53 replies to this topic

[Drenzul]

Khosumi, on 14 September 2025 - 07:58 AM, said:

I truly hope you know this is not very expensive to calculate, and has been common on hardware with anemic performances compared to your modern PC since the 90s.

Yes and no.
If you had an aimbot that had direct access to the in-game data, then yes you could do this much more easily. Even then it wouldn't help against targets who are manoeuvring. Also these basically need updating whenever the game is been updated and no-one with the skills to do this is wasting their time on a game with a player-base this low. Also these are relatively easy to detect.

The normal version of aimbots that work externally to the game have to work out the range to the target by analysing the mech and working out it's size on screen compared to the model size (for snap twists to work since you don't have targeting data), then work out the speed by analysing how much they are moving across the screen. That type of visual analysis is not easy or quick to do, made worse by the fact you are having to check for multiple different mech models without randomly locking onto random bits of scenery etc.

Its certainly POSSIBLE to do, but its not easy to do... and anyone doing this is almost certainly going to be doing it for games with a much higher player-base cos they can actually sell it.

Only other way to do it is to intercept the packages going between the game and the server and grab the information from there, again this needs to be reprogrammed after most patches, assuming its sent unencrypted which I really hope isn't the case.

Just for context, I've been a software engineer for nearly 20 years. Trust me I have some idea how it works.

[LordNothing]

Khosumi, on 14 September 2025 - 07:58 AM, said:

I truly hope you know this is not very expensive to calculate, and has been common on hardware with anemic performances compared to your modern PC since the 90s.

yea thats pretty basic vector math. done by 3d games since the '90s (perhaps in the '80s too with games like elite). its a thing you have to do once per frame and nothing compared to other more intensive things like rendering, physics (multiple times per frame) or the worst of the bunch, hit detection (every object against every other object every frame). its all linear algebra and vector math. people should learn to tell a linear algorithm from an n^2 algorithm before they make proclamations about "not enough processing power".

a lead indicator can fit in a dozen lines of code, ive done them before. the end result is a world vector that says aim here. if you instead use the resulting data as a set point for a control system to actuate your arms and torso rather than to position a crosshair on the hud, you have an aim bot. its just mechs are so slow such a thing is completely unnecessary as you rarely have to lead by a mech width ahead, maybe two for the firemoth. its nothing compared to ww2 flight sims where all you had is a reflector gunsight (radar gunsights didn't come out until the '50s). you had to hit a moving target, from a moving position, in an aerodynamic flow with windage acting on the rounds (also done in '90s games).

aimbots are sold in pay to win fashion. more money more features. the stupidity of people who protest a pay to win game by using a pay to win cheat tool, written by hackers who will brick your system if you do anything against them.

Edited by LordNothing, 14 September 2025 - 08:37 PM.

[LordNothing]

Drenzul, on 14 September 2025 - 08:42 AM, said:

Yes and no.
If you had an aimbot that had direct access to the in-game data, then yes you could do this much more easily. Even then it wouldn't help against targets who are manoeuvring. Also these basically need updating whenever the game is been updated and no-one with the skills to do this is wasting their time on a game with a player-base this low. Also these are relatively easy to detect.

The normal version of aimbots that work externally to the game have to work out the range to the target by analysing the mech and working out it's size on screen compared to the model size (for snap twists to work since you don't have targeting data), then work out the speed by analysing how much they are moving across the screen. That type of visual analysis is not easy or quick to do, made worse by the fact you are having to check for multiple different mech models without randomly locking onto random bits of scenery etc.

Its certainly POSSIBLE to do, but its not easy to do... and anyone doing this is almost certainly going to be doing it for games with a much higher player-base cos they can actually sell it.

Only other way to do it is to intercept the packages going between the game and the server and grab the information from there, again this needs to be reprogrammed after most patches, assuming its sent unencrypted which I really hope isn't the case.

Just for context, I've been a software engineer for nearly 20 years. Trust me I have some idea how it works.

or you can sniff the velocity vectors, positions, orientations, etc. from the network packets, which i believe is how these things operate. encryption is no obstacle. there are computer vision based aimbots which operate external to the computer the game is running on, usually by posing as input devices (a stock feature on most arduinos mind you). i dont think mwo has any kernel level anticheat and is not capable of checking for bogus input devices. such anticheat is a cure worse than the disease imho.

Edited by LordNothing, 14 September 2025 - 08:54 PM.

[Quicksilver Aberration]

Drenzul, on 14 September 2025 - 08:42 AM, said:

Only other way to do it is to intercept the packages going between the game and the server and grab the information from there, again this needs to be reprogrammed after most patches, assuming its sent unencrypted which I really hope isn't the case.

Pretty sure most games still use UDP unencrypted because as UDP doesn't support encryption handshakes "natively" and because encryption typically adds latency to all processing which you don't want for anything real time. While security through obscurity doesn't really work, I'd also assume that the packets are some binary level data meaning you have to dissect the structure of the packet as well. Part of the whole deal of having server authorization though is that you can't just shoot a bunch of gauss shots unnecessarily.

Edited by Quicksilver Aberration, 14 September 2025 - 08:45 PM.

[LordNothing]

Quicksilver Aberration, on 14 September 2025 - 08:43 PM, said:

Pretty sure most games still use UDP unencrypted because as UDP doesn't support encryption handshakes "natively" and because encryption typically adds latency to all processing which you don't want for anything real time. While security through obscurity doesn't really work, I'd also assume that the packets are some binary level data meaning you have to dissect the structure of the packet as well. Part of the whole deal of having server authorization though is that you can't just shoot a bunch of gauss shots unnecessarily.

you can encrypt it in software though. its a little slower than use the built in encryption hardware on the network adapter (then again modern cpus have instructions for that). anyone with a gpu farm can crack an encryption key by brute force. capture some packets and throw decryption keys at it until the data starts making sense.

deciphering data is not really hard, look for normalized quaternions and unit vectors. strings of course, you can look em up in a dictionary and see if they make sense.

Edited by LordNothing, 14 September 2025 - 09:28 PM.

[Quicksilver Aberration]

LordNothing, on 14 September 2025 - 09:19 PM, said:

you can encrypt it in software though

I mean sure, but in games where a few milliseconds can be a big deal, I'd hazard a guess most won't.

[LordNothing]

Quicksilver Aberration, on 14 September 2025 - 09:27 PM, said:

I mean sure, but in games where a few milliseconds can be a big deal, I'd hazard a guess most won't.

i dont think modern crypto hardware is that slow.

Edited by LordNothing, 14 September 2025 - 09:31 PM.

[Quicksilver Aberration]

LordNothing, on 14 September 2025 - 09:30 PM, said:

i dont think modern crypto hardware is that slow.

Probably not on that magnitude no, but the juice probably is not worth the squeeze either way.

[Drenzul]

LordNothing, on 14 September 2025 - 08:39 PM, said:

or you can sniff the velocity vectors, positions, orientations, etc. from the network packets, which i believe is how these things operate. encryption is no obstacle. there are computer vision based aimbots which operate external to the computer the game is running on, usually by posing as input devices (a stock feature on most arduinos mind you). i dont think mwo has any kernel level anticheat and is not capable of checking for bogus input devices. such anticheat is a cure worse than the disease imho.

Sure but encrypting the network packages so they aren't sniffable is so easy, I'd be surprised if that wasn't implemented from day one. Its possible it isn't but the tech to prevent that has been around since long before MWO's release.

So you are back to aimbots having to use visual detection to get the variables it needs to do the vector calculation.

Also is very likely not that simple to package sniff as most software has prevention measures put in place like false packages etc that the game knows to ignore but its very hard for a sniffer to work it out.

Decryption of packages is on the scale of nano-seconds rather than milliseconds if you already know the key.

[LordNothing]

Drenzul, on 15 September 2025 - 01:26 PM, said:

Sure but encrypting the network packages so they aren't sniffable is so easy, I'd be surprised if that wasn't implemented from day one. Its possible it isn't but the tech to prevent that has been around since long before MWO's release.

So you are back to aimbots having to use visual detection to get the variables it needs to do the vector calculation.

Also is very likely not that simple to package sniff as most software has prevention measures put in place like false packages etc that the game knows to ignore but its very hard for a sniffer to work it out.

Decryption of packages is on the scale of nano-seconds rather than milliseconds if you already know the key.

thing is hackers (and this is who devs cheat software mind you) have a pretty big toolbox. if there are fake packets, the client will know (and disassembly will show it). it would also show the decrypted packets. you could nab them right from memory right after they get out of the encrypted tunnel. you can also brute force the hash with gpu resources, which cheat software devs have.

when you want to sell a software solution it needs to run on the customers hardware. computer vision based solutions come with some significant upfront costs. you can get around the exploitative business model a software solution uses, but it requires a minimal skill ceiling to pull it off.

the only real level fix is kernel level monitoring, and again, cure worse than disease. given the softwares available id say that mwo is far beyond help at this point. and thats dev time so you know where this is going. and if they do a kernel level anticheat you will lose pop over it (people who care about security, also anyone playing on linux). mwo's anticheat is mostly based on hearsay, people recording their games, and good old fashioned police work (but like in one of those cities that fired all the cops).

Edited by LordNothing, 15 September 2025 - 08:57 PM.

[Quicksilver Aberration]

LordNothing, on 15 September 2025 - 08:49 PM, said:

the only real level fix is kernel level monitoring, and again, cure worse than disease. given the softwares available id say that mwo is far beyond help at this point. and thats dev time so you know where this is going. and if they do a kernel level anticheat you will lose pop over it (people who care about security, also anyone playing on linux). mwo's anticheat is mostly based on hearsay, people recording their games, and good old fashioned police work (but like in one of those cities that fired all the cops).

Pretty sure there was also a report not too long ago the kernel level anti-cheats haven't really proven to have the efficacy to warrant the level of privilege they have anyway. Cheating has proven to be difficult to nail down which should surprise no one who has worked even close to cybersecurity.

[a 5 year old with an Uzi]

LordNothing, on 14 September 2025 - 08:29 PM, said:

yea thats pretty basic vector math. done by 3d games since the '90s (perhaps in the '80s too with games like elite). its a thing you have to do once per frame and nothing compared to other more intensive things like rendering, physics (multiple times per frame) or the worst of the bunch, hit detection (every object against every other object every frame). its all linear algebra and vector math. people should learn to tell a linear algorithm from an n^2 algorithm before they make proclamations about "not enough processing power".

a lead indicator can fit in a dozen lines of code, ive done them before. the end result is a world vector that says aim here. if you instead use the resulting data as a set point for a control system to actuate your arms and torso rather than to position a crosshair on the hud, you have an aim bot. its just mechs are so slow such a thing is completely unnecessary as you rarely have to lead by a mech width ahead, maybe two for the firemoth. its nothing compared to ww2 flight sims where all you had is a reflector gunsight (radar gunsights didn't come out until the '50s). you had to hit a moving target, from a moving position, in an aerodynamic flow with windage acting on the rounds (also done in '90s games).

aimbots are sold in pay to win fashion. more money more features. the stupidity of people who protest a pay to win game by using a pay to win cheat tool, written by hackers who will brick your system if you do anything against them.

There was a Novalogic game I played a lot called Tachyon that had a ship module called Lead Target Assistant that granted players what you're talking about. Baked into the game. Gave you an extra little pipper, "aim here to hit the moving target with your current weapon", immensely helpful for players who were still getting used to shooting on the move (especially while utilizing the slide mechanic).

It's probably not the only game to do it by a long shot.

[GreyNovember]

a 5 year old with an Uzi, on 17 September 2025 - 08:57 AM, said:

There was a Novalogic game I played a lot called Tachyon that had a ship module called Lead Target Assistant that granted players what you're talking about. Baked into the game. Gave you an extra little pipper, "aim here to hit the moving target with your current weapon", immensely helpful for players who were still getting used to shooting on the move (especially while utilizing the slide mechanic).

It's probably not the only game to do it by a long shot.

Ace Combat gives you a lead target for your guns as you get close.

When the system is inbuilt to the game ( And thus can request and read all necessary information to support this), this is not surprising.

[LordNothing]

a 5 year old with an Uzi, on 17 September 2025 - 08:57 AM, said:

There was a Novalogic game I played a lot called Tachyon that had a ship module called Lead Target Assistant that granted players what you're talking about. Baked into the game. Gave you an extra little pipper, "aim here to hit the moving target with your current weapon", immensely helpful for players who were still getting used to shooting on the move (especially while utilizing the slide mechanic).

It's probably not the only game to do it by a long shot.

ive been playing space sims about as long as id been playing mechwarrior games. tacky on the fringe. thats what us freepacers called the game anyway. i did play the game, but the lead indicator is not really that new. pretty sure the x-wing games had one. freespace had one. i have one of the privateer games (i think thats wing commander universe, but i never played wing commander so idk) and im pretty sure that has a lead indicator (and it was a dos game). i dont even think that was the first. freespace stole all the best mechanics from everyone else.

my big issue with those indicators was that you were staring at a gauge rather than the enemy ship. so i wrote a single gauge system for freespace that just required lining up the lead indicator with the target ship. the indicator would however move around the hud so it wasn't always on centerline. it was mostly based on the epiphany that the distance between the crosshair and the lead indicator was the same as the distance between the ship and where you should aim. was kind of fun.

anyway im working all those features into my own game, if i ever get around to working on it. hit detection is holding up the show. its newtonian so i have extra physics that makes it difficult.

Edited by LordNothing, 17 September 2025 - 10:46 AM.