Caesary
-migrated-
|
Level: 1
ADR Info
Additional Info
|
Yeah, I wasn't lucky enough to get in on that bug before it was patched. (broken image removed)
|
|
Additional Info
|
Quote from: "The Ignorant Masses" Yeah, I wasn't lucky enough to get in on that bug before it was patched. (broken image removed)I only did it to 4,090 more troops. I thought I was rich for a second, but I just ran out. If i would've known the idiot developers would unban these people, hell, I would've done 4,000,000,090 more troops. |
|
Additional Info
|
Quote from: "ChaoMing"
I made 100000 Princ the day before the patch and immediately dismissed them giving millions in each category. They didn't ban me but I did buy the small gold pack once. I just used the tax / sesterces hack and made 8 million in a few minutes. Not much to do with it other than study my butt off now. |
|
Additional Info
|
Just so everyone knows, they are now rewarding people for pointing out how to hack in the game, I believe this is an attempt to fix all of the possible hacks, but this game has really gone to garbage in the past couple of days. It's now littered with kids who aren't tactful enough to mask the fact that they are hacking, I have to admit that this is the first time i've come across a game where the people who run it seem to not care about integrity in the least.
|
|
Additional Info
|
Quote from: "two sheds jackson" Just so everyone knows, they are now rewarding people for pointing out how to hack in the game,It has already been said just one page before. This post was imported from an account that no longer exists! Previous Name: phreneticus |
|
Additional Info
|
market places are going wild this moment.
it seems that they are still able to hack some stuff, like population, taxes, job occupancy, and lots os things that were already said here. but, i'm onto something different... I 'm still tryind to dupe units (principes, in this case). it's obvious and fairly already stated that the previous exploit was addressed on the last patch (1.16), but a user at kong forum said that you could still do it, just having to bypass a check the server was doing. based on the speed of the patch coming out, I presume they didn't really solve the issue, just tampered with their own security checks hex codes to be a lil more difficult to find. I can find the hero's number of units alright (separated groups, like front 1, 2 and 3, in this case, returning independent mem addresses), and also the number of idle units in the city (only one variable for the total idle units aka not assigned to heroes). I can tamper with this and it would show up on the popup mouseover thingy with the hacked numbers, and also at the move units prompt, even with the total amount of units u would dupe, just like the pre-patch version. then comes the dreaded popup - Illegal request. I've noticed that each city has a total number of each unit screen too, that sums up all the assigned to a hero units with the idle ones. But i can't seem to find the memory address for that sum, so I'm assuming it's actually a function to sum up and return this value, then print onto that screen. My guess is, if we can tamper this value, we might be able to override the check, assuming that the server is making the checks on a somewhat hidden value. can somebody please help me in this task? |
|
Additional Info
|
Quote from: "THack" market places are going wild this moment. Ive also been trying to bypass this check ive tried to use CE's replace functions on all the codes i can find when the popup appears but i either get disconnected or the pop up still appears (broken image removed) if you do figure it out please be sure to let me know |
|
Level: 1
ADR Info
Additional Info
|
If they are finally checking server side, there is no bypassing it. Here's a bit from my own MMO.
User has 10 units and 1000 villagers. User wants to train those villagers into units. Whenever a user submits any number, the server checks to see if he has that many villagers available, otherwise it is denied. This works the same for resources as well. It also uses abs(intval(YOURINPUT)), meaning it takes the integer value (so no decimals) and the absolute value (no negatives) and then checks to see if what you are requesting is possible.
|
|
Additional Info
|
previously, when you tried to mess up with assigned troops, it would let you have a negative value on your hero, thus it would allow you to create your units.
I don't believe the checks are being made server side, the patch was too quick for them to solve by recoding stuff, and also the server load would be prone to ddos attacks just by players assigning troops over and over at the same time. it probably has to do with the negative values then... if we can manage to input any numbers over there, or to inject functions instead of a absolute integer, it *could* work |
|
Level: 1
ADR Info
Additional Info
|
3 simple fixes.
1) Set the unit field in the database to Unsigned. No more negatives. 2) Set any input to check the server before posting changes. 3) Using abs(intval(sanitizefunc(INPUT))), you can pretty much only enter positive numbers. Since changing units requires a database transaction anyway, it wouldn't add any more load having a single check in place. PHP side, I can do what needed to be done in less than 6 lines of code. That said, I can almost guarantee that the checks are server side now. Why bother with troops anymore, when you can have unlimited resources? Granted, it takes time to get said troops, but it's definitely better than beating a dead horse. Also, please note that I tried everything I can think of with Gold, Items, and Zodiac Goats in and out of the ceremony system. (broken image removed)
|
|
Additional Info
|
i was just messing up with the troops system, and wanted to buff some princs to 1round wilds quicker. lol.
guess i'm gonna go for the res and taxes stuff a bit. dunno. anyone up for market crash this evening? |
|
Level: 1
ADR Info
Additional Info
|
I think they patched the tax thing server side. Something as simple as setting the tax database field to tinyint(2) Unsigned would work. It would only allow numbers 0-99 though. They could to tinyint(3) Unsigned and get 0-999, but who knows. No matter what I try now, I can't get it to work.
Good thing I stocked up last night though!
|
|
Additional Info
|
Found something that's not a hack but is slightly exploitive.
Set tax to 0 - leave til the population hits full Set tax to 100, leave til your alliance goes down one then wait five minutes and change it to 0 til it goes back one then change it and redo again. It's not exactly amazing but it's pretty good if you're there doing it right there and then. Check before you post, someone may have beaten you there. |
|
Additional Info
|
I'm messing with AoBs trying to figure out how to get rid of the "illegal request" when doing the troop transfer. Can't seem to find the right code..
Anyone located anything yet? PM me we can share info.. |
