EQ TLP - Vaniki (Level-Locked Progression)

  • Guest, it's time once again for the massively important and exciting FoH Asshat Tournament!



    Go here and give us your nominations!
    Who's been the biggest Asshat in the last year? Give us your worst ones!

Zaide

TLP Idealist
3,907
4,752
suspended on vaniki for 2 accounts for "Cheating"...

I use myseq on 1 computer, not on the other. I use mqnext on both computers. i modified mqnext to include the vaniki server id to use mqnext on a TLP.

so how did daybreak catch me? went for a year on mischief with no problems (and back then all I did was comment out the /unload mqnext does when an invalid server id is found).
They detect MQN and suspend a random # of accounts flagged for its use when they do these waves. A while back a leaker showed that a dev in one of the live guilds showed his guild leader who all in the guild was using MQ to include sending him the full file path including their windows usernames. They have a lot more info than you might guess.

Yes that means they may be sharing your PII with their friends outside the company.
 
  • 1Like
Reactions: 1 user

Mrniceguy

Trakanon Raider
740
413
Every time they do a new TLP like a month after the server is out they do a "ban-wave" more like a suspension wave.

They know who is cheating they just don't do shit about it.
 

your_mum

Trakanon Raider
283
161
From my understanding that detection is from macroquest2 that eqmule put in to send info to DBG, and that was one of the main reasons mqnext was made

I don't believe mqnext does anything like that, so you may be referring to that mq2 detection concept zaide.

I'm not saying they don't have a hack detection process that scans the programs running on my machine, or dont have the ability to detect injections within eqgame.exe - I've just never heard of that from eqlive (definitely have on eqemu/p99). However, I've used mq, mq2, mqnext, myseq since 2005 and never once was banned for it. (Even used to warp and ghost kill.)

So S Secrets how are they detecting mqnext? Is it because I don't understand something in mqnext source that is disabled since they do not support TLP? I use a valid ServerID (I don't just comment out the /unload).
 

Ikkan

Molten Core Raider
278
412
I had 7 accounts I was playing on Vaniki suspended, but to be fair I actually was cheating.
 
  • 8Worf
  • 2Solidarity
  • 1Like
Reactions: 10 users

Zaide

TLP Idealist
3,907
4,752
From my understanding that detection is from macroquest2 that eqmule put in to send info to DBG, and that was one of the main reasons mqnext was made

I don't believe mqnext does anything like that, so you may be referring to that mq2 detection concept zaide.

I'm not saying they don't have a hack detection process that scans the programs running on my machine, or dont have the ability to detect injections within eqgame.exe - I've just never heard of that from eqlive (definitely have on eqemu/p99). However, I've used mq, mq2, mqnext, myseq since 2005 and never once was banned for it. (Even used to warp and ghost kill.)

So S Secrets how are they detecting mqnext? Is it because I don't understand something in mqnext source that is disabled since they do not support TLP? I use a valid ServerID (I don't just comment out the /unload).
I’m not. MQ use was detectable long before Mule made it use in game mail that no one reads. It’s still detectable now as MQN. It’s open source so the devs have plenty of time to work with it.

04436C63-791D-428A-99FC-CF1D6920FEA7.jpeg
4FF02D74-ABEA-40F2-9933-384B7B128235.jpeg
 
  • 1Worf
Reactions: 1 user

your_mum

Trakanon Raider
283
161
To be fair you are showing evidence of mq2 from redguides which had eqmules bullshit in it at the time.

I don't doubt that it can be detected, I've just never heard of DBG using the normal processes of detecting hacks (scanning user's processes or detecting memory injections). From my understanding they aren't doing that, but maybe I'm wrong so I'm looking for the actual way mqnext is detected (which does not have the eqmule snitching component).

There are people who use mqnext (and a different version of mq2) that have never been banned, so I'm just trying to get some hints in that area - but I don't expect any because people make businesses out of it.
 

Secrets

ResetEra Staff Member
1,900
1,914
From my understanding that detection is from macroquest2 that eqmule put in to send info to DBG, and that was one of the main reasons mqnext was made

I don't believe mqnext does anything like that, so you may be referring to that mq2 detection concept zaide.

I'm not saying they don't have a hack detection process that scans the programs running on my machine, or dont have the ability to detect injections within eqgame.exe - I've just never heard of that from eqlive (definitely have on eqemu/p99). However, I've used mq, mq2, mqnext, myseq since 2005 and never once was banned for it. (Even used to warp and ghost kill.)

So S Secrets how are they detecting mqnext? Is it because I don't understand something in mqnext source that is disabled since they do not support TLP? I use a valid ServerID (I don't just comment out the /unload).
They're using this function, and K32EnumProcesses You can load IDA, search for K32EnumProcessModules (the string) and find it.

On login, they send a bit-shifted list of processes and module names that are disallowed. MQ2 normally excludes itself from this list, but the Launchpad.exe sends the same information to their servers and MQ2 does not hook into that. If your process (exe) or module (dll) is in the blacklist, your client will flag you for MQ2 usage and notify the server.

You can see this packet be sent every time you log in, though it's sent bit-shifted.

MQ2 currently does not exclude other cheat programs, such as server.exe and MySEQ.exe from that list, and it's only the executable or dll module name that they check presently. The list can be updated at any time on the server. It's fairly safe to say that MySEQ.exe is the only thing that could've flagged a lot of folks lately, or if you had MacroQuest2.exe running at the same time as the Launchpad.exe application.

Thus, if you were to erase all info about a MQ2 DLL being injected from the PEB, and not have MacroQuest2.exe loaded at all, you would evade Launchpad detection as long as you ran the client standalone on the PC your launch it from. Doing so would also raise suspicions, because they can track what PCs you haven't logged into the Launchpad with using their 3-step HWID process.

They iterate through every process on your PC that your user account has access to. Thus, you could theoretically hide MySEQ.exe and server.exe by using it on another Windows account with higher privilege. It'd be impossible to 'test to make sure that's working' unless you called the function yourself (you could write a MQ2 plugin to do that without being logged in) and test to see if the 'crc' matches the program you're trying to hide.

This same setup is present in other SOE games and is identical across the games in question.

So they have updated a few things since then - this being one of them.
They've also put a few layers of protection in other functions that MQNext has already bypassed in 2015, and has bypassed for years. But they've also done more to detect, and it's mostly done because the average MQ2 user can't help themselves and will warp, hack, or box on truebox if they absolutely want to - and they don't particularly care and are brazen about doing so because they are there to make money off of the game. Very few have personal enjoyment doing box armies, actually.
 
Last edited:
  • 5Like
Reactions: 4 users

Tuco

I got Tuco'd!
<Gold Donor>
47,510
81,258
To be fair you are showing evidence of mq2 from redguides which had eqmules bullshit in it at the time.

I don't doubt that it can be detected, I've just never heard of DBG using the normal processes of detecting hacks (scanning user's processes or detecting memory injections). From my understanding they aren't doing that, but maybe I'm wrong so I'm looking for the actual way mqnext is detected (which does not have the eqmule snitching component).

There are people who use mqnext (and a different version of mq2) that have never been banned, so I'm just trying to get some hints in that area - but I don't expect any because people make businesses out of it.
DPG is so disorganized trying to suss out their detection capabilities from their actions is impossible. They've ramped up their actions against macroquest users this year, so if you use any form of the kind of mq capabilities you're at risk and cheating in their eyes.
 

Rajaah

Honorable Member
<Gold Donor>
12,559
16,599
We lost some people on Yelinak also who made ECtunnel purchases. One got 7 days for buying Kr and another just lost a character he bought yesterday.

Hearing Taxman got hit and lost all his accounts but not sure for how long.

Damn, I didn't even know they went after people for ECTunnel krono purchases. How would they even find out? Sting operations with an undercover GM posing as a seller?
 

Rajaah

Honorable Member
<Gold Donor>
12,559
16,599
Looks like the exp bonus is going to last until the 8th, if I'm not mistaken, and the level 55 raise on Vaniki is the 6th. So it should be a snap to get 55 and some AAs for people who plow through on Weds/Thurs. Then again, aside from tanks needing CA/CS/HP, and general bleeding edge players, most normies can just wait two weeks and get the AAs granted at the 60 unlock.

There's some debate about whether any AAs will be autogranted on the 55 unlock. I maintain that none will until the level 60 unlock (which should give both SoL and PoP AAs). However I've had a bunch of people argue with me that we're getting SoL AAs automatically. Not sure how they figure, but maybe I'm the one who's wrong.

There are a few GoD AAs available at 55 and for people who aren't bleeding edge / raid tanks, it might make more sense to go for the GoD AAs first since they won't be part of the autogrant two weeks later.

Edit: Changed a "55" typo to "60"
 
Last edited:

Ecko

Trakanon Raider
72
8
Luclin AA's get auto granted with DoDh, so they won't get auto granted until level 60 is unlocked and PoR etc, as far as I understand it.

So will get some at 55 in about 4 weeks or so, but none on wednesday. I will eat a gnome on wednesday if i'm wrong!!

Since my playtime is getting low and that i want to do something completely different to tanking/healing which i always do on raids, switching to my Necro as my main. Might do one box with him as I also want to box less, thinking a druid would be a good box, but honestly don't know what, if anything, would be best.
 
Last edited:

DickTrickle

Definitely NOT Furor Planedefiler
13,411
15,576
People hear one little tidbit, often wrong, and spread it as if it was firsthand gospel.
 
  • 2Like
Reactions: 1 users

Sieger

Trakanon Raider
343
395
Funny as it is to hear the rumors on the grapevine, Reese and I are not killing raid bosses by ourselves or megaboxing. We have a crew of 10 people who have done TLPs since 2015, including a lot of Faceless Selo people and a few people from Phinigel. Each person boxes a few characters, we have 5 six boxers, the rest box 2-3ish each. We have a lot of enchanters and clerics and we are built around being able to chain stun targets and we geared our tanks up in GoD, ChardokB, Veksar etc at level 40 when other people were inexplicably spending time farming Emperor and VT keys.

Our group isn't really setup to do some of the server achievements so we had intended to try and raid with one of the guilds on the server but none were a great fit schedule wise, so we partner with a group of ~40 players who are from EQ Live for some of the achievement fights where our box crew isn't viable on its own.
 
  • 1Like
Reactions: 1 user

Mrniceguy

Trakanon Raider
740
413
Anyone test if you can get rewards by killing mobs after the level cap is raised, but while you're still 40 ect?