[Proof] Magma Flyff Speedlimit Bypass

Page 1 of 3 1 23
12/07/2015 15:17 greyb1t#1
Hey everyone!

First of all, for those who came here to learn. You'll be disappointed.
This ain't no tutorial, this is a proof.

I was in my mind about either releasing the method or just keeping it completely private.
I choose something inbetween, a proof / showcase.
Most server today is the same techniques for everything, most of it is just copy-paste.
So you'll probably be able to do this on most other servers aswell.

// Edit
I just made it work on Insanity FlyFF aswell. It's confirmed working for other servers aswell.

This is another thing @xMootie can fix while he's trying to fix my bot.

Since it's a proof, I cannot really write on the thread to prove it.
I made a video, check it out.

12/07/2015 17:07 meak1#2
bypass the security from flyff Pserver's is easy ;/
12/07/2015 18:31 greyb1t#3
Quote:
Originally Posted by meak1 View Post
bypass the security from flyff Pserver's is easy ;/
Words means nothing. Go ahead and bypass Magma Flyff's protection against speed hack and teleportation. Speedlimit aswell. Then go ahead and tell me it was easy :)
12/07/2015 19:13 ZeroTwo02#4
Greyb1t, They can fix the maximum speed is exceeded? no?

like this (CMover::GetSpeed)->

Code:
	if( nAdjValue > 200 )
		nAdjValue = 200;
	if( fSrcSpeed	> 0.2F )
		fSrcSpeed	= 0.2F;
12/07/2015 20:15 greyb1t#5
Quote:
Originally Posted by naruto66620 View Post
Greyb1t, They can fix the maximum speed is exceeded? no?

like this (CMover::GetSpeed)->

Code:
	if( nAdjValue > 200 )
		nAdjValue = 200;
	if( fSrcSpeed	> 0.2F )
		fSrcSpeed	= 0.2F;
Exactly, that's the code which makes a speed limit of their choice.
That's what I bypassed. It's not hard, none has yet done it though.
12/07/2015 21:19 ZeroTwo02#6
Quote:
Originally Posted by greyb1t View Post
Exactly, that's the code which makes a speed limit of their choice.
That's what I bypassed. It's not hard, none has yet done it though.
Code:
void CMover::SetSpeedFactor( FLOAT fSpeedFactor )
{
	if( fabs( m_fSpeedFactor - fSpeedFactor ) > 2.1F )
	{
	m_fSpeedFactor	= 2.0F;
	}
	else if( fabs( m_fSpeedFactor - fSpeedFactor ) > 0.000001F )
	{
		m_fSpeedFactor	= fSpeedFactor;
#ifdef __WORLDSERVER
		g_UserMng.AddSetSpeedFactor( this, fSpeedFactor );
#endif	// __WORLDSERVER
	}
}
12/07/2015 21:22 greyb1t#7
Quote:
Originally Posted by naruto66620 View Post
Code:
void CMover::SetSpeedFactor( FLOAT fSpeedFactor )
{
	if( fabs( m_fSpeedFactor - fSpeedFactor ) > 2.0F )
	{
	m_fSpeedFactor	= 2.0F;
	}
	else if( fabs( m_fSpeedFactor - fSpeedFactor ) > 0.000001F )
	{
		m_fSpeedFactor	= fSpeedFactor;
#ifdef __WORLDSERVER
		g_UserMng.AddSetSpeedFactor( this, fSpeedFactor );
#endif	// __WORLDSERVER
	}
}
I don't know what this is supposed to mean, you only wrote code with extra checks.
No words, no nothing.
I am not familiar with the flyff source code.
12/08/2015 07:21 nicenickman#8
Wow cool video!
hello sir.
i want learn bypass blcok autoit all sever.
12/08/2015 15:15 EvilSlayer#9
Seems like you put quite a lot of work in it. Nice :)
12/08/2015 15:39 greyb1t#10
Quote:
Originally Posted by nicenickman View Post
Wow cool video!
hello sir.
i want learn bypass blcok autoit all sever.
If you wanna learn something, you got the whole internet as a free resource.
Just gotta take that first step.

Quote:
Originally Posted by Avalion View Post
It's not hard to completely nerf speed hacks. Way more easy in comparison to nerfing the actual position lag. Which is why I am confused to why this hasn't been fixed on Magma.
I don't really know what you're refering too. I'm sure there's another way to completely nerf them, but it seems like most server hasn't done this. I recently tried on Insanity FlyFf aswell, it was working flawlessly, I had to use another method though.

Quote:
Originally Posted by EvilSlayer View Post
Seems like you put quite a lot of work in it. Nice :)
In the video or the bypass?
If you're refering to the video, it was an hours work learning the video editing software and making the video, not much work at all =)

If you're refering to the bypass, it was not much work at all either.
It was actually pretty easy, the only thing which was a little harder was to think out a method to find the code in memory.
12/08/2015 15:41 Ghonom#11
Quote:
Originally Posted by greyb1t View Post
If you wanna learn something, you got the whole internet as a free resource.
Just gotta take that first step.



I don't really know what you're refering too. I'm sure there's another way to completely nerf them, but it seems like most server hasn't done this. I recently tried on Insanity FlyFf aswell, it was working flawlessly, I had to use another method though.



In the video or the bypass?
If you're refering to the video, it was an hours work learning the video editing software and making the video, not much work at all =)

If you're refering to the bypass, it was not much work at all either.
It was actually pretty easy, the only thing which was a little harder was to think out a method to find the code in memory.
I've once played on a server too where they used some kind of "speedhack" fix but it was quite easy to bypass it. I'll download Insanity / Magma during the week and try it too
12/08/2015 15:47 greyb1t#12
Quote:
Originally Posted by Ghonom View Post
I've once played on a server too where they used some kind of "speedhack" fix but it was quite easy to bypass it. I'll download Insanity / Magma during the week and try it too
Great!
Don't forget to tell me results, if you succedeed it show some proof =)
You'll probably have a easier time doing it on Magma FlyFF, Insanity was a litter harder =)
12/08/2015 18:44 EvilSlayer#13
Quote:
Originally Posted by greyb1t View Post
If you wanna learn something, you got the whole internet as a free resource.
Just gotta take that first step.



I don't really know what you're refering too. I'm sure there's another way to completely nerf them, but it seems like most server hasn't done this. I recently tried on Insanity FlyFf aswell, it was working flawlessly, I had to use another method though.



In the video or the bypass?
If you're refering to the video, it was an hours work learning the video editing software and making the video, not much work at all =)

If you're refering to the bypass, it was not much work at all either.
It was actually pretty easy, the only thing which was a little harder was to think out a method to find the code in memory.
I was talking about the bypass itself, it's again a nice proof how easy flyff hacks can be made.
Edit: Fixing this isn't hard either.
01/12/2016 01:53 KazumiTanuki#14
Is it possible to bypass jumphight with it aswell?
01/12/2016 21:53 xMootie#15
You sure have a lot of free time. As to the question of why there's not a server-sided check, the game's movement networking isn't exactly reliable. Look at Official Flyff's positioning check. It took them years to get it to where it is and it still bugs out frequently affecting legitimate users by teleporting them backwards.

As I said before, I'd love to make a fix for your bot or speed hacks, but it's less than 0.1% of the players on Magma using them. It's a waste of time, especially when the detection method I have in place already bans them via heuristics.

If I put a server-sided speedhack check in at this point, it would be an inconvenience legitimate users. I'd rather a couple of speed hackers on Magma than negatively affect thousands of legitimate users on a daily basis.

Unless I can figure out a way to make a serversided check that won't affect even 1/1000 legitimate users, it's not worth blocking you.
Page 1 of 3 1 23