|This article does not cite any references or sources. (April 2012)|
An aimbot is a type of computer game bot used in first-person shooter games to provide varying levels of target acquisition assistance to the player. It is sometimes incorporated as a feature of a game (where it is usually called "auto-aim" or "aiming assist"). However, making the aim-bot more powerful in multiplayer games is considered cheating, as it gives the user an advantage over unaided players.
Aimbots have varying levels of effectiveness. Some aimbots can do all of the aiming and shooting, requiring the user to move into a position where the opponents are visible; this level of automation usually makes it difficult to hide an aimbot—for example, the player might make inhumanly fast turns that always end with his or her crosshairs targeting an opponent's head. Numerous anti-cheat mechanisms have been employed by companies such as Valve to prevent their use and avoid the accusations.
Some games have "auto-aim" or "aim assist" as an option in the game. This is usually a weaker aimbot, as its purpose is to make a game more accessible for less skilled players rather than to cheat in an online game. Auto aim also sometimes helps the user to aim by slowing the movement of 'looking/aiming' while the crosshair is on or near a target or slightly helping the player by moving the aiming to the player for a better shot. This is not to be confused with "bullet magnetism", which curves bullets in mid-air towards a target as opposed to moving the crosshair towards one.
Color aimbots are terrible and easy methods to cheating – they can work in any game that supports colored models. As color aimbots don't hook the game or modify any file, most anti-cheats don't detect them. Despite being lower in performance than hooking aimbots, color aimbots are fast enough to be used as cheats. They however have disadvantages – because the detection is purely color-coded, the aimbot may aim at textures that contain the color, at dead bodies, parts of the environment, or even at team mates after switching teams, but usually just requires you to hit a specific key when you switch teams, for it to switch colors.
Color aimbots work by scanning the entire or parts of the player's screen for the selected color value. Once a pixel of the color is detected the aimbot will move the player's mouse cursor to that pixel. As such, color aimbots need more system resources than a standard aimbot.
There are versions that scan a smaller area around the player's sight and activate this scan when the player presses a button. This type of color aimbot does not require as much resources and is much harder to spot. It does require more effort on the part of users because they have to aim at least somewhat in the correct direction.
Color aimbots are often very inaccurate because most FPS games include different visual lighting effects which can distort the color. But, if it's done right meaning if it uses a color distance-algorithm it may work even though the colors are distorted, the algorithm will check if the color is within a given range of tolerance, this may require a different color space then RGB, often used is LAB, or HSB. If it's just a change in the colors brightness the aimbot can easily use the RGB-color space, and check if it's the same color only darker or brighter.
Graphics driver-based aimbots
Another type are graphic driver-based aimbots. These types of hacks hijack the current API, such as DirectX or OpenGL, which render a game's graphics to the screen, and use the data gathered to locate players and other objects, for example by counting the number of polygons of player models. Once a player has been identified and tagged as the target, a series of calculations are performed to take the three dimensional location of a single coordinate within this model and convert it to a two dimensional set of coordinates. This pair of x- and y-values is then used in conjunction with some input API to move the cursor to the specified location, thus causing the player to aim at the target. Graphics driver aimbots are common in closed-source games, because it is not necessary to have the game sourcecode to write them.
Client hook-based aimbots
Client hook aimbots work by patching either the game executable on the hard disk, or by directly patching the instruction cache. Patching allows for redirection of the program execution flow, which allows to modify program behaviour, such as removing recoil, making players behind walls visible or predicting and drawing weapon projectile trajectories. Patching is accomplished by injecting a shared library ('so' on Linux, 'dll' on Windows, 'dylib' on Mac) in a running process. On Windows, one usually has to do this by DLL injection, ordinarily with CreateRemoteProcess or SETDLL, while on Linux/UNIX (including Wine), it is possible to use LD_PRELOAD (on Mac DYLD_INSERT_LIBRARY) to load a shared library into a process.