These are some of the exploits that I know of, if you feel righteous enough to post some of your own, feel free to do so.
Note that these aren't server-crashing exploits, these are ones that could affect the game play.
================================================
Trading
================================================
Description - So, this is one major exploit in LOTF. Anyone ever heard of cheatengine?
You can client side produce money, and then once the packets are sent requesting to trade x amount of money(or CPs), the server has no sanity checks to see if you have at least x amount. Funny thing is, since LOTF treats money and CPs as a uint, if more than you have is subtracted and it goes below 0, the uint goes modular and goes up to uint.MaxValue - how far it went below 0.(This will leave you with a shitload of money/cps lmao).
There is sanity checks on items(well, as it is based on UID, the server has to find the item, so you couldn't hack your way into items)
How to abuse - CheatEngine or any memory based program that will change the value at a memory adress. I used a proxy to just send the CP/Money add packets, either one will work.
Solution - Sanity checks. It's as simple as checking if the users CP or Money amount is greater than or equal to the value requested by the packet.
===============================================
Equipping
===============================================
Description - So, as far as I know, the sanity checks on equipping are either lacking, wrong, or non-existent.
What does this mean? You can be a level 1 trojan equipping level 120 tao armor, or anything of the sort. Kind of a funny exploit.
How to abuse - The client has checks on this, so most LOTF servers can get away with having no server-side sanity checks. To bypass the client side checks, you can simply edit the itemtype.dat and change all the job, prof, strength, agility, and level requirements to 0.
Solution - Sanity checks yet again. LOTF loads item stats, its as simple as checking them.
===============================================
NPC Shops
===============================================
Distance - From nTL3fTy
Description - You can buy things from NPCs, even if they're far far away.
Abuse - Open a pharmacist and run away, infinite pots.
Solution - Check the distance from the NPC to the character. MyMath.PointDistance.
Items
Description - You can buy stuff from NPCs, even if it's not in the actual shop. In LOTF, it only checks every line of the Shop.dat to see if it contains the item.
Abuse - Edit shop.dat to buy stuff from random shops.
Solution - It's PARTIALLY fixed, but it's not fixed all the way in LOTF. You'll have to do some text file manipulation to make sure its in the right location in Shop.dat.
===============================================
Jumping
===============================================
Description - You can jump as far as you want. AS FAR AS YOU WANT.
Abuse - The only way you can really abuse this is with a proxy. Jumping to the other side of the map
. I mean, you can do the super ass long jump by clicking opposite sides of the screen etc but meh.Solution - Distance checks yet again. Simple solution, and if you do it like official CO(Disconnecting on long jumps) it provides an easy way to DC xD.
I'll post more as I remember/find/feel like posting.
Have fun
.
LOL ur funny 
