [You must be logged in to view images. Log in or Register.]

i was hoping someone could explain how this is done, and also how i can prevent something like this from happening to me while playing p99

It's in the Windows API. Anyone programming for Windows can easily write code to get a list of active processes. Unless the EQ client is modified, there's nothing you can do about it.

At the same time there's nothing to worry about either.

[Byrjun]

How do you think P99 catches people who use MQ2/SEQ?

[Haynar]

I dont know what they do here. The brilliant way would be to monitor the process and see what accesses it in memory. That would be the way I would do it. Do I know how to do that? Nope. Is is possible? If they can steal password from ram, then you can monitor what accesses certain memory locations.

If you know better ways to detect stuff like myseq/mq2, then let the staff know. They might reward ya with a guise or something cool.

P99 .... We stomp out hacking script kiddies on a daily basis.

[Byrjun]

Quote:

Originally Posted by Haynar [You must be logged in to view images. Log in or Register.]

I dont know what they do here. The brilliant way would be to monitor the process and see what accesses it in memory. That would be the way I would do it. Do I know how to do that? Nope. Is is possible? If they can steal password from ram, then you can monitor what accesses certain memory locations.

If you know better ways to detect stuff like myseq/mq2, then let the staff know. They might reward ya with a guise or something cool.

P99 .... We stomp out hacking script kiddies on a daily basis.

The way I understand it from when it was discussed a long time ago, is that P99 always had trouble detecting SEQ because it just sniffed packets and didn't modify the memory at all. So a solution was put in place that involved scanning active processes for cheat software like SEQ.

I don't mind though, as long as it's an effective way of rooting out cheating programs. A lot of people who would never usually use something like MQ2 or SEQ feel compelled to acquire this software solely because others use it and they feel they need it to compete. Which, throughout a good chunk of time on live, was highly accurate.

[a_gnoll_pup]

Quote:

Originally Posted by phacemeltar [You must be logged in to view images. Log in or Register.]

on this page it says



i was hoping someone could explain how this is done, and also how i can prevent something like this from happening to me while playing p99.

http://msdn.microsoft.com/en-us/libr...=vs.85%29.aspx

tl;dr no, you can't bypass the anti-cheat

[a_gnoll_pup]

also, something to note: SOE disabled that code years ago and it's not in EQ Titanium. It was out for one patch, then they got the legal shitstorm and never re-added it.

all being said if you're concerned about getting non-personally identifiable information collected from your computer like the string "C:\Program Files\MSN Messenger\msmsgr.exe", you might wanna pack up your tinfoil hat because you don't know what you are talking about.

[Thulack]

P99 has a DLL built specifically for finding hacking tools. It can go as far as telling them what folder you have Eq installed too. Wouldnt be worried so much about verant as would for p99 staff :P