Report of a very dangerous bug

N1ght

Pre-Searing Cadet

Join Date: May 2012

08 May 2012 at 13:35 - 1
Hi,
i am writting here because i found out that some guys use a very dangerous exploit. i wrote twice @ the NCSoft Support but the response was a stock response. Here is what i wrote:
Quote:
Hi support team,
i am writting to you because i have some important information about a exploit. As i read on a known Guild Wars Botting forums(...), some players are able to cast empty instances of the game.
They are changing the value of a packet to do this. They can now e.g. go into an empty Random Arena battle an get an instant win.
They are writting bots for this methods with multiple accounts, i am afraid, that the whole guild wars ingame market could collapse because of this method. They said that they can do more than 80 ectos within 1 hour.
The good thing is, that i have one character name of these botters. Its a character, which is now gladiator 7 or higher within 2 days. The character name is: ...
I hope that you take this matter very seriously and try to avoid this exploit.
If you have more questions, just message me here.
I also created two thread at the support forums, but they have been deleted.

I hope that they will now work harder to fix this exploit, if the public knows about it.
So if you e.g. dont know why Strongboxes are now very cheap, this is the answer. I also noticed that the real money prices for Guild Wars Items went down drastically in the last weeks. So it seems like these botters are delivering some MMo shops.

I really dont know why the support doesnt work on this issue. They even have the name (+screenshot of his title) of a character.

Lordkrall

Frost Gate Guardian

Join Date: Jan 2011

W/

08 May 2012 at 14:11 - 2
You didnt think about the fact that the threads were deleted simply because describing exploits is considered against the rules?

akelarumi

akelarumi

Wilds Pathfinder

Join Date: Nov 2009

E/

08 May 2012 at 14:38 - 3
Yip, my suggestion is to edit your post empty. By saying in public how the exploit can be used means your making it worse.

Martin Alvito

Martin Alvito

Older Than God (1)

Join Date: Aug 2006

Clan Dethryche [dth]

08 May 2012 at 14:59 - 4
Quote:
Originally Posted by akelarumi View Post
Yip, my suggestion is to edit your post empty. By saying in public how the exploit can be used means your making it worse.
Which I suspect is the whole point. If ANet won't do something about it, making it publicly known intensifies the problem. That in turn forces them to do something to resolve it.

Premium Unleaded

Wilds Pathfinder

Join Date: Aug 2005

08 May 2012 at 15:20 - 5
ANet stopped caring about these issues ages ago, hence nothing has been done about them for so long.

N1ght

Pre-Searing Cadet

Join Date: May 2012

08 May 2012 at 15:30 - 6
Quote:
Originally Posted by akelarumi View Post
Yip, my suggestion is to edit your post empty. By saying in public how the exploit can be used means your making it worse.
Your right. But where do i describe how to use the bug??
I only say that they are changing a packet to use this busg.

Btw reason why the topic has been closed:
Quote:
We are taking this report seriously and are investigating as quickly as possible. I’ve asked a mod to remove your thread to eliminate the link to the exploit from the public forum, and I am sending this to you personally so we don’t inform the botters that we are investigating them.
Well...i understand that. But I reported it one month ago...Should be enough time to fix this issue.

madriel222

madriel222

Krytan Explorer

Join Date: Feb 2008

Denver, Colorado

Reign of Judgment [RoJ]

Me/A

08 May 2012 at 16:03 - 7
If you think one month is enough time to fix the issue, you don't know Anet.

Spiritz

Forge Runner

Join Date: Apr 2007

DMFC

08 May 2012 at 16:06 - 8
Quote:
Originally Posted by N1ght View Post
Well...i understand that. But I reported it one month ago...Should be enough time to fix this issue.
Anet has to investigate this claim which sadly will take time , one problem i could see is anet trying to fix something in the dark - so to speak.
Scenario - a new prototype bot is being worked on , anet is unable to pinpoint the exact method the bot would use because its not in public.Anet cant dissamble the bot to see how it works etc.Posting on the bot site id class as risky as im sure they may take offence to it and also may cause them to make minor changes etc.
Anets got to find a needle in a haystack and it will take time - you could in future if you found another bot in making pm one of the staff ongw support forum and ask whats the safest way to post your problem without needing major edits or deletes.

Lordkrall

Frost Gate Guardian

Join Date: Jan 2011

W/

08 May 2012 at 16:16 - 9
It does seem that some people here have no grasp what so ever about how programming and such works.

It is not just: "Oh, there might be a problem here *work a few minutes* Solved!"

Also keep in mind that there are currently very few people working at GW.

Making more people exploiting the system aint going to make it go away faster.

Ewon

Ewon

Wilds Pathfinder

Join Date: May 2007

Canada

Graduates of Pre Searing [GPS]

08 May 2012 at 16:30 - 10
For starters, i would suggest removing the link to one of the known boting sites. I don't think we need mroe traffic heading there.

I'm not sure if anyone else noticed, by while I was in kama ad1 trading, I noticed 2 Leg. Gladiators in one night. I have a screenshot of the second, as I thought it was odd that 2 got the title so close together. I kinda wish anet would step in, but given past boting experiences, it will take several months of silence before they do anything.

esthetic

esthetic

Wilds Pathfinder

Join Date: Apr 2008

Fantasy Island

[Qtie]

R/Mo

08 May 2012 at 16:32 - 11
Thanks to your thread the site overloaded lol

N1ght

Pre-Searing Cadet

Join Date: May 2012

08 May 2012 at 16:34 - 12
Well...i know how Programming and Reversing works
But that isnt the point...if they need time to fix the whole issue thats okay...But: They have the character name...If they just check the logged events of the character, they see that the character e.g. wins 500 RA fights in a row. So they could just ban the account and all other accounts which are used from the same IP. But they didnt even did that, that is what suprises me.

Edit: deleted the link

Gabs88

Desert Nomad

Join Date: Jan 2011

08 May 2012 at 17:20 - 13
Meh, people are running this with 12 accounts at a time. And making figures closer to 120e / hour. Per account. It's so broken I can't even bring myself to care.

And these same people are supposed top speed clearers, HA, GVG and missionrunners in the game.

Doesn't really matter to me ^^ Diablo 3 in less then one week and haven't been logged in more then a couple of hours for the past two months this has been going on.

EFGJack

EFGJack

Lion's Arch Merchant

Join Date: Mar 2010

Finland

Pros At Inactivity [bleh]

W/

08 May 2012 at 17:29 - 14
Quote:
Originally Posted by Gabs88 View Post
Doesn't really matter to me ^^ Diablo 3 in less then one week and haven't been logged in more then a couple of hours for the past two months this has been going on.
This pretty much. And I bet this is what ANet thinks of the situation as well, just replace D3 with a certain title and "one week" with 8-10 months.

Riot Narita

Desert Nomad

Join Date: Apr 2007

08 May 2012 at 17:31 - 15
Dhuum will be busy. When he's good and ready.

And the people he bans... will have no HoM rewards in GW2.

Captain Bulldozer

Captain Bulldozer

Wilds Pathfinder

Join Date: Jan 2008

Servants of the Dragon Flames [SODF]

08 May 2012 at 17:32 - 16
Quote:
Originally Posted by Martin Alvito View Post
Which I suspect is the whole point. If ANet won't do something about it, making it publicly known intensifies the problem. That in turn forces them to do something to resolve it.
Getting a canned response from customer support does not mean that A-net won't do anything about it. In my experience, Anet takes better care of GW than most MMO companies (not that I've had dealing with them all obviously). I'd suggest that a mod should delete this entire thread so as not to encourage exploits.

Lordkrall

Frost Gate Guardian

Join Date: Jan 2011

W/

08 May 2012 at 17:32 - 17
Quote:
Originally Posted by N1ght View Post
Well...i know how Programming and Reversing works
But that isnt the point...if they need time to fix the whole issue thats okay...But: They have the character name...If they just check the logged events of the character, they see that the character e.g. wins 500 RA fights in a row. So they could just ban the account and all other accounts which are used from the same IP. But they didnt even did that, that is what suprises me.

Edit: deleted the link
And do you know that they have not banned said character? Is said character your character?

Martin Alvito

Martin Alvito

Older Than God (1)

Join Date: Aug 2006

Clan Dethryche [dth]

08 May 2012 at 17:42 - 18
Quote:
Originally Posted by Captain Bulldozer View Post
Getting a canned response from customer support does not mean that A-net won't do anything about it. In my experience, Anet takes better care of GW than most MMO companies (not that I've had dealing with them all obviously). I'd suggest that a mod should delete this entire thread so as not to encourage exploits.
ANet has always fixed these problems only when they became so widespread that they could no longer be ignored.

Whether or not this is 'better care' than other MMO producers is subjective. I'd argue that they used to do very well on certain dimensions and remarkably poorly on others. For some time now they haven't done well on upkeep along any dimensions.

Porkchop Sandwhiches

Porkchop Sandwhiches

Lion's Arch Merchant

Join Date: Jun 2005

Fishing Village in Wizard's Folly

R/

08 May 2012 at 18:11 - 19
I hope we get some acknowledgement from Anet, at least. Kuddos to the OP.

Quantum Duck

Quantum Duck

Lion's Arch Merchant

Join Date: May 2006

Err7

Me/

08 May 2012 at 18:20 - 20
The policy on the support forums is to delete threads that describe or link to exploits after handing them off to a dev. You'd get better results PMing one of the devs there.

Mordiego

Mordiego

Furnace Stoker

Join Date: Sep 2007

Pozna??, UTC+1

We Are From Poland [Pol]

N/A

08 May 2012 at 18:54 - 21
link to the bot forum plz, I want to get glad r7 in 2 days!

Nerel

Nerel

Jungle Guide

Join Date: Jun 2008

Australia, what you want my home address?

[CAT]

Mo/

08 May 2012 at 18:59 - 22
Quote:
Originally Posted by Riot Narita View Post
Dhuum will be busy. When he's good and ready.

And the people he bans... will have no HoM rewards in GW2.
Nope, but they'll probably have made so much real world cash from RMT that they'll be able to buy dozens of GW2 accounts ready for botting in a more lucrative game...

spun ducky

spun ducky

Jungle Guide

Join Date: Nov 2005

WTB: q8 bows

R/N

08 May 2012 at 19:17 - 23
Quote:
Originally Posted by Nerel View Post
Nope, but they'll probably have made so much real world cash from RMT that they'll be able to buy dozens of GW2 accounts ready for botting in a more lucrative game...
Done and Done already I will be curious how long anet takes to fix this as it isn't a simple exploit.

Example

Ascalonian Squire

Join Date: Apr 2012

08 May 2012 at 19:56 - 24
Quote:
Originally Posted by spun ducky View Post
Done and Done already I will be curious how long anet takes to fix this as it isn't a simple exploit.
w/e you talk about

Kunder

Desert Nomad

Join Date: Nov 2010

08 May 2012 at 21:13 - 25
Hardly a dangerous exploit. It doesn't hurt other players in any way like some kind of PvP bug or cheat (like DoSing people on the other team). Guild wars economy was screwed up infinitely more already by duping, this is merely a blip on the radar.

As for "describing the exploit", I'm pretty sure that 99.999% of GW players have no idea how to implement the exploit given what the OP posted and the other .001% would be able to figure out that it would involve forged packets regardless of what the OP posted.

TrippieHippie89

TrippieHippie89

Lion's Arch Merchant

Join Date: Mar 2008

Saegertown, PA

High by Nine [Bong]

Me/W

08 May 2012 at 21:24 - 26
Am i the only one who realizes gw is dead and gw2 is right around the corner?

makosi

makosi

Grotto Attendant

Join Date: Mar 2006

"Pre-nerf" is incorrect. It's pre-buff.

Requirement Begins With R [notQ]

Me/

08 May 2012 at 21:30 - 27
Is this why ectos went from 11k to 7k?

Quote:
Originally Posted by TrippieHippie89 View Post
Am i the only one who realizes gw is dead and gw2 is right around the corner?
Right around the corner? I wouldn't put money on that.

Gabs88

Desert Nomad

Join Date: Jan 2011

08 May 2012 at 21:47 - 28
Quote:
Originally Posted by TrippieHippie89 View Post
Am i the only one who realizes gw is dead and gw2 is right around the corner?
In that case you should realize GW2 is buildt on GW1 and if this is possible here it's probably possible in GW2 as well.

----------

Quote:
Originally Posted by makosi View Post
Is this why ectos went from 11k to 7k?
No, has very little relevance to that. Ecto drop has to do with people offloading them to max HoM more then anything else.

Strongboxes on the other hand dropped from ~8k to 3-4k each in a very short amount of time. I'd say this is directly responcible for that drop as well as zkeys dropping.

Premium Unleaded

Wilds Pathfinder

Join Date: Aug 2005

08 May 2012 at 21:49 - 29
It requires a specifically altered gw client that wasn't publicly released. Only a few people actually had access to it or the know-how to make the modifications regardless. I doubt ANet would do anything about it though tbh, there are far more widespread problems that exist that ANet has still turned a blind eye to. I would even wager that most, if not all the common bots currently in play are the ones publicly available to download from there, source code and all.

The ecto price drop has more to do with GW2 CB that just happened and with GW2's supposed release date nearing.

Example

Ascalonian Squire

Join Date: Apr 2012

08 May 2012 at 22:15 - 30
id say zkey drop is caused by doubled balth imp or whatever rewarding of 7th ani
and i totaly dont understand how this should be possible
Quote:
In that case you should realize GW2 is buildt on GW1 and if this is possible here it's probably possible in GW2 as well.
2 diff games, 2 diff systems same exploit ?

Motoko

Motoko

Desert Nomad

Join Date: Aug 2008

Dallas, Texas

Zero Quality [zQ] /[LaG]/[USA]/[iQ]

A/E

08 May 2012 at 22:17 - 31
You can have everyone in the game get r12 gladiator. It won't make much of a difference because anyone "that good"* is known and it will take any high-end player a matter of moments to figure out the r12 players are bad if we decide to play with any of them.



*Rank has been meaningless for sometime now - for those who are new and do not know this

Darkobra

Darkobra

Forge Runner

Join Date: Aug 2006

Scotland

Type like an idiot, I'll treat you like an idiot

E/Me

08 May 2012 at 22:51 - 32
Quote:
Originally Posted by Gabs88 View Post
In that case you should realize GW2 is buildt on GW1 and if this is possible here it's probably possible in GW2 as well.
I'm 99% sure they use different engines and systems. I don't recall GW 1 using Havok.

MithranArkanere

MithranArkanere

Underworld Spelunker

Join Date: Nov 2006

wikipedia.org/wiki/Vigo

Heraldos de la Llama Oscura [HLO]

E/

08 May 2012 at 23:37 - 33
The Guild Wars engine is called Guild Wars engine.
The Guild Wars 2 is a HEAVILY improved version of that engine.

I don't know all the technologies used in the engine, but I do know that the models are Granny in both of them, and the physics system in GW2 is Havok. GW1 doesn't seem to have a physics system at all.

Whatway

Lion's Arch Merchant

Join Date: Apr 2011

WTB Q11-13 Str -2e/-2s Eternal Shields

A/Me

09 May 2012 at 00:24 - 34
Quote:
Originally Posted by Riot Narita View Post
Dhuum will be busy. When he's good and ready.

And the people he bans... will have no HoM rewards in GW2.
A google search will show you how much each stack of ectos/zkeys sells for. Another will show how much accounts with PvP titles sell for. If you really think these folks care about HoM then you're delusional or ignorant of why they do what they do.

jazilla

jazilla

Desert Nomad

Join Date: Aug 2006

Guernsey Milking Coalition[MiLk]

E/Me

09 May 2012 at 00:48 - 35
Quote:
Originally Posted by Gabs88 View Post
I'd say this is directly responcible for that drop as well as zkeys dropping.
zkeys have been around 5-6k for a very long time now and that hasn't changed a bit.

Vovowhat11

Pre-Searing Cadet

Join Date: Aug 2010

Captians of Freakin Fun

E/

09 May 2012 at 00:52 - 36
I am just think that why spend maybe 1000-100000 dollars on fixing the problem or waiting for a tiny bit of days for GW2 to come out. Also the shop price drop is because who wants to buy Eotn for 20$ when for 60$ you get a whole new game. Normally in games when a sequel comes out the old one gets very cheap because it is OLD.

Gabs88

Desert Nomad

Join Date: Jan 2011

09 May 2012 at 00:53 - 37
Quote:
Originally Posted by jazilla View Post
zkeys have been around 5-6k for a very long time now and that hasn't changed a bit.
The wholesale prices have been around 5,6-6k for the past year (when buying from people that are selling more then like 5 of em) and they seem to be dropping. I've seen WTSs for large amounts as low as 4,5 and 5k lately.

Swingline

Swingline

Forge Runner

Join Date: Sep 2010

Somewhere far away from you

The Mirror of Reason[SNOW]

W/

09 May 2012 at 02:03 - 38
Quote:
Originally Posted by Gabs88 View Post
I've seen WTSs for large amounts as low as 4,5 and 5k lately.
... and you don't attribute that to the GW2 release being right around the corner?

If this exploit was easy to do and as wide spread as dupping was then the market would have crashed on many items that any player would take notice. The OP was probably right to post it on here because Anet needs fix something like this. If left unchecked it could become a huge problem in the future.

The Mountain

The Mountain

Forge Runner

Join Date: Jun 2006

Realm of the GWAMMs

Teh Academy [PhD]

W/

09 May 2012 at 03:39 - 39
Quote:
Originally Posted by Swingline View Post
... and you don't attribute that to the GW2 release being right around the corner?

If this exploit was easy to do and as wide spread as dupping was then the market would have crashed on many items that any player would take notice. The OP was probably right to post it on here because Anet needs fix something like this. If left unchecked it could become a huge problem in the future.
The duping exploit was not widespread in any sort of way...only a handful of people were messing with that. On the other hand, when people become involved in botting enough to make programs public, then widespread is a term that can be applied...

Lordkrall

Frost Gate Guardian

Join Date: Jan 2011

W/

09 May 2012 at 06:22 - 40
I would also assume that the dropping prices on Z-keys could have something to do with the 2 weeks double Faction gain from PVP.
Heck I could get about 1 new key each second fight in FA.