Poll: Is there any interest in a Windows version of ShowEQ?

[binky]

Whew, big thread.

Well here's what i think is the best option. Seems to have already been half done in CVS.

1. Option to input key as text into ShowEQ. (Already done it looks like?)
2. *win32 console* program called "freecell.exe" or "explorer.exe" that you run *manually* once you've zoned in etc. It scans eqgame.exe's memory, copies key to clipboard, and exits - hopefully this process takes a few milliseconds. No fixed window title or window class to detect, it's open for a jiffy (EQ won't be scanning process lists constantly - bit of a performance hit?), and it's called something that looks innocent.

OR
3. *win32 console* program again as above, that sends a quick UDP packet or opens up a TCP connection to an IP:Port specified in the command line or an .ini file (which is also set in ShowEQ and is NOT fixed and IS configurable - eg: you don't want EQ scanning 192.168.*.* for a fixed ShowEQ port xxxx), and then exits quickly.

I don't mind *in the slightest* having to fire up the session key extracter every time i zone.

If you're worried about EQ scanning the clipboard for its session key and banning you if it finds a match, well.. Encrypt it then place it in the keyboard, then decrypt it in ShowEQ. Beat them at their own game.

And if you're worried about EQ scanning packets - lol, they don't, and they can't. You need drivers to do that and EQ cannot go this far, has not gone this far, and will not go this far. Find me 1 firewall that does not install a service or driver and i'll go back on that statement.

Which reminds me, a ShowEQ windows driver is *too* detectable. Go with the manual win32 console app that you run and it closes within milliseconds.

Cheers.

[sakshale]

I liked the image I got from reading an earlier post -- lost many pages back, so I won't try to quote it.

When I run my standard scripts, CVS-Update and Build, I end up with two items; linux showeq and a window .exe file. The .exe file contains the IP number of the host I built it on, a key that it shares with the showeq file and a port that it knows the showeq program will listen on... All twisted into a custom little binary...

[cheeze69]

Originally posted by Manaweaver
Well all i think i have to say is, "Damn the man." at this point. The amount of people using showeq is so insignificant they really are spending money where they don't have to...I mean 100,000+ people play EQ and only a fraction of them actually use SEQ, and spread across all of the servers I highly doubt the impact is any where near hurting the game.

Well, I must agree. I have always understood the devel's desire to keep the "barrier to entry" high enough that every AOL user and his retarded brother can't use SEQ, but it seems that SOE has dropped the gauntlet on this one...

I'm really surprised that with the impending death (no flames needed, just an observation) of EQ with the upcoming EQ2, that they have bothered this much with keeping SEQ users out. I wonder if they are using this to test the resilience of their "methods" for use in EQ2...

Anyway, the knee-jerk reaction I had to this is to say "fuxx0r them" and release the Winbloze version of SEQ. If you're reading the info right out of windows RAM, unless they move the data every day, it should be fairly easy to stay on top of (total uneducated opinion). Then, SOE would be penalized for their efforts by 100 TIMES more users using SEQ than are using it today.

But, like I said, that is my knee-jerk reaction and not necessarily the best one. The one thing to remember, though, is that we (the "hackers") will win in the end because we have the desire and the ability (it's probably more the challenge than the actual result that drives the SEQ developers). Like every other technical "roadblock" implemented in the past, this one will be crushed because no company can pay a team of developers to stay ahead of hundreds of "hackers" and the time they will devote to figuring-out a workaround.

If only SOE would give us a decent map function, then (as the FAQ says) most of the incentive to use SEQ would be gone. Until then, they can FOAD.

[binky]

Originally posted by sakshale
I liked the image I got from reading an earlier post -- lost many pages back, so I won't try to quote it.

When I run my standard scripts, CVS-Update and Build, I end up with two items; linux showeq and a window .exe file. The .exe file contains the IP number of the host I built it on, a key that it shares with the showeq file and a port that it knows the showeq program will listen on... All twisted into a custom little binary...

Now that's sexy.

I was a bit concerned about storing ShowEQ IP:Port numbers in an .ini file. Would be trivial for EQ to get each process' starting directory and scan for an .ini file they know will exist and they know the format of.

So embedding a random/customisable port, an IP, and an encryption key (not really essential) into the .exe would give better security. Wtg!

Cheers.

[Virusmaster]

Imagine, if you will, a sniffer program that also has the added functionality of peeking in your address book and emails itself out to users with the letters "SEQ" in consecutive order and all in caps. This little sniffer virus would also have to check it's version, updating older copies of itself if needed. Since it would be a virus, how could you hold someone responsible for having it installed and running on thier computer? Wouldn't prove a thing if they were running it, and not their fault if they had a hotmail account name of "[email protected]"

Opensource provides some protection, but for the really dirty work a virus is always safest

[intous]

I think there needs to be a winSEQ so that SoE will be busy detecting that and not have time to figure out how to detect the memory leech that grabs a key for linuxSEQ.

[bonkersbobcat]

I'm really surprised that with the impending death (no flames needed, just an observation) of EQ with the upcoming EQ2, that they have bothered this much with keeping SEQ users out. I wonder if they are using this to test the resilience of their "methods" for use in EQ2...

Another thing to consider...

SOE has a coming problem, that problem is to get the EQ users to leave EQ and to buy and play EQ2.

Why would someone who has invested literally years into building EQ characters, abandon those characters and build EQ2 characters? Especially if those users are really comfortable? One way would be to remove the level of comfort. Removing the level of comfort could be making sure that nice things like SEQ don't work.

Perhaps they are trying to degrade the EQ experience so that people won't be as attached to EQ and are willing to go to EQ2?

Just a thought.

[hhh]

I'd venture to say that 90% of the ppl that were 'comfortable' with EQ will not buy another Verant product, myself included.

I'm sure the next company will apprecaite my $ of 5 account as much as verant did.

Maybe Horizens or Shadowbane, but not EQ2 or SWG.

These guys are digging their own grave.

[spungee]

I'd say screw'em, it's been mentioned before, and I think the arguments for not having a Winseq because it would be easier to detect is bottomless. After the legal threats, some time back they wouldn't raise an arm to ban people they discovered running seq.
BUT with the upcoming release of EQ2, and maybe a (modified) seq version for that one, I'd say stick with the development on Linux.
The decryp key... why are we walking so silently, we got more combined knowledge than SOE/VI can ever dream of, why are we being so cautious(sp?) SOE/VI will NOT spend time=money on trying to track down/break a couple of their users that are using this program, atleast not within EQ(1).

Some good points has been made on this thread, and a lot of ranting...focus guys, there's no need to flame other people for brainstorming, that's part of why were here, or did I totally misunderstand the concept of this site
constructive feedback is another thing, but don't make people scared of tossing out ideas, that's the last thing we need.
and now you can ask....who the hell am I?

not telling

-plato-

[lostinspace]

Why not to go both ways:
- winSEQ
- small program (memkeyreader) that can extract key from memory and send it to SEQ on other box

That way you can have benefits of both solutions. Linux SEQ needs to be defined to listen on certain port and when it receive packet, use key. Packet should be sent by sniffer on EQ PC, and it can be encrypted by some simple shared-key based procedure.

With this approach, even if winSEQ is not made now, someone will make it from open source code. Advantage is that you could use winSEQ or linuxSEQ on 2nd box, both would be able to receive key from sniffer. And of course, winSEQ can use its own key sniffing if run on same PC.

If function of memkeyreader(sniffer) program is kept simple (read EQkey from given offset in EQ memory, simple encrypt EQkey with sharedkey and sent to IPort of SEQ listener) - then lot of people could make their own sniffer program. That would result in hundreds of unique memkeyreader versions and thus make impossible for SOE to detect some known pattern. Not to mention that if you play EQ under winXP/2000/NT, they can not read your memory unless they install kernel mode driver (which they cant do on your PC). Therefore they could only scan process name (which you can set to any name you want). So if you have NT based OS, and until SOE can install kernel driver on it, even winSEQ on same box would be safe.

So I propose you make both options. Start with setting up listening port on SEQ and give us offset into EQ and I'm sure memkeyreader programs will just pop-up Ah, define simple encription method so SOE wont know it is packet with their key even if they sniff packets. Some simple XOR with given shared key and random starting offset for payload (EQkey) would be enough for this purposes.

After that only needed update would be to post new EQkey offset after they rebuild(patch) EQ, so memkeyreader could use new offset.

[BlueAdept]

Originally posted by spungee
I'd say screw'em, it's been mentioned before, and I think the arguments for not having a Winseq because it would be easier to detect is bottomless. After the legal threats, some time back they wouldn't raise an arm to ban people they discovered running seq.
BUT with the upcoming release of EQ2, and maybe a (modified) seq version for that one, I'd say stick with the development on Linux.

The decryp key... why are we walking so silently, we got more combined knowledge than SOE/VI can ever dream of, why are we being so cautious(sp?) SOE/VI will NOT spend time=money on trying to track down/break a couple of their users that are using this program, atleast not within EQ(1).

I disagree. After the first bannings for WinSEQ (scanning the task manager) they "reserve the right to scan the task manager and hard drive contents but choose not to do so at the present time" (that isnt word for word but is similar to the press release they did back then). Besides, they dont have to say they ban you for WinSEQ, they can ban you for nothing.

The developers apparently have nothing better to do than to screw with SEQ. Rowyl made it plain that it is an all out war against SEQ. Im sure that there will be mass bannings as soon as they are able to figure out if someone is using WinSEQ or a key sniffer. BUT I still say screw them. If they want to go down that path, then so be it. Open up everything and support windows versions. SOE feels that after the first wave of bannings, people will stop using it. They are wrong. The more publicity this gets, the more people will hear about it and find out what SEQ really does, the more people will use it.

[Aurelius]

I'm don't believe that I will move over to the EQ2. I have many accounts on EQ as it is. I've grown accustomed to EQ and it cracks my ass everytime they come along with new expansiions that require me to upgrade my systems. Then they raised the price of admission (true $3 is not the end of the world, but times the number of accounts per month adds up.)

I will end up buying multiple copies of PoP only because it is a nice transit station. I have several characters that could go to PoP but it doesn't interest me personally. I have a lot of the old world to look at yet. Hell, I don't even have all the stupid Kunark spells yet. I am a plodder. I usually play solo (if playing with multiple computers can be called solo) and I enjoy the information SeQ provides.

I'll go with Ratt, Fee and the rest. I guess I am just a follower at heart but I'll support in what ever way I can to the cause.

Give 'em hell.

PS If any of you guys decide to dump your old accounts, let me know. I'd be happy to share your sundries and weapons with my crew. ))

[MisterSpock]

To Ratt and all the developers:

Thank you for everything you've done. I'm with ya to the end, whatever direction you choose. In unity there is strength. I will do whatever I can to help.


To Sony/VI:

I wonder if you realize just how many people like me there are out there. We're the players who are frustrated with your lies. We're the ones who are frustrated with your nerfs. We're the ones who are frustrated with the way the game cheats the players.

I played your game for many months before I knew anything about SEQ's existence. I bought in to all that you said about how the con system worked, how pets worked, how NPCs worked, etc. I did, at least, until it became painfully obvious that either you didn't know how your own game worked, or you were lying to us.

Enter SEQ. From that moment on, my eyes were opened. I saw how pathetically simplistic your con system really is. I saw the way you made NPCs artificially harder than they should be, yet yield low amounts of experience. I saw the various ways you allow NPCs to follow a different ruleset than the PCs. It was those of us in the SEQ community who proved to you, but more importantly to other players, things that were out of whack, and that what you were telling us was just plain wrong. That, to me, sounds like people who cared about the game.

I never got in to the fancier features of ShowEQ like filtering and alerts. All I used it for was as a map (to keep from getting lost), as radar, and as a improvement to your con system. In short, I used it to add functionality to the game that should have been there in the first place. Other games (like AC / AC2) have radar, mapping, and a more reasonable con system built in. In those games, there is no purpose, to me, for a ShowEQ equivalent.

Can ShowEQ be used to cheat? Sure, to some extent. However, that extent is relatively minor to the myriad of trade skill exploits, quest exploits, scamming, and pathing exploits that other players are doing (probably a very large percentage of them are not seq users, either). SEQ cannot be used to make rare mobs spawn; it cannot be used to improve a characters run speed; it cannot be used to automate trade skills; it cannot be used to dupe items.

What is even worse, in my mind, is that you have agressively targeted a relatively benign program, yet you have done NOTHING to crack down on the myriad of macro programs out there. These are the programs that have wrecked the EQ economy. These are the programs that alter the client's memory in such a way as to directly alter a character's in-game abilities. These programs, in their relatively short existence (relative to SEQ), have done FAR more damage to the game than SEQ ever did. Yet your response to the some of the most egregious examples of macro-created havoc was late, at best, and of questionable effectiveness. How many millions of macro'd plat entered the market before you got off your collective posterior and acted? Chances are very good that some of the people who reported the macro exploit to you were SEQ users who still, for whatever reason, care about this game.

Frankly, SEQ was one of the few reasons I continued to play. The challenge of knocking the rust off my Unix and C/C++ skills was quite enjoyable, all that while keeping a sanity check on what you're telling us about the game. To me, it made the game marginally palatable. I will not go back to the dark ages. I will not ever again take what you say at face value. You have proven to be unreliable.

This latest act, while well within your rights, is poorly thought out, at best. The long term effect on the game is going to be detrimental. As much as you have angered me, I still find this to be sad. I suppose it is because some small part of me still cares about the game and those that play it.

[RavenCT]

I work in the IT field, but I'm not a developer... Here's my question though. It was from something that someone else previously posted.

Regarding a memory key grabber/sniffer, in the case of 2000/XP, wouldn't you need some sort of Kernel driver to do this? I know that the memory under the Windows NT based O/S's is much better protected that under the Win9x based systems. This is mostly what gives NT/2000/XP a good portion of its stability.

So, for Veriant to scan for other things in memory (i.e. looking for the signature of a memory scanner in active memory) it would need a Kernel level driver to do as such? Wouldn't a memory sniffer need the same?

How easily detectable would this be? And would this require EQ to be running on a Win9x based (Win ME) OS?

I don't know about the rest of you, but I much prefer running EQ on a Windows 2000/XP OS! Much more stable and it actually runs faster that if I ran it on 98/ME...

[JustACoder]

Why not make a small program like xylobot that does macros of the sort and has a little popup that shows you your key so you can enter it in manually. This seems to be the way we are heading, and I wouldn't mind entering the key every zone, as I usually would just use the GPS function to travel in zones and start to hunt when I get settles. I.E. DL, RM, and the Planes.