Forum Settings
       
« Previous 1 2 3
Reply To Thread

New Hack FoundFollow

#1 Oct 07 2013 at 6:39 AM Rating: Excellent
**
589 posts
http://imgur.com/ZFoP48s

This has been reported on Reddit today and I noticed the JP server list couldn't be loaded this morning (6AM EU time - I like to do the supply run missions before work) and a couple of hours later the NA/EU servers were reported as being down, not sure if it was to fix this, but that seems to be what people are thinking.

Mental. O.o
#2 Oct 07 2013 at 6:49 AM Rating: Excellent
Avatar
*
144 posts
Woah! Calling that a hack or an exploit is a BIG understatement! Anyone dumb enough to take advantage of such a hack (or ANY hack) deserves to be permabanned immediately. It is simply mind-boggling that anyone could be dumb enough to use it.
____________________________
Primary World: Hyperion
Free Company: Jormungandr
Legacy Member
Main Character: Fialas Dawnren: Level 60 BRD/AST/MNK/DoL, Level 16-50 On Everything Else
#3 Oct 07 2013 at 6:54 AM Rating: Good
**
589 posts
It's crazy isn't it? A lot of people on the two Reddit threads are saying they got kicked from their servers around the same time earlier today, but I see nothing on the Lodestone about this (so I'm a bit more skeptical now). I wonder how vulnerable the game code is in light of this, could it get worse over time?
#4 Oct 07 2013 at 7:00 AM Rating: Default
**
320 posts
Well with how quickly movement and teleport hacks came to this game, it seems there's far too much trust in the client right now, and this hack is also exactly that. It does not bode well, that's for sure, but we can only wait and see.
#5 Oct 07 2013 at 7:02 AM Rating: Excellent
***
1,208 posts
Looks like RMT have been busy this time around finding ways to exploit the game by reprogramming the game code.
#6 Oct 07 2013 at 7:18 AM Rating: Decent
Scholar
****
4,511 posts
Wow... I dont have any other words for this...

I can understand this is how they're level 50'ing everything. And that their offer to "PL from 1 to 50" is basicly them hacking the game in this fashion.

But what i dont understand is, why do it in such a public space where EVERYONE can see?

They must be really intelligent to pull off such an exploit and spoofing the server into thinking they're leveling up. But at the same time so incredibly dumb to just let everyone see. It just doesnt add up.
____________________________
[XI] Surivere of Valefor
[XIV] Sir Surian Bedivere of Behemoth
http://na.finalfantasyxiv.com/lodestone/character/2401553/
#7 Oct 07 2013 at 7:39 AM Rating: Good
*
129 posts
That's pretty amazing. I'm curious as to how they did it. Not to do it myself but it's kinda like... wanting to know how a magic trick was done. Doesn't mean you're going to up and become a magician the next day. Clever bastards.
#8 Oct 07 2013 at 7:55 AM Rating: Decent
Wouldn't surprise me if this has been happening for a while and its just now that someone messed up and started the wrong script. From the chat log, it looks like it took less than 30 seconds to happen (esp. the "WTF" comment), so the damage would have already been done even if they had a way to stop it.

As for how it was done, it was most likely some kind of data spoofing. It isn't surprising that this could happen, as the only way to have completely sterile communication between the client program (what you play) and the servers is to have the client be a game steaming service, which would be an infrastructure nightmare to manage for an MMO.
#9REDACTED, Posted: Oct 07 2013 at 7:56 AM, Rating: Sub-Default, (Expand Post) So another 2 years until ffxiv 3.0? To me this would justify a full wipe because I have seen many people doing this. I really wish SE could just do things right I was enjoying this game but not going to pay them for this kind of product.
#10 Oct 07 2013 at 7:59 AM Rating: Excellent
KojiroSoma wrote:
Wow... I dont have any other words for this...

I can understand this is how they're level 50'ing everything. And that their offer to "PL from 1 to 50" is basicly them hacking the game in this fashion.

But what i dont understand is, why do it in such a public space where EVERYONE can see?

They must be really intelligent to pull off such an exploit and spoofing the server into thinking they're leveling up. But at the same time so incredibly dumb to just let everyone see. It just doesnt add up.


One of the smarter design decisions SE made this go round was disallowing anyone to craft in the the inn room. So while there are certainly quieter places to craft, there are no private spaces.
#11 Oct 07 2013 at 9:59 AM Rating: Excellent
Ken Burton's Reject
*****
12,834 posts
Wow, that's.... wow.

I knew the client had issues, but damn, that's more than an issue.
____________________________
Twitter: http://www.twitter.com/pawkeshup
YouTube: http://www.youtube.com/pawkeshup
Twitch: http://www.twitch.tv/pawkeshup
Blog: http://pawkeshup.blogspot.com
Olorinus the Ludicrous wrote:
The idea of old school is way more interesting than the reality
#12 Oct 07 2013 at 10:02 AM Rating: Good
**
254 posts
Catwho wrote:
One of the smarter design decisions SE made this go round was disallowing anyone to craft in the the inn room. So while there are certainly quieter places to craft, there are no private spaces.

Perhaps Housing? :p
#13 Oct 07 2013 at 10:14 AM Rating: Decent
Ken Burton's Reject
*****
12,834 posts
I assume that the person was actually crafting during this?

I'm trying to figure out if they just set the recipe to max exp, or if they just changed the value of exp on their character directly.

Edited, Oct 7th 2013 12:25pm by Pawkeshup
____________________________
Twitter: http://www.twitter.com/pawkeshup
YouTube: http://www.youtube.com/pawkeshup
Twitch: http://www.twitch.tv/pawkeshup
Blog: http://pawkeshup.blogspot.com
Olorinus the Ludicrous wrote:
The idea of old school is way more interesting than the reality
#14 Oct 07 2013 at 10:16 AM Rating: Excellent
**
589 posts
Brings new meaning to Triple leve turn ins!
#15 Oct 07 2013 at 10:19 AM Rating: Excellent
Guru
***
1,310 posts
At least getting all the achievements for leveling one craft from 20 to 50 in under a minute is a dead giveaway you've been hacking. Smiley: rolleyes

Edited, Oct 7th 2013 12:20pm by Xoie
#16 Oct 07 2013 at 10:24 AM Rating: Good
Ken Burton's Reject
*****
12,834 posts
Obviously this character will get the banhammer, but how long will they have it before that happens? Hopefully they are relatively quick with the hammer, otherwise they'd have to then track down all the accounts this one trades with and investigate if they are RMT or not.

edit:

Oooo ooo new theory: What if they somehow broke the Quality bar. Like, made it infinite, then filled it. It would give a boundless % of bonus EXP capable of leveling in one synth.

Edit 2:

Not trying to figure out to exploit it, trying to sort out how they are doing this to know what else they could break.

Edited, Oct 7th 2013 12:30pm by Pawkeshup
____________________________
Twitter: http://www.twitter.com/pawkeshup
YouTube: http://www.youtube.com/pawkeshup
Twitch: http://www.twitch.tv/pawkeshup
Blog: http://pawkeshup.blogspot.com
Olorinus the Ludicrous wrote:
The idea of old school is way more interesting than the reality
#17 Oct 07 2013 at 10:36 AM Rating: Decent
**
589 posts
Pawkeshup the Meaningless wrote:
Obviously this character will get the banhammer, but how long will they have it before that happens? Hopefully they are relatively quick with the hammer, otherwise they'd have to then track down all the accounts this one trades with and investigate if they are RMT or not.

edit:

Oooo ooo new theory: What if they somehow broke the Quality bar. Like, made it infinite, then filled it. It would give a boundless % of bonus EXP capable of leveling in one synth.

Edit 2:

Not trying to figure out to exploit it, trying to sort out how they are doing this to know what else they could break.

Edited, Oct 7th 2013 12:30pm by Pawkeshup



My guess is they made it so that one craft gave all the exp needed to get to 50. hi2u game genie!
#18 Oct 07 2013 at 10:45 AM Rating: Good
Scholar
****
4,511 posts
He almost instantly got "On the payroll III" and "On the payroll IV", meaning that between those two achievements, he instantly made 100k+ worth of gil, by doing nothing.

So not only is this a leveling exploit, it's a MAJOR gil exploit as well.
____________________________
[XI] Surivere of Valefor
[XIV] Sir Surian Bedivere of Behemoth
http://na.finalfantasyxiv.com/lodestone/character/2401553/
#19 Oct 07 2013 at 10:51 AM Rating: Excellent
Wonder how long it will take them to roll that back. Or ban. I suppose they would just ban.
#20 Oct 07 2013 at 11:02 AM Rating: Good
Scholar
***
1,732 posts
Sad really.. People will do anything to cheat and it just runes the game for others.
Now SE has to spend time tracking this exploit down instead of developing new cool things to do for us....
____________________________
FFXI: Nashred
Server: Phoenix

FFXIV : Sir Nashred
server: Ultros
#21 Oct 07 2013 at 11:04 AM Rating: Excellent
Avatar
*
144 posts
Hmmm...how about instead of slapping them with a ban, add a big ole' permanent, unavoidable 'CHEATER' to the start of their name? There would be no way to get rid of it, not even a name change. And how about an inventory space of, say, 5 or less, and no more than 100 gil at a time? And if they go over 100 gil, it restarts at 0? And then a day or a week later, banning them anyway?

In all honesty and seriousness, I think this player and any who does something so extreme should be permabanned immediately. It'd be neat to see their reaction to something like this, though.

Edited, Oct 7th 2013 1:04pm by Vaaniks
____________________________
Primary World: Hyperion
Free Company: Jormungandr
Legacy Member
Main Character: Fialas Dawnren: Level 60 BRD/AST/MNK/DoL, Level 16-50 On Everything Else
#22 Oct 07 2013 at 11:06 AM Rating: Excellent
***
3,737 posts
Looks like a simple memory edit.. like someone above said, Game Genie ahoy.

Though the fact the guy went from 20 to 50 suggests that levequests or at least the turn in may have something to do with it.

I hope it's not that simple, because that's just lazy programming if so.
____________________________
svlyons wrote:
If random outcomes aren't acceptable to you, then don't play with random people.
#23 Oct 07 2013 at 11:07 AM Rating: Excellent
Ken Burton's Reject
*****
12,834 posts
I still say make a server for just these special people, lock their characters there, and make them think they are still working on selling gil... except only the gilsellers/cheaters are stuck there.
____________________________
Twitter: http://www.twitter.com/pawkeshup
YouTube: http://www.youtube.com/pawkeshup
Twitch: http://www.twitch.tv/pawkeshup
Blog: http://pawkeshup.blogspot.com
Olorinus the Ludicrous wrote:
The idea of old school is way more interesting than the reality
#24 Oct 07 2013 at 11:08 AM Rating: Excellent
***
1,208 posts
Nashred wrote:
Sad really.. People will do anything to cheat and it just runes the game for others.
Now SE has to spend time tracking this exploit down instead of developing new cool things to do for us....


I'm hoping they can do both simultaneously Smiley: grin

The employees who are responsible for creating new content hopefully aren't the same ones who track down RMT and cheaters.
#25 Oct 07 2013 at 11:09 AM Rating: Good
***
1,208 posts
Pawkeshup the Meaningless wrote:
I still say make a server for just these special people, lock their characters there, and make them think they are still working on selling gil... except only the gilsellers/cheaters are stuck there.


That's like purgatory for RMT's! Sweet let's do it!
#26 Oct 07 2013 at 11:10 AM Rating: Excellent
**
576 posts
Archmage Callinon wrote:
Looks like a simple memory edit.. like someone above said, Game Genie ahoy.

Though the fact the guy went from 20 to 50 suggests that levequests or at least the turn in may have something to do with it.

I hope it's not that simple, because that's just lazy programming if so.


This was my thought as well. There is no way the server should be trusting the client with information on leve rewards or xp gain. That's just poor design.

I'd like to give them the benefit of the doubt, though, and assume that the exploit was more complex than telling the server "I'm turning in this leve" x number of times in a row.
« Previous 1 2 3
Reply To Thread

Colors Smileys Quote OriginalQuote Checked Help

 

Recent Visitors: 199 All times are in CST
Anonymous Guests (199)