Project1999 Green & /List information

1. Installing ShowEQ For Project1999 in 2020
2. Getting traffic to your ShowEQ system
3. Understanding Project1999 Protections
4. Decrypting Project1999 Spawns
5. Project1999 Green and /List information (you are here)

Welcome back to the 5th part of our series about using ShowEQ on Project1999 in the year 2020. A lot has changed since our last update so we’re looking to update people on the current-state of technology and some clever work-around for modern issues.

First and foremost, ShowEQ is alive and well and works on Project1999 Green. There have been no significant changes to the networking libraries used by Project1999’s custom DLL ‘dsetup.dll’ as of the time of writing (v53). Anecdotally, we believe that usage of ShowEQ on Green is fairly low, based on frequently observed scenarios of rare and/or highly-sought after mobs running around in well populated zones, unscathed.

Getting ShowEQ to work on 2020 Linux (libpcap fix)

As an update to our own personal never-ending-quest to keep ShowEQ running on modern Linux distributions, there is a slight modification you will need to make to ensure everything works in 2020. Updates and deprecations to the libpcap library affected previously used code for reading live packets. If you are affected by this issue then the packets will appear to come in laggy “bursts” instead of naturally as they occur.

To fix this issue you will need to update the “src/packetcapture.cpp” file to use non-deprecated functions in libpcap. Specifically the old method for reading an interface was simply to use the following command:

m_pcache_pcap = pcap_open_live((char *) device, BUFSIZ, true, 0, ebuf);

The “pcap_open_live” function has been deprecated in modern versions of Linux. The fix is to leverage the new functions (with proper error checking) to create a new capture device and set it to immediate mode. We re-used a publicly available example set posted on CodeBlurbs which worked as a perfect drop-in replacement. Once you add the “CreatePcapForInterface” function, you just need to simply change the above live to:

m_pcache_pcap = CreatePcapForInterface((char *) device);

and your ShowEQ will function like it’s 1999 all over again.

Go /List Yourself

With the creation of Green has come another piece of homegrown functionality, the “list” function. The “list” capability was developed bespoke by the Project1999 staff as a solution to potential issues with highly sought-after legacy items. The solution was to create a standard FIFO (first-in first-out) list waiting mechanism to ensure that whoever spent the most time at a certain legacy-item camp, would receive the item before any other player. Specifics about the “/list” capability are as follow:

• You must meet the level requests of the /list. As of the time of writing that is lvl25 for Journeyman’s Boots, and lvl35 for everything else.
• You must be within a defined distance to join the /list (this distance is said to be item-specific).
• You must remain in a defined distance to stay on the /list. Leaving this area, either simply walking outside of the area, zoning, camping, LD, dieing etc. gives you a 900 second timer to return.
• You must answer automatic “randomized” AFK checks every 8 minutes (+/- 2 minutes).
• There are two types of AFK checks. A simple “OK” dialog prompt and a “captcha” based prompt that requires you to type in a number displayed and then press “OK”.
• You will be de-listed if you do not perform an AFK check by the time of the second AFK check. Aka, if the server demands an AFK check and you already have a previous AFK check window open/unanswered.
• Once an item drops, you will move one position down the list. If you are in the first position, you will have sole rights to loot the item.
• Once you loot an item you are “locked out” of the list functionality for that item. This lockout period is listed on the website as a week, but in reality it is either a month, or until the server resets, or item specific.

In general, we believe that the “/list” functionality was a large improvement over what the reality of the situation would have been without it. Specifically, large guilds monopolizing the spawns and drops, and shutting out individual players.

That being said, waiting on a list has turned into an unmanageable nightmare for many individuals looking for personally obtain legacy items. Frequent randomized AFK checks, while a necessary evil, also prevents users (some of whom are hours away from obtaining an item) from safely leaving their computer for more than 12 minutes. We believe that this is unfair and promotes general unwellness among individuals and the community. In addition, through “soft” and “hard” bypasses employed by players, these disadvantages disproportionately affect individual, casual players.

Dumb hacks against the /list

It doesn’t take being a coding expert or reverse engineer to deploy very practical attacks against the /list functionality. The most common “dumb” hack against the list is simply sharing your account information with another person. This is neither against the general server rules or specifically mentioned against the /list rules. Remember as identified above, simply logging off or going LD does not remove an individual from the list. Many individuals who have camped the legacy items have openly admitted to sharing accounts with guild members, friends, or relatives.

Chrome Remote Desktop allows you to control a Windows PC on your phone

Another “dumb” hack is the use of screen sharing software to share access without providing your account credentials. Popularly available enterprise screen sharing software such as TeamViewer, RemoteConnect, Google Remote Desktop, and LogMeIn have all been confirmed as compatible with Project1999. Some of these applications allow multiple people to control the screen, enabling groups to manage multiple accounts simultaneously running waiting on the list.

Again, the only players not-benefiting from this scheme are individual/casual players.

ShowEQ solutions

We spent a couple of days reversing the /list functionality and observing /list traffic and identified some interesting patterns. The most useful takeaways that we identified were as follow:

• The time of an AFK check is determined by the server, not “dsetup.dll”
• The type of AFK check you perform is determined by “dsetup.dll”

As the server determines the time of the AFK check, there must be an instruction sent by the server to the client to initiate the check. The AFK check request is sent from the server with the OPCODE x1253. The first bytes represents the command. If it’s a message from the client to the server and the byte is “1”, then it’s a list position request. If the message is from the server to the client and the byte is “2”, then it’s an AFK check request. The most simple modification to add here an mp3 to play to make a real-time notification of AFK checks. This allows you to have greater freedom in moving around your house and multi-tasking while on the list.

The following psuedo-code identifies AFK checks and plays notifications when they occur:

if opcode == 0x1253:
      command_type = payload[0]
      if command_type == 2:
            print("AFK Check Initiated")
            playSong(notification)

Unfortunately, as ShowEQ is a passive solution, actually providing automated AFK checks is outside of the traditional code-base, however, this didn’t stop us from making our own AFK clicker.

Beyond ShowEQ, Introducing PatientMan v1

Until this time, personally, we have been fairly opposed to leveraging technologies that “actively” affect the EverQuest game. We do not supporting boxing or creating bots to automatically play the game for us. In addition leveraging “active” technologies introduces the ability to be detected and banned. That being said, with the requirements of the /list forcing players to either operate in a grey area or harm their personal well-being, we decided to make an exception in order to balance the field for casual players.

Automatically performing AFK checks is very simple in it’s current state, and we were certain others had come to this conclusion already. We met many players who seemingly hadn’t moved in several hours while waiting, which highly suggested foul play.

To perform AFK checks, one needs to simply needs to either click button or type in a value and then click a button. For simplicity’s sake, we’ll call them the “Standard” AFK check and the “Difficult” AFK check.

With the standard AFK check, all you need to do is click a button.

Standard AFK Check

With the difficult AFK check, you will need to type a special command including a random four digit number (blurred out) and then press the OK button.

Difficult AFK Check

A simple algorithm might look like this:

1. Take a screenshot and look for an AFK check every 30 seconds.
2. Determine which type of AFK check.
3. If its the simple AFK check, then press the “OK” button.
4. If it’s the difficult AFK check, parse the screenshot for the number. Type in the number, then press the “OK” button.
5. Take another screenshot to verify the AFK message went away.

Depending on which programming language you use, you will find many libraries for automatically controlling the mouse, keyboard, and taking screenshots. For instance, we leveraged Python’s PyAutoGui library to completely solve the “Standard” AFK check in five lines of code. The only preparation you’ll need to do is save a copy of the cropped out “OK” button so that it can be supplied as an input.

#Take a Screenshot
screen = pyautogui.screenshot()
#Find the OK button
ok_location = pyautogui.locateOnScreen('ok.png')
#Find the center of the OK button
center = pyautogui.center(ok_location)
#Move the mouse over the OK button
pyautogui.moveTo(center)
#Click it
pyautogui.click()

Solving the “Difficult” AFK check is a little bit more involved. You will need to parse the screenshot with OCR (Optical Character Recognition) to identify the numbers in the AFK check. And move the mouse over to the chat window so you can type that value in.

Similar solution using Tesseract OCR

For this we used the open-source OCR solution Tesseract. Tesseract is sponsored by Google, has builds for Windows and Linux, and works relatively fast and offline. Using the Tesseract software, we can parse the screen for the “by typing /list afk ####”, extract this value, and type it into the chat box. Once we perform that, we simply use the above code to click the “OK” box again.

Example of solving the “Difficult” AFK check

Automatically typing the code back into the screen can be performed using the same library and mouse moving functions. PatientMan has been tested numerous times and allows full AFK camping capabilities. One individual using PatientMan reported successfully napping for 2 hours during a 50 hour long camp.

We believe in the utility to greater enable individuals to take breaks during arduous legacy item camps and not as a solution for farming items. We hope these simple solutions helps you more enjoy your Project1999 experience.

See you in Norrath. Get some sleep.