While working on some packets to decode, I discovered some odd behavior by the server. I injected a certain packet with some unusual data and got the server to change me to an invincible or invisible state. Exactly those states used for GMs.
Can anybody tell me if this exploit is already known or not? I'm not up-to-date with that topic, I guess.
I kinda went to the first server in my mind, that I've been playing on years ago.
I do not intend to cast poor light nor advertise this particular server I recorded the exploit on.
This works on every vSRO based server and I'm currently looking into other versions as well (Official, Official-R).
do a favor for the people who still playing this ****** sro and remove the video/topic right now.
the last thing they need ingame someone invisible and kicking their ***'s
do a favor for the people who still playing this ****** sro and remove the video/topic right now.
the last thing they need ingame someone invisible and kicking their ***'s
while I agree, there is no rule that forbids this kind of posts
If you were to post some secret information, not posting it on the first place is advised, but since he already posted it, unless he ask for it; the thread is allowed to stay
If what you are doing is sending "GM" packet to the agent which has the stuff for invisible. Then I already patched this, if it's client side then we fukt
Quote:
Originally Posted by PortalDark
couldnt this be detected by the client and/or server?
I mean, if this is used the way I think, the server could receive the data and trigger an action, like auto ban someone that is not a GM
If it is sending a corrupt packet to the AgentServer then a filter can "control" the gm packet, and check the user id's "allowed" security group, and then determine to just "skip" the packet or just allow it.
What I did is to add all gm accounts in a "List" and you store your username after 0x6103 (agentserver) is sent, this mean user successfully logged in, so they must login in order to save the "current" UserID. If the UserID is not in the allowed GM "list" they cannot send the GM packets for uniques, invisible and so on.
Quote:
Originally Posted by CrazyGirL_ZSZC
do a favor for the people who still playing this shitty sro and remove the video/topic right now.
the last thing they need ingame someone invisible and kicking their ass's
This thread actually help more then destroy the pSRO scene, since filter coders can solve this error. If this was suppose to stay "hidden" you could abuse it all servers and destroy their economy etc.
There is a packet, which is pretty nasty. Ever dreamed of: Killing those annoying killstealers right next to you? Or those uber super strong wizards at PvP, who are yelling "Me kralz", but frequently using invisible?
Welp, there is a packet killing absolutely everyone in a server, no matter if safe zone or not.
If people experienced that on Venus... you know what happened to you.
couldnt this be detected by the client and/or server?
I mean, if this is used the way I think, the server could receive the data and trigger an action, like auto ban someone that is not a GM
This can be fixed with any packet filter within a matter of seconds, yes.
Quote:
Originally Posted by CrazyGirL_ZSZC
do a favor for the people who still playing this shitty sro and remove the video/topic right now.
the last thing they need ingame someone invisible and kicking their ass's
The video leaves little to no clue on how the exploit works. I doubt that the "script kiddies" on here find out how to use it by just watching this.
Quote:
Originally Posted by Goofie
If what you are doing is sending "GM" packet to the agent which has the stuff for invisible. Then I already patched this, if it's client side then we fukt
It's not a GM packet. I can also set myself to infinite untouchable for 5 seconds, but given the fact that you can't attack in that state it's kinda useless.
It's not a GM packet. I can also set myself to infinite untouchable for 5 seconds, but given the fact that you can't attack in that state it's kinda useless.
So what you are doing is corrupting the Europe wizard skill (invisible), sending the invisible skill all the time and bypassing the delay?
My guess:
1. Works for the European class only.
2. Skill bug(corrupt skill).
3. In order to complete the bug you must unskill or never level up the invisible skill.
4. Send the Skill packet with the SkillID and you get invisible(no delay cause skill isn't leveled up)
So what you are doing is corrupting the Europe wizard skill (invisible), sending the invisible skill all the time and bypassing the delay?
My guess:
1. Works for the European class only.
2. Skill bug(corrupt skill).
3. In order to complete the bug you must unskill or never level up the invisible skill.
4. Send the Skill packet with the SkillID and you get invisible(no delay cause skill isn't leveled up)
Am I right?
Kinda hard to proof with a picture from my test server. I'd have purple text if it would've been a GM character. But I could have injected that as well since there as so many options...
Invincible Grinding Exploit (Tier 3 Order) 09/26/2008 - General Gaming Releases - 4 Replies Invincible Grinding Exploit (Tier 3 Order)
by Nathreziem
Small, but valuable exploit I found while doing a PQ.
This is located in the Unterbaum cemetery in Talabecland, the Empire T3 area.
I used this exploit with a Bright Wizard, and have not tested it with any other Career.
Mobs are level 29+, give 100 influence each and a good amount of experience.
![[Exploit] Invincible & Invisible (vSRO 1.88)](https://www.elitepvpers.com/forum/iconimages/sro-private-server/exploit-invincible-invisible-vsro-1-88-a_ltr.gif){kind=small}
