So this one is kind of interesting. I was curious about the information that my client was sending to Blizzard so I ran a packet sniffer with in about a minute I got DCed, I was not running HB at the time as I was trying to compare data. I logged back in did this again same thing about 45 seconds into letting the sniffer do its thing DC again. I log back in a third time and I don't let it run, Everything is fine. I went did some PvP farmed a little and did an instance (all without HB). So I decided to let the sniffer run again only this time I opened HB and ran it as combat bot (pretty much all I use it for now). 2 mins later DC and banned, no email and they will not respond to my tickets and the guy on live chat said " they were looking to why my account is banned". The interesting part. My sniffers info is kind vague but it did return some strange information. one of the bits along with some random garbage says "Spell cast = Serpent Sting; Key press 0" followed by one of them saying "spell cast = Feign Death; Key press Z" ( I had to manually spam FD because I had pulled agro in the instance). This information didn't look like it was coming from WOW but another program. I'm thinking Blizzard might have a way to tell now if your keys are actually being pressed based on this other programs information. I'm still working through the garbage because there is a ton of it. But I thought I would share for now.
I think blizzard has finally found a way to combat against honorbuddy. Time for HB to make some changes.
***UPDATE*** I got an email this morning lifting the ban. This is the latest response from Customer Support: Hello, and thank you for contacting the Blizzard Support department! After reviewing the account it was determined that there were no violations made via this account. going to call them in the morning to see what prompted
What were you using to do the sniffing? Can you post the full capture or at the bare minimum post the destination address of those packets. I doubt this was the unaltered packets coming from wow.exe as: 1.) the traffic is encrypted and 2.) they wouldn't send that information (in a string like that) via such a verbose/wasteful (and easily detected/modified) method. They would just send the SpellID and (possibly) the Keyboard KeyCode. I'd love some more information as I'm on the fence about starting to bot again since the ban wave.
I just wanted to leave this here :: WotLK Beta patch notes and other news Macros and key bindings are now saved server-side so there is no longer a need to reconfigure them when logging in using another computer.
