I've made a dedicated server today and dug around in the database a bit. When my gf joined, she spawned quite far from me, and to save her some time I decided to "teleport" her to me by changing her GeoID close to mine. (Having suspected that the lowest order bits represent a coordinate, which was since confirmed.)
She did not teleport to me as long as she was logged in, but instead her GeoID was reset to where she saw her character standing. This leads me to believe, that the client takes precedence in this, and maybe more cases. Thus it would probably be possible to make a memory hack into the client and successfully teleport around, with the server blindly accepting it.
I don't really have a good idea how to tackle this, since constantly making the server leading in movement updates would certainly be insanely sluggish. Maybe a periodic plausability check could be made.
But I mainly wanted to just throw this concern out there. For now it's of not too much consequence, but once MMO goes live as 1.0 this may become harmful.
Potential source for exploit (?)
1 post
• Page 1 of 1
-
Shu - Posts: 84
- Joined: 23 Sep 2014, 19:16
Potential source for exploit (?)
by
Shu
» 26 Sep 2014, 21:23
1 post
• Page 1 of 1