View Full Version : SendInput alternative

11-02-2011, 08:55 PM

I want to build a 'keyboard assistent' (ahem) for an online game doing all the routine jobs.

However, as I have read in one of the threads in this forums,
sending virtual keystrokes and mouse events using the windows API 'SendInput'
can be easily detected by the client.

Is there an undetectable alternative for the windows API 'SendInput'?

Thanks for hints

11-03-2011, 11:50 AM
Simplest answer is that there are no undetectable hacks, and there are no methods of detecting them that are unavoidable. It is a game of walls and ladders.

11-04-2011, 03:22 PM
You can use PostMessage, but that also is quite easily detectable.
All they need to use is GetAsynKeyState and they'll see that the client is getting Key downs, and that no keys are being pressed.
I believe you would need an even lower level hook to fool them.

11-04-2011, 11:19 PM
And you can detect that by comparing IAT to an unhooked copy, which you can avoid by direct hooking, which you can detect by code crc, etc. etc.

11-07-2011, 07:16 PM
Modify your keyboard driver, write a filter driver or make a virtual keyboard driver and talk to either.

11-07-2011, 09:25 PM
Believe it or not, it can also be detected by another driver (this is what Punkbuster does).

11-07-2011, 11:49 PM
Ofcourse it can be detected, it's a matter of probabilities.Also, I'm not familiar with what punkbuster does, but there are for sure ways around it, as usual.
If you want something even better than that, you can always program the hardware, in many ingenious ways.But I think a modified keyboard driver should be enough for most things.

11-29-2011, 03:08 PM
Thanks folks for your input.

Are the above statements also true on a VM if input is generated from the host?

11-30-2011, 11:56 AM
... and what about multiboxing software?

11-30-2011, 06:28 PM
In case of vm's it depends on vm implementation, as everything it _can_ be detected (as in that a vm input diver is loaded), but most likely there won't be any user-mode traces.
Multiboxing software would produce false poisitives if ccp ever gets round to getting the detection done.