Monday, December 7, 2015

Major Game Breaking Exploit

For some reason Tree of Savior game developers thought it would be a good idea to make the whole quest system client side.  So what is possible is a number of exploits using the command which I will post belong. But you can pick up any quests in the game simply by changing the npc ID number and hitting a hot key.

<HotKey ID="FreeXP" Name="Free XP" DownScp="pc.ReqExecuteTx(&quot;RESTART_Q&quot;, 30007);" UpScp="None" Key="A" UseShift="NO" UseAlt="NO" UseCtrl="YES" OnEdit="NO" />

The above is an example of one of the quests you can pick up. But you can pick up other classes quests and be multi different classes without making new characters. People are using this to level to 200 as well.  Some quests reward items or money and that is also being exploited. But we have no idea how much is possible with client side modifying. Its possible that it is more broken then we know. For example some of what Ive found in the client itself.

ui.OpenFrame("itemdungeon");
ui.GetFrame('questinfoset_2');
ui.LBUTTONUP, "HELP_ALRAMNOTICE_LBTNUP");
ui.GetFrame("bosslist");
ui.GetDropListFrame("SELECT_ZONE_MOVE_CHANNEL")

It might be possible to get items from a command in game. Or possibly to open the GM command window. The bugs from this are also confirmed to be working on Korea so it is not just the English server which has this problem. The bad thing is that the client will need to be reworked or people will still be able to get around and do this using programs like Cheat Engine or LUA modification's. We would not want to see the game get ruined for release. So I hope IMC games takes this seriously.

No comments:

Post a Comment