Aimbot
Encyclopedia
An aimbot is a type of computer game bot
used in first-person shooter
games to provide varying levels of target acquisition
assistance to the player. It is sometimes incorporated as a feature of a game (where it is usually called "auto-aim" or "aiming assist"). However, making the aim-bot more powerful in multiplayer games is considered cheating
, as it gives the user an advantage over unaided players.
Aimbots have varying levels of effectiveness. Some aimbots can do all of the aiming and shooting, requiring the user to move into a position where the opponents are visible; this level of automation usually makes it difficult to hide an aimbot—for example, the player might make inhumanly fast turns that always end with his or her crosshairs targeting an opponent's head. Numerous anti-cheat mechanisms have been employed by companies such as Valve to prevent their use and avoid the accusations.
Some games have "auto-aim" as an option in the game. This is not the same as an aimbot; it simply helps the user to aim when playing offline against computer opponents usually by slowing the movement of 'looking/aiming' while the crosshair is on or near a target. It is common for console FPS games to have this feature to compensate for the lack of precision in analog-stick control pads.
, or at team mates after switching teams.
Color aimbots work by scanning the entire or parts of the players screen for the selected RGB value. Once a pixel of the color is detected the aimbot will move the players mouse cursor to that pixel. As such, color aimbots need more system resources than a standard aimbot.
There are versions that scan a smaller area around the players sight and activates this scan when the player presses a button. This type of color aimbot does not require as much resources and is much harder to spot. It does require more effort on the part of users because they have to aim at least somewhat in the correct direction.
Color aimbots are very inaccurate because most FPS games include different visual lighting effects which can distort the color.
-based aimbots. These types of hacks hijack the current API
, such as DirectX or OpenGL, which render a game's graphics to the screen, and use the data gathered to locate players and other objects, for example by counting the number of polygons of player models. Once a player has been identified and tagged as the target, a series of calculations are performed to take the three dimensional location of a single coordinate within this model and convert it to a two dimensional set of coordinates. This pair of x- and y-values is then used in conjunction with some input API to move the cursor to the specified location, thus causing the player to aim at the target. Graphics driver aimbots are common in closed-source games, because it is not necessary to have the game sourcecode to write them.
First and certainly the most enduring example of an aimbot was the Stanford StoogeBot, a proxy-based system for the game Quake written by students at Stanford University
. The StoogeBot featured a number of different modes (each of which implemented a different strategy), named after members of The Three Stooges. The StoogeBot's operator (known as the "driver") used an unmodified Quake client, and moved around the game world as normal, picking up equipment and pursuing (or, in theory, fleeing from) adversaries. Rather than being connected directly to the Quake server, the driver's client connected to a custom proxy on which the StoogeBot code ran, a man-in-the-middle attack
. The driver's movement commands were passed through unaffected, but the StoogeBot assumed responsibility for selecting, targeting, and firing weapons. As Quake's network protocol allowed clients (and thus the StoogeBot) to know the positions of players even when they were obscured by scenery, the StoogeBot had the uncanny ability to shoot players moments after they emerged into view (even with slow-moving weapons such as rockets).
The driver's view didn't turn to match the StoogeBot's inhuman aim, instead behaving as if the StoogeBot wasn't present. The StoogeBot's operation was entirely automatic, and it made no attempt to hide its superhuman prowess. Indeed, it announced its presence (in an in-game chat message) and altered the player's name (as sent to the game server) to include the prefix "SBOT*", and its authors didn't release the source to their program knowing unscrupulous users would immediately remove this protection. The StoogeBot's skills were so blatant and made games so one-sided that when hacked StoogeBots (which didn't announce themselves) became available, their use remained glaringly obvious.
Computer game bot
A bot, most prominently in the first-person shooter types , is a type of weak AI expert system software which for each instance of the program controls a player in deathmatch, team deathmatch and/or cooperative human player. Computer bots may play against other bots and/or human players in unison,...
used in first-person shooter
First-person shooter
First-person shooter is a video game genre that centers the gameplay on gun and projectile weapon-based combat through first-person perspective; i.e., the player experiences the action through the eyes of a protagonist. Generally speaking, the first-person shooter shares common traits with other...
games to provide varying levels of target acquisition
Target Acquisition
In the military, target acquisition denotes any process that provides detailed information about enemy forces and locates them with sufficient accuracy to permit continued monitoring or attacking it....
assistance to the player. It is sometimes incorporated as a feature of a game (where it is usually called "auto-aim" or "aiming assist"). However, making the aim-bot more powerful in multiplayer games is considered cheating
Cheating in online games
Cheating in online games is an activity that modifies the game experience to give one player an advantage over others. Depending on the game, different activities constitute cheating and it is either a matter of game policy or consensus opinion as to whether a particular activity is considered to...
, as it gives the user an advantage over unaided players.
Aimbots have varying levels of effectiveness. Some aimbots can do all of the aiming and shooting, requiring the user to move into a position where the opponents are visible; this level of automation usually makes it difficult to hide an aimbot—for example, the player might make inhumanly fast turns that always end with his or her crosshairs targeting an opponent's head. Numerous anti-cheat mechanisms have been employed by companies such as Valve to prevent their use and avoid the accusations.
Some games have "auto-aim" as an option in the game. This is not the same as an aimbot; it simply helps the user to aim when playing offline against computer opponents usually by slowing the movement of 'looking/aiming' while the crosshair is on or near a target. It is common for console FPS games to have this feature to compensate for the lack of precision in analog-stick control pads.
Color aimbots
Color aimbots are an old and easy method to hacking – they can work in any game that supports colored models. As color aimbots don't hook the game or modify any file, most anti-cheats don't detect them. Despite being lower in performance than hooking aimbots, color aimbots are fast enough to be used as cheats. They however have disadvantages – because the detection is purely color coded, the aimbot may aim at textures that contain the color, at dead bodies, parts of the environment, the flag in Capture the FlagCapture the flag
Capture the Flag is a traditional outdoor sport generally played by children, where two teams each have a flag and the objective is to capture the other team's flag, located at the team's "base," and bring it safely back to their own base...
, or at team mates after switching teams.
Color aimbots work by scanning the entire or parts of the players screen for the selected RGB value. Once a pixel of the color is detected the aimbot will move the players mouse cursor to that pixel. As such, color aimbots need more system resources than a standard aimbot.
There are versions that scan a smaller area around the players sight and activates this scan when the player presses a button. This type of color aimbot does not require as much resources and is much harder to spot. It does require more effort on the part of users because they have to aim at least somewhat in the correct direction.
Color aimbots are very inaccurate because most FPS games include different visual lighting effects which can distort the color.
Graphics driver-based aimbots
Another type are graphic driverDevice driver
In computing, a device driver or software driver is a computer program allowing higher-level computer programs to interact with a hardware device....
-based aimbots. These types of hacks hijack the current API
Application programming interface
An application programming interface is a source code based specification intended to be used as an interface by software components to communicate with each other...
, such as DirectX or OpenGL, which render a game's graphics to the screen, and use the data gathered to locate players and other objects, for example by counting the number of polygons of player models. Once a player has been identified and tagged as the target, a series of calculations are performed to take the three dimensional location of a single coordinate within this model and convert it to a two dimensional set of coordinates. This pair of x- and y-values is then used in conjunction with some input API to move the cursor to the specified location, thus causing the player to aim at the target. Graphics driver aimbots are common in closed-source games, because it is not necessary to have the game sourcecode to write them.
Client hook-based aimbots
Client hook aimbots work by patching either the game executable on the hard disk, or by directly patching the instruction cache. Patching allows for redirection of the program execution flow, which allows to modify program behaviour, such as removing recoil, making players behind walls visible or predicting and drawing weapon projectile trajectories. Patching is accomplished by injecting a shared library ('so' on Linux, 'dll' on Windows, 'dylib' on Mac) in a running process. On Windows, one usually has to do this by DLL injection, ordinarily with CreateRemoteProcess or SETDLL, while on Linux/UNIX (including Wine), it is possible to use LD_PRELOAD (on Mac DYLD_INSERT_LIBRARY) to load a shared library into a process.StoogeBot
First and certainly the most enduring example of an aimbot was the Stanford StoogeBot, a proxy-based system for the game Quake written by students at Stanford University
Stanford University
The Leland Stanford Junior University, commonly referred to as Stanford University or Stanford, is a private research university on an campus located near Palo Alto, California. It is situated in the northwestern Santa Clara Valley on the San Francisco Peninsula, approximately northwest of San...
. The StoogeBot featured a number of different modes (each of which implemented a different strategy), named after members of The Three Stooges. The StoogeBot's operator (known as the "driver") used an unmodified Quake client, and moved around the game world as normal, picking up equipment and pursuing (or, in theory, fleeing from) adversaries. Rather than being connected directly to the Quake server, the driver's client connected to a custom proxy on which the StoogeBot code ran, a man-in-the-middle attack
Man-in-the-middle attack
In cryptography, the man-in-the-middle attack , bucket-brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other...
. The driver's movement commands were passed through unaffected, but the StoogeBot assumed responsibility for selecting, targeting, and firing weapons. As Quake's network protocol allowed clients (and thus the StoogeBot) to know the positions of players even when they were obscured by scenery, the StoogeBot had the uncanny ability to shoot players moments after they emerged into view (even with slow-moving weapons such as rockets).
The driver's view didn't turn to match the StoogeBot's inhuman aim, instead behaving as if the StoogeBot wasn't present. The StoogeBot's operation was entirely automatic, and it made no attempt to hide its superhuman prowess. Indeed, it announced its presence (in an in-game chat message) and altered the player's name (as sent to the game server) to include the prefix "SBOT*", and its authors didn't release the source to their program knowing unscrupulous users would immediately remove this protection. The StoogeBot's skills were so blatant and made games so one-sided that when hacked StoogeBots (which didn't announce themselves) became available, their use remained glaringly obvious.