Making an os and game agnostic Aimbot: Motivation and Challenges
I made aim.js because kernel-level anti-cheats are terrible and openai's operator costs a kidney. Freely available @ https://github.com/shubin123/aim.js
Features:
I want to say a bit about this at the start so everything else in this blog post is clear.
Fully offline – Once the model and JavaScript are downloaded, everything runs in your browser without an internet connection.
OS agnostic – Works on both your phone and PC.
Semi-install/build-less – No need for python or node (though you’ll need a micro-controller for full functionality which does need a bit of installation).
Instead of software-based cursor manipulation, I use a Raspberry Pi Pico as a USB HID mouse. This means kernel anti-cheats can’t scan for it.
Freely available @ https://github.com/shubin123/aim.js
Demo @ https://shubinwang.com/detect
Motivation:
As indicated in the sub-title, I wanted create this project for two main reasons.
Firstly, kernel level anticheat used in games such as Valorant has the ability to scan and interact with pratically all userspace. The only solution to this I see is to use server-side validation ONLY. By bypassing kernel anticheat (KA) completely I hope to encourage or atleast bring up the possibility that (KA) should be abandoned.
Secondly, with the advent of OpenAi’s “operator” I wanted to achieve something simillar but not with existing DOM manipulation based techniques (no puppeteer, selenium…).
Lastly, I hope to share this journey such that others may find some interest and entertainment or better yet use and adapt this project for themselves!
Challenges:
Object Detection:
The first part of this project was getting a fast enough object detector that will run on wasm/webgl/wegpu or with some web runtime. This is neccessary because the user should be running this on a smartphone such that no (KA) detection is possible. I first tried to do this a while back with yolo (You Only Look Once) object detection and segmentation models when I was making an apple identifier/classifier. It didn’t really fit the needs for that project (and I couldnt produce any sane outputs) so I moved on knowing that an object detection based model could really be powerful for autonomous interface manipulation.
More recently I did some digging and found that open-source ai aimbot exists and in the case of https://github.com/RootKit-Org/AI-Aimbot uses YOLO. But since their project uses python and the windows api which means users have to install (pain) and run stuff on the machine with (KA). Another project that heavily inspired me was https://github.com/Hyuto/yolov8-onnxruntime-web. Hyuto was able to figure out what I couldnt with my earlier (classifier) project and since then I had gained some familiarity with the onnx runtime. So the basis of early the version of this project fundamentally dependent on his code. I did however, have to add the video functionality (Which i later found out was a PR on his repo just wasted time on my part lol). However, now the problem arose, I was getting almost less than a frame per second!
To optomize to atleast a few frames per second I made changes to how use the webgpu backend for the runtime cutting frame time by an order of magnitude on my machine with (gtx1080ti). On its own this wasnt too difficult just a flag change when initializing the runtime backend. However, after making sure the tokens in and tokens out were the same as with cpu (wasm backend) still nothing rendered! Two days of fustration later, turns out after switching to gpu the render function had to be made async with requestAnimationFrame() to act as fencing.
Thought that was it? no all that work turned out to be unproductive since I found a even faster object detector. Although less accurate, google’s mediapipe object detector cutdown another 5-10 ms per frame. So I had to make the switch once again this time to a efficentDet and tensorflow.js runtime. But now I atleast have a fallback (to yolo and onnx) IF google for some reason decides that their preview software should be no longer open source.
To be clear, every version of this project from the beginning to now has stayed offline, os agnostic, and this object detection portion means never needs installation.
Mouse Control:
This portion of the project was alot more straightforward. I had previously done some testing with rubber ducky’s and was familliar enough with the arduino ide to create a mouse jacker in less than a few hours. However, It does not imply there was no pain in developing this. But there was still a key challenge that isnt yet fully solved.
Firstly, I should say that I havn’t used this project to actually cheat in a video game. When I do it will start with my own game. But even If I wanted to it wont work right now. This is because I havn’t implemented a smarter mouse move system. So a future mode will assume the cursor is locked in middle we can move it relatively depending on last and/or closest bounding box to the center of screen.
cursor manipulation for the web “operator-like”:
I will figure out the aimbot first and move to work on this. I would like to have jail(8) on browsers first though LOL. So maybe this wont ever happen. to be clear better and more browser sandboxing wouldnt be enough. A mis-input may result in catastrophe if this project was promising full computer / browser based manipulation. So more consideration to be done for sure.
Thanks for reading & Looking for Feedback!
I’d love to hear what you think about aim.js—whether it’s about performance, detection evasion, or alternative implementations. Let me know your thoughts!
ps: AIM in this case stands for Autonomous Interface Manipulation.
Latest Version
Past version after webgpu was enabled (still using onnxruntime):
Earliest version with video feed (no webgpu… slow):
More resources:
This public google drive folder contains full footage of all versions:
https://drive.google.com/drive/folders/1maNNWrxxvwn5DcXNAzSGtpTu_9HfraUR?usp=sharing
This folder contains yolo models used by the earlier version (you'll need the nms-yolov8.onnx model and one yolov8(n/s/m/l/x) model).
https://drive.google.com/drive/folders/1EP1JI2eD_AjzpK2Fxo-nZ0RQ2v3tCPKg