-
New MQ released on 17-April-24 - Problem Report/Discussion Link
Methods to Download MQ:- Download MMOBugs MQ-Live Setup - Full installer download
- Download MMOBugs MQ-Live - Pre-compiled zip download
- Run MMOLoader.exe and apply appropriate updates.
How Project 1999 MQ2 Detection System Works
- Thread starter Fry
- Start date
Well I just recently decided to give EQ another try and opted to play on the Project1999 server. I primarily purchased a VIP subscription here to discuss P1999 and so went through the posts to see any discussion on it. This was only on page two and I didn't realize how old it was when I bumped it. Sorry about that. Clearly not a whole lot of interest about MQ2 on this server.
- Joined
- Jan 31, 2005
- Messages
- 11,859
- Reaction score
- 585
- Points
- 113
- Location
- Australia
- Website
- www.mmobugs.com
I wouldn't call what they gather personal information. Below is the code that gathers "personal" information, if it can be called such. Outside of that, they do indeed iterate all of your modules from within eqgame, as well as all remote processes. VAC actually scans every file on your entire hard drive (hashed but no contents sent) so this isn't atypical of an anticheat. With that said, you can block all of this information from being sent incredibly easily and getting around their MQ2 check is a breeze.
As a matter of fact, this is the simplest anti cheat I have ever seen. They rely fully on their Themida protection assuming that nobody will be able to unpack it I suppose. I will concede that window titles does not seem necessary at all for cheat prevention, and I am curious what the purpose of this scan is, if it serves any at all. Although I have seen other anticheats (i.e Battleye) use this method to detect things such as Cheat Engine.
EDIT: Just a disclaimer, I only spent a few hours on this anti cheat and have not fully reversed it yet. Very possible that personal data is sent in which I simply haven't noticed yet, but I will update everyone if I find such a scan.
This is actually really good information. Nobody with reverse engineering talent that I know of has really put any time trying to beat there detection system as most of us have taken the stance that if they really put this much effort into trying to stop MQ2 we're not going to bother.
They would detect any sort of movement hacks, far targeting, and they don't allow multi-boxing, so your really stuck with information gathering plugins and macros. When your playing a solo character, macros are not that useful.
Getting map working, bard twist and maybe some tradeskill macroing is really the only useful things I could think MQ2 could be useful for on the server. Solo leveling to 10 or 15 could be do'able, but after that your stuck with grouping/kiting which you really can't macro too well without being noticed.
Far targeting is entirely client sided using MQ2. They replace the /target command with their own emulated version, so as far as I can tell no packets would be sent signaling the server of such an event. As far as the map, it's ridiculously easy to bypass (information below on what they do). Simply remove their engine hooks and you have full access to the map once again.
You should be able to do everything in P1999 that you can do on any other emulated server after bypassing their anti cheat. Obviously the built in EQEmulator MQ2 checks for things such as speed hack will still be active, but also look fairly easy to bypass (note their detection routines in the EQEmulator source code). I may share more technical details in the future.
EDIT: Multi boxing can be done via tunneling separate EQ processes through a VPN, although I have no interest in that as I don't box.
Last edited:
Actually when you target a mob, a packet is sent because it request updates for the mobs hitpoints. Hitpoints are not updated for all mobs continually, only for mobs that you target. This is why you can see a delay in the HP changing after targeting a mob that has taken some damage or healed some.
Since it sends this packet requesting the targets hitpoints. It's a simple process server side to check if the target is further away than you should be able to target. Granted that may also kick in if you simply kept a mob targetted and moved away, so it would have to have some check in there to make sure this is the initial update or something.
Blitzkrieg
Time Traveling Troll
Lol '99. Shit, you want to play '99 play your tutorial. Become the cleric, smite the skeleton!
Rinse and repeat to your hearts desire!
Rinse and repeat to your hearts desire!
If it's like the old days, zone-wide assist also works. So there are legitimate ways to target a mob from far away too. This would be a terrible option for checking for the use of MQ2 on P99, in my opinion, just as there are too many false positives.
DT
Lifetimer
DT
Lifetimer
Well, some of the pathing errors are no longer in there. Some of the exploits have been removed, etc. I don't know the full extent but I know it is not EQ 1999. It is EQ 1999 how P1999 thought it should be.
Zone wide assist does not work. Honestly I don't recall it ever working before I started using MQ2, but I could be forgetting it working long ago. I've already tested this not because I was trying to cheat but because I was trying to con the monk guild master in freeport with my iksar monk so had a friend go in and target them for me.
That doesn't mean it's a good option for detection, just that it is a possible option that they may or may not be using. Only legitimate method I can think to target something further away than you would normally be able to do, is possibly by using bind sight or an eye of zomm.
Last edited:
For a zone wide assist, couldn't you...
Make PC1 the group assist.
On PC2, have XTarget1 set to Group Assist's target.
Have PC1 go up and target, and then on PC2 click the target on the XTarget window?
Just brainstorming.
Make PC1 the group assist.
On PC2, have XTarget1 set to Group Assist's target.
Have PC1 go up and target, and then on PC2 click the target on the XTarget window?
Just brainstorming.
You cannot multi box (legally - and they generally *WILL* find those who do) on P99 and I do not believe that xtarget works there.
Blitzkrieg
Time Traveling Troll
aCunningGnome
Bomb Defusal Specialist
I think i prefer it. Didn't have people boxing in the old days, generally. I'd be tempted to box if it were easy. This way, it's much easier to find groups and socialize.
I'm also glad there's no MQ2 or easy map function.
I'm also glad there's no MQ2 or easy map function.
Stupid, indeed.
Proxifier - Bypass firewall and proxy, tunnel connections through an HTTPS and SOCKS proxy
Literally their anti map hack is the simplest thing I have ever seen. They do a JMP hook on the toggle map function and replace it with an execution to a chat function that says the map is disabled and return false. Their MQ2 detection is also quite simply one of the easiest things I have ever had to bypass. I will probably release a full blown P1999 bypass soon, I haven't decided yet, but I haven't found much interest in it so there is probably no point keeping it private.
Last edited:
Blitzkrieg
Time Traveling Troll
SiegeTank
Lifetimer
- Joined
- Aug 20, 2007
- Messages
- 2,307
- Reaction score
- 11
- Points
- 38
On P99 the major deterrence against boxing is player vigilance. Sure, it's easy to bypass IP checks. But it's much harder to play two toons as if they're really being played by 2 human beings. Players on that server, some of them at least, are obsessive about catching this sort of thing and if they make a report to a GM it will be investigated. At least that's what I saw back when I was playing there a lot. And then first time offenses are insta-ban of your accounts, no exceptions. That's a pretty high risk to take after investing many hours leveling up your toons.
Beware!
Beware!
On P99 the major deterrence against boxing is player vigilance. Sure, it's easy to bypass IP checks. But it's much harder to play two toons as if they're really being played by 2 human beings. Players on that server, some of them at least, are obsessive about catching this sort of thing and if they make a report to a GM it will be investigated. At least that's what I saw back when I was playing there a lot. And then first time offenses are insta-ban of your accounts, no exceptions. That's a pretty high risk to take after investing many hours leveling up your toons.
Beware!
It's still like that. Me and my group of friends that started on there 3 weeks ago all play together a lot and some of us go afk on occasion. Some of us have already been questioned multiple times, in just 3 weeks lol. There is a large group on that server that is crazily opposed to boxing. They think it killed classic EQ or some such non sense. I don't know, it really does seem silly to me, but then again I was one of the people that naturally 2 boxed since 1999 (I didn't start botting with MQ2 until like 2003). But the server is still fun for me to play around on with my friends, so even though it's simple to bypass the IP check, I'm not going to risk my character having some GM investigating me and asking me to run simultaneous figure 8s or something (that has happened before supposedly lol).
Just to note, if you do use Proxifier on this server to get around the IP check, be prepared to be investigated. I'm pretty sure their custom dx dll is still scanning and sending a list of open programs as well as window titles back to the server. So they will see Proxifier running. While that doesn't prove you are boxing, I think a few of them at least are smart enough to recognize the large possibility of it and pay closer attention to you. If you are going to proxy I recommend you do it in a more secure way, use a VM or an isolated machine and put the proxy settings in a router dedicated for that machine (if you have the capabilities of running multiple VMs, you could set up a VM router using PFSense or DD-WRTx86 and set up the proxy through there, then have the vm that you load your second copy of EQEmu in have it's network configured to go through that router vm.
Last edited:
Similar threads
