any new duping method?

[jianwenwu 0]

looking new dupe method anyone knows?

[MonkeyCode 453]

CO source provides a very simple but powerful antidupe, a handshake between gateserver and gameserver.
The handshake occurs right before player enters the game.
You may extract those codes to use it for yourself.

[Perseus 98]

I feel like he was asking for a way to dupe rather than a way to prevent it.

[MonkeyCode 453]

Oh, I misread. On second note,
there is serious problems of how GroupServer was designed.
Meanwhile players are in the game, if GroupServer crashes, players remain ingame.
And when GroupServer is relaunched, new-login players get transported to that GroupServer
while the players that remained online no longer have a GroupServer to claim.
This may lead to dupe if conditions are right.

So, maybe a way is to transport all players without a GroupServer to newly launched GroupServer if should it crashes.

[MonkeyCode 453]

Another thing, since antidupe falls under security.

I suggest everyone moving away from MD5 as the cipher for storing passwords.
It is known to produce the same digest given 2 different plaintext.

[Perseus 98]

RE: Moving away from MD5.

 

I've been wanting to remove the "originalPassword" column from the db and using bcrypt to hash the passwords instead. I have not read the AccountServer code extensively, but I'm assuming that most of the user login functionality happens through that. Are you aware of any place where the "originalPassword" field is being used? It's a travesty that passwords are being stored in cleartext in a database.

[V3ct0r 2,117]

On 9/24/2019 at 7:34 AM, jianwenwu said:

looking new dupe method anyone knows?

For what purpose are you asking?

[IfYouSeeMeRun 7]

Find it urself , @V3ct0r i guess to dupe on servers that are dupeable lol , tho nowdays i guess most known dupe ways are fixed and only the ones  little people know still around..., no one gonna tell u how to do that OP