How to bot RuneScape?

On 25 October 2011 at 2:37 PM GMT, an update code-named ClusterFlutterer, also known as "Bot Nuking Day", or simply "Nuke Day" was implemented aimed at preventing reflection and injection bots from functioning. Jagex believes that this consists of 98% of all bots seen in the game. Also, upon revealing ClusterFlutterer, Jagex stated that over 1.5 million bots had been recently banned. Due to the complex nature of the game update, the update was finished 2 hours and 37 minutes after the countdown timer reached 0, resulting in the game being offline for approximately 1 hour and 7 minutes while Jagex updated and tested their systems.

To celebrate, Jagex had created the following events:

* Indicates that the D&D will be reset on the day if already done for the week. Players can spy on all penguins on the day they reset (Wednesday), and then again on Thursday, which will give them double points. This will give them a maximum potential of 57 points in 2 days (19 on Wednesday and 38 on Thursday due to double points). This is two points below the maximum cap of 50.

How most bots worked

Injection and reflection bots work in similar ways, however they use different methods to accomplish this.

Injection bots inject into the RuneScape applet, reading the game's code directly to determine what is what. Reflection bots create a mirror image of the RuneScape applet by accessing the loaded classes and then read the code of the "reflected" copy, without injecting any code - considered to be much harder to detect than injection but - if done right - both are completely undetectable. Most bots, such as RSBuddy (now EOL) or RSBot, used both injection and reflection to be able to gather as much data as possible. A custom-engineered game client is used to run the bot, rather than through a web browser with Jagex's official client (as is done with most colour-based bots). This allows the game to be slightly modified, making it listen to fake mouse - or key events (allowing you to play other games while using the bot) and to disable direct system access (say: faking runtime information) to mislead Jagex's servers.

The fact that the bots both read the game's actual code, rather than looking at the screen (colour bot) make it very easy for them to complete random events - for example, instead of trying to identify the correct spinning object visually with shapes and colours, the bot simply sees a few sets of numbers, called IDs - unique numbers used by the game to identify every individual entity in the RuneScape world - and picks the one ID that matches the correct answer.