Ok, here are some technical details about what the french Dofus Hack Team has done.
Till the devs decided (not too early !!!!) to parse their logs and examine them, they patched most of what we could do.
But you'll find here some hints that can give you ideas...
I. The Tools we used
Macromedia Flash Loader
Light client to run the flash game. And no problem by pressing ALT+TAB.
WPE Pro Alpha 0.9a
Excellent Packet editor.
That's all !
II. How we hacked.
We had at min 2 accounts each. We were 3 in the team.
I'll explain what I did so that it is more simple. We were all doing it the same way.
Ok, here's the things. Most of our hacks were based on a enormous flaw that we discovered in their system. The server checked login and password then import on your client your characters. Each character has an ID, binded with your account login/pass. And that's all. This is the flaw. After that, the server didn't check if the IDs you were using were binded to your account.
You just needed to load the swf with the Flash Loader. Login and Password, then get access to your account.
Run WPE. Load the Flash Loader process. You just need recv packets.
You chose 1 of your char, then went to a place where there are many guys (maps around zaaps are great for that).
Sniff something like 10-15 packets then stop it. You'll see many IDXXXXX (XXXXXX from on average 5 to 400000). Those are characters ID.
The first packet gives you (normally) YOUR OWN connection packet with the character ID you have chosen. Keep it somewhere where you can have it at any time.
Open a new Flash Loader and log with the second account. Click on New Character. Back to WPE, load the new Flash process. Sniff.
Go back on your 2nd client, and press Cancel or Back.
You'll notice that WPE has captured some packets. This is very important because it gives you the connection socket you needed. (You'll need a different connection socket for each "clone" -I explain the clone notion ahead- you wanna have)
Copy the packet of your own connection in WPE in Send tab.
Then just replace the ID of your character with the ID of the character you want to hack.
Use the socket ID you just had.
Send it and that was all ! You were connected with his character at his last position saved.
If he was on the map, he freezed and couldn't see the clone (so undetectable by himself).
Now imagine you have a house or a mule (we had something like 50 houses and a mule with more than 400 000 pods -slots for items for those who don't know what is it).
We connected a first clone, take him to a map where we see few people (that was our "inventory savior" so that the real character won't loose all his inventory). Let's say South of Brakmar or Sufokia. Then made another clone, bring him to one of our houses, and dropped all kamas (money) and inventory in our keepers.
Another clone, made the same, another clone, etc...
Imagine the guy has only 500 000 kamas. With only 3 clones, 1 500 000 kamas !!
Then you can duplicate these 1 500 000 kamas... Connect a character from your account with your first loader, go to the house, get the whole kamas. Quit.
Reconnect. Now your character has 1 500 000 kamas. Go to the house. During this time connect 2 or 3 other clones and put them in different maps around the house. They each got 1 500 000 kamas.
You got it ?
Better : with 2 clones of your character, and your other account. Give the kamas from your first clone, disconnect, 2nd one gives the money too, disconnect. Reconnect with the first 1, get the money from your other account character, disconnect, reconnect, move to another map, connect the second clone, etc... you just had to think about the connection socket thing.
1 500 000 > 3 000 000 > 6 000 000 > 9 000 000 > 18 000 000, etc...
And that was only for kamas.
Now think about duplicating Dofus (for those who don't know they were EXTREMELY RARE)
We had TONS of Dofus : yellow, emeraud, purple, etc...
We duplicated Raziel swords, we duplicated all what we needed : rings, amulets, clothes, even the scrolls which gave ya 2 to 10 000 exp points each !! Leveling up from 1 to 100 in something like 4 minutes ...
You'll find some screenies hereunder
Yeah, I know it's patched for now. They were totally in panic. As we began, we haven't noticed the trick with an inventory savior clone. We emptyed something like 800 characters inventory in less than 35 hours...
There are still some things that can be done, but they are minor hacks. See section III for more details.
III. What can still be used.
- Zaaps, even if you never gone there
Have a look at the zaap system, just find the right coordinates for the others, and just enter them by sending the packets to the server.
- There is still a flaw in their system. The server is based on Oracle. That means that there is some latency between request and response. If you're quick enough you'll still be able to connect 2 clients and the server will not notice it (with the new version I'm not sure, but I would be surprised if they solved that pb, because it's a matter of time between request and response, not of any coding flaw). Now think about a macro that makes automatically logging to the game, you should be able to log with at minimum 4 or 5 clients... Based on that, duplication should be re-invented
- Other hacks you can dream of, that YOU can invent !!
Have fun hacking it, we had so much fun doing it too !!
IV. And what's with the Dofus Hacking Team ??
Nothing. We stopped playing Dofus.
We could have ruined their game, but there was no point doing it. Was just for fun and because devs are dumb. They claimed so loud that their game was, is and will NEVER be hacked. We had warned them but they didn't even looked at our warnings. So we decided to give them a lesson.
They pissed in pants when they saw we had.
V. I WANT TO SEE PROOFS ! THE SCREENS !!
They are the same I posted on MPC.
Nice character from the devs we hacked and get some money and items from ....
[Only registered and activated users can see links. Click Here To Register...]
And here are the thousands scrolls and what they did
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
Want more, search the MPC forums, I posted some more. Nice items...
Till the devs decided (not too early !!!!) to parse their logs and examine them, they patched most of what we could do.
But you'll find here some hints that can give you ideas...
I. The Tools we used
Macromedia Flash Loader
Light client to run the flash game. And no problem by pressing ALT+TAB.
WPE Pro Alpha 0.9a
Excellent Packet editor.
That's all !
II. How we hacked.
We had at min 2 accounts each. We were 3 in the team.
I'll explain what I did so that it is more simple. We were all doing it the same way.
Ok, here's the things. Most of our hacks were based on a enormous flaw that we discovered in their system. The server checked login and password then import on your client your characters. Each character has an ID, binded with your account login/pass. And that's all. This is the flaw. After that, the server didn't check if the IDs you were using were binded to your account.
You just needed to load the swf with the Flash Loader. Login and Password, then get access to your account.
Run WPE. Load the Flash Loader process. You just need recv packets.
You chose 1 of your char, then went to a place where there are many guys (maps around zaaps are great for that).
Sniff something like 10-15 packets then stop it. You'll see many IDXXXXX (XXXXXX from on average 5 to 400000). Those are characters ID.
The first packet gives you (normally) YOUR OWN connection packet with the character ID you have chosen. Keep it somewhere where you can have it at any time.
Open a new Flash Loader and log with the second account. Click on New Character. Back to WPE, load the new Flash process. Sniff.
Go back on your 2nd client, and press Cancel or Back.
You'll notice that WPE has captured some packets. This is very important because it gives you the connection socket you needed. (You'll need a different connection socket for each "clone" -I explain the clone notion ahead- you wanna have)
Copy the packet of your own connection in WPE in Send tab.
Then just replace the ID of your character with the ID of the character you want to hack.
Use the socket ID you just had.
Send it and that was all ! You were connected with his character at his last position saved.
If he was on the map, he freezed and couldn't see the clone (so undetectable by himself).
Now imagine you have a house or a mule (we had something like 50 houses and a mule with more than 400 000 pods -slots for items for those who don't know what is it).
We connected a first clone, take him to a map where we see few people (that was our "inventory savior" so that the real character won't loose all his inventory). Let's say South of Brakmar or Sufokia. Then made another clone, bring him to one of our houses, and dropped all kamas (money) and inventory in our keepers.
Another clone, made the same, another clone, etc...
Imagine the guy has only 500 000 kamas. With only 3 clones, 1 500 000 kamas !!
Then you can duplicate these 1 500 000 kamas... Connect a character from your account with your first loader, go to the house, get the whole kamas. Quit.
Reconnect. Now your character has 1 500 000 kamas. Go to the house. During this time connect 2 or 3 other clones and put them in different maps around the house. They each got 1 500 000 kamas.
You got it ?
Better : with 2 clones of your character, and your other account. Give the kamas from your first clone, disconnect, 2nd one gives the money too, disconnect. Reconnect with the first 1, get the money from your other account character, disconnect, reconnect, move to another map, connect the second clone, etc... you just had to think about the connection socket thing.
1 500 000 > 3 000 000 > 6 000 000 > 9 000 000 > 18 000 000, etc...
And that was only for kamas.
Now think about duplicating Dofus (for those who don't know they were EXTREMELY RARE)
We had TONS of Dofus : yellow, emeraud, purple, etc...
We duplicated Raziel swords, we duplicated all what we needed : rings, amulets, clothes, even the scrolls which gave ya 2 to 10 000 exp points each !! Leveling up from 1 to 100 in something like 4 minutes ...
You'll find some screenies hereunder
Yeah, I know it's patched for now. They were totally in panic. As we began, we haven't noticed the trick with an inventory savior clone. We emptyed something like 800 characters inventory in less than 35 hours...
There are still some things that can be done, but they are minor hacks. See section III for more details.
III. What can still be used.
- Zaaps, even if you never gone there
Have a look at the zaap system, just find the right coordinates for the others, and just enter them by sending the packets to the server.
- There is still a flaw in their system. The server is based on Oracle. That means that there is some latency between request and response. If you're quick enough you'll still be able to connect 2 clients and the server will not notice it (with the new version I'm not sure, but I would be surprised if they solved that pb, because it's a matter of time between request and response, not of any coding flaw). Now think about a macro that makes automatically logging to the game, you should be able to log with at minimum 4 or 5 clients... Based on that, duplication should be re-invented
- Other hacks you can dream of, that YOU can invent !!
Have fun hacking it, we had so much fun doing it too !!
IV. And what's with the Dofus Hacking Team ??
Nothing. We stopped playing Dofus.
We could have ruined their game, but there was no point doing it. Was just for fun and because devs are dumb. They claimed so loud that their game was, is and will NEVER be hacked. We had warned them but they didn't even looked at our warnings. So we decided to give them a lesson.
They pissed in pants when they saw we had.
V. I WANT TO SEE PROOFS ! THE SCREENS !!
They are the same I posted on MPC.
Nice character from the devs we hacked and get some money and items from ....
[Only registered and activated users can see links. Click Here To Register...]
And here are the thousands scrolls and what they did
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
Want more, search the MPC forums, I posted some more. Nice items...