Tree of Savior Forum

Exploit Hidden Frames

I does not, just mentioned.
And you are right, this kind of discussion sucks.
Bye.

yeah, it should had be a problem. but when you introduce scripting, you introduce a way to inject commands no matter how you secure it and it is a problem with C++ because you could inject code as well.

it’s hard because if there is no Lua System then the C++ program would have to do most of the work, unless there are some who know what to do, but again the Lua is there for those who know Lua and can program in Lua without having to know C++ code or assembly.

I didn’t want this to turn into a lets blame brazil war for cheating. Just so you guys know I’m not from brazil I’m a white american who has a little bit too much time on his hands and knows how to take things apart. While I know often times people love to blame brazil players for everything because there’s just a lot of hate between them. This bug, exploit w/e you like to call it came from america. Yes I understand I have skoll in my name and thats also a beer from brazil but its also a mythological creature from norse mythology a wolf that chases the sun to cause the change from day to night.

If you want my opinion about how they should go about fixing it. Using a lua system for the client isn’t a horrible thing as long as its done the right way. Meaning things like skill cooldown’s timers and such like that should be completely server side. Anything that leaves formula’s client side will open the door for modification. Unfortunately it doesnt matter how they are encrypted because anyone who wants to decrypt lua files will do it. It’s completely impossible to make them completely not visible because they still have to load into the memory at some point which they can be dumped directly from memory as well.

Hackshield, gameguard and punkbuster all of these anti-hack programs are obsolete hackshield gave up service on there software this year so that ones done. gameguard theres a complete extractor on the internet to unpack and modify that one not to mention it doesn’t work with windows 10 users properly they have more problems then they should. Punkbusters used in very few games but the ones it is used in still have hacks that are active. If a anti-hack program is going to be used it has to be custom. It can’t be open source or purchasable because even your hackers are going to buy it. It’s a waste of your money to invest in a program that isn’t really going to stop or warn of hacking. And in all honesty tree of savior should be going with a custom software that detects and then notify’s for bans which should be done as hardware bans for cpu since spoofing cpu hwid can cause damage to the CPU. Harddrive bans I can get around, Network card bans I can get around easily. I wouldn’t dare mess with a CPU ban personally cause it’s not worth the risk. Its better to not give them an opportunity to hack all the client side should just not allow the user to abuse anything. All the server side needs proper checks in place to make sure the user can’t post items to the auction and force crash the game to dupe. Or speed up packets in order to teleport or speed hack.

I think they are just troll trying to gain attention for themselves, I think. I just ignore them.

It’s nice to have a community that know how to find these exploits but the trolls are just too much for me, even if I do ignore them.

Actually the C++ executable generated is just a plain executable. The main problem here is that you can inject custom code (as with any language on any executable format, be it C#, Java, C++, Delphi, Flash or so).

The best solution is to leave everything important server-side. Also, I do think it’s kinda easy to spoof the CPU check in the given process if you know what you are doing. Server-side hack detection is also possible and kind of reliable depending on the checks.

1 Like

Nice find.#

Hope it gets quashed.

Still funky about the +40 equips… and tele hacks.
Can’t see that as legit xD.