|
Packetgate - Results
[+]
[+]
By Mafai 2019-11-16 21:16:27
I'm not sure why anyone even crashed the medal market to begin with.
The exploit was capable of making unlimited gil directly.
[+]
Asura.Eiryl
Serveur: Asura
Game: FFXI
By Asura.Eiryl 2019-11-16 21:17:03
They didn't know that though
If they did, they would've just cashed out made a hundred grand and bailed. ( I would've )
Dupe could've gone on even longer, and there would've been no clues since gil is "invisible" Got greedy with the medals and got caught.
[+]
[+]
By Mafai 2019-11-16 21:20:29
It still would have been realized, m/dollar price was tanking.
Asura.Eiryl
Serveur: Asura
Game: FFXI
By Asura.Eiryl 2019-11-16 21:21:31
It's been tanking for a year, it only got noticed because people had way to many medals
Suspected, but nothing was too extraordinary.
If they would've just kept feeding shields medals on the dl they'd still be getting away with it.
[+]
[+]
By Ashleyz 2019-11-16 22:14:16
I agree with Dexterm that "if" anyone on the Windower Team knew about this exploit prior to Thorny's discovery, they should have perused the moral high ground and report it to SE. I also understand why Thorny went about his method to make sure SE got the message loud, clear, and not able to sweep it under the rug. And Eiryl, you are completely correct about the long term devaluation of Beastmen and Kindred Medals, I haven't sold any metals in a long time because I refuse to devalue the time I invested in Dynamis D. Everyone who does Dynamis D was cheated out of the full price of their time investment. Think of it as in terms of taxes, you earn a certain amount of money per month and the government slowly increases taxes every paycheck, you are still working the same hours but your paycheck keeps getting smaller and smaller. This is something that should outrage every player that has sold a medal and not gotten the full value on their time investment.
Shiva.Thorny
Serveur: Shiva
Game: FFXI
Posts: 2770
By Shiva.Thorny 2019-11-16 22:17:12
Windower team has reasonable deniability, because people say dumb *** all day long in the ashita discord and I'm sure it's the same in windower. They aren't any more responsible just because someone happened to post it there, buried in an addon nobody was using, that wouldn't be able to do the exploit on it's own anyway. Expecting them to not only catch the error in someone they don't care about's addon, but assume it had any deeper meaning, and try it on other items is absolutely ridiculous.
The secret to eternal life could be buried in some dumbshit's addon in ashita discord, and I'd never find it because I'm not looking.
If you have any actual evidence they were doing it, sure. But, Chiaia and his 100m is nothing. 100m is pennies to people who had this. Maybe he bought it, maybe a friend gave it to him, who knows? I've given more than that to my friends before.
For that matter, unless you've got some huge grudge against him and actively track what he's doing, who are you to say he doesn't play enough to make that gil? This really just reads like you're either upset about the exploit and looking for someone to blame, or really don't like Chiaia and want to throw something at him.
By Ashleyz 2019-11-16 22:20:26
I wasn't speaking of Chia directly, 100m is a small amount of gil, I was saying if anyone on the team that seen it.
Shiva.Thorny
Serveur: Shiva
Game: FFXI
Posts: 2770
By Shiva.Thorny 2019-11-16 22:21:01
My last post was directed at Dexterm.
Shiva.Thorny
Serveur: Shiva
Game: FFXI
Posts: 2770
By Shiva.Thorny 2019-11-16 22:40:27
Yea, maybe someone could've known. But, in reality, that just amounts to slander. You basically name dropped Chia, over some extremely tiny purchases. You have no evidence anyone knew. 'Someone could have known', yea. But, that could be said about any circle or anyone, you just chose to single out windower and Chiaia.
To my understanding, the medal comment he posted was not sent to windower or Chi, all he did was ask Chi to remove the addon where he made that mistake. It probably took him that long because he didn't realize the mistake was made until much later. Sending a storage slip multiple times is probably not discernible from sending it once.
Asura.Chiaia
VIP
Serveur: Asura
Game: FFXI
Posts: 1656
By Asura.Chiaia 2019-11-16 22:40:50
know that he doesn't actively make gil in game You saw me make gil for the first year plus you knew me. Then towards the end yes I didn't have a desire to do Dyna D and I leeched for RP if there was open room. We merced how many OUs together for a year +, how many ambus between us or with Kinggalka. Anyway like I said the month RDM and PUP could solo Ambu I used every lvl 1 mule I could and payed for those 1m dollar runs that netted me a ton of profit.
Anyway I'm done with this I didn't know about the exploit and Elidar asked to delete an addon posted in Feb. Sorry he put that line of text under the August photo but you can ask him personally which one he was referring to even though I posted images.
Lakshmi.Byrth
VIP
Serveur: Lakshmi
Game: FFXI
Posts: 6184
By Lakshmi.Byrth 2019-11-16 22:54:51
Y'all don't seem to realize that the Windower dev team besides Chiaia (last time I checked) doesn't play FFXI. There is no one else that could have used it.
I am in the dev channel there (other channels have always had too much chatter for me to get anything out of them in finite time, as Thorny said) and saw nothing about this until this thread.
There are occasionally exploits or weird packet things found by Windower team, but they cannot be responsible for the security of FFXI. One reason is, again, finite time. A second reason is that SE practices digital security by obscurity, which means it is difficult to help them fix their bugs because they like to shoot the messenger. I would bet there is no quicker way to get a ban than sending SE a bug report with POC that you executed from your account. Your hat cannot be white enough to protect you from SE. Final reason is that FFXI is massive, old, and was written by console designers making an MMO for the first time. They trusted basically everything the client sent.
Ramuh.Austar
Serveur: Ramuh
Game: FFXI
Posts: 10481
By Ramuh.Austar 2019-11-16 23:02:05
to be fair, the terms of service do say something about "reverse engineering" so they have every right to ban you for it
[+]
Lakshmi.Byrth
VIP
Serveur: Lakshmi
Game: FFXI
Posts: 6184
By Lakshmi.Byrth 2019-11-16 23:03:48
to be fair, the terms of service do say something about "reverse engineering" so they have every right to ban you for it It is still security by obscurity and they are still idiots running an online game whose economy has been defined by exploits since inception.
Maybe the problems are related.
Serveur: Asura
Game: FFXI
Posts: 3113
By Asura.Aeonova 2019-11-16 23:13:24
Nobody really owes anyone any explanations or should have to justify their gil income.
Asura.Eiryl
Serveur: Asura
Game: FFXI
By Asura.Eiryl 2019-11-16 23:17:47
Just for the record, is anyone counting the colossal amount of noteworthy exploits?
Cashmere unlimited gil (tavnazia, barone)
"fishing up basically anything" (fishing data table)
Dupe that was active in 2005ish I don't know much about it
"wall of justice" "pinning" (this is actually still active, by the way)
2006(?) dupes of some kind caused the infamous christmas sale (this was multiple dupes apparently, Dbox dupe, AH dupe, reward dupe)
Salvage dupes
Einherjar unlimited ichor
WoE dupe/underflow
ToM underflow (is that the same one as woe?)
The bats with the goblin, not 100% sure what this was either
All the mobs for "sunshine seeker" were killed in town
Salvage respawning
Dynamis resets
Unlimited cards at the goblin
Unlimited gil at the repository
This new one, whatever we're defining it as, 2019
I'm probably missing a few
I can't believe I forgot the crafting torques, christ.
(honorable mention for 'rerolling')
Serveur: Asura
Game: FFXI
Posts: 3113
By Asura.Aeonova 2019-11-16 23:23:53
I wasn't around for the "fishing up basically anything", but, as I understand it, that's where a lot of the random-*** auto-translate stuff came from. I wish someone that was there could explain it more. I enjoy capturing strange auto-translate stuff and putting it in my bazaar message. I have period autotranslated, but can't move it, sadly. Stars, boxes, triangles. Stuff like that. Thoughts?
By Josiahafk 2019-11-16 23:25:51
Just for the record, is anyone counting the colossal amount of noteworthy exploits?
Cashmere unlimited gil
"fishing up basically anything" (fishing table)
Dupe that was active in 2005ish I don't know much about it
2007 dupes of some kind caused the infamous christmas sale
Salvage dupes
Einherjar unlimited ichor
WoE dupe/underflow
ToM underflow (is that the same one as woe?)
Salvage respawning
Dynamis resets
Unlimited cards at the goblin
Unlimited gil at the repository
This new one, whatever we're defining it as, 2019
I'm probably missing a few
(honorable mention for 'rerolling') you're forgetting the most vile and truly evil one.
Standing in grauberg on vanilla.
By Chimerawizard 2019-11-16 23:40:26
Just for the record, is anyone counting the colossal amount of noteworthy exploits? Unlimited Dark clusters from moogle.
more honorable mentions;
Fishing 0s wait bite; 0s wait catch.
Dynamis resets should be on there twice. >_>
*first one reset the zone itself so everything except the hourglass's expiration date is reset, letting the LS re-farm TE's endlessly ... except no one wanted to do that much dyna.
There was a repeat of the cashmere gil, with some item & npc in adoulin for two weeks, but it wasn't that great a profit per cycle, like a few thousand gil each stack.
crafting torques everywhere!
find voidwalker NMs the easy way.
mug > zone to reset recast and mug again at the other zoneline.
Serveur: Bahamut
Game: FFXI
Posts: 1781
By Bahamut.Celebrindal 2019-11-16 23:45:48
Just for the record, is anyone counting the colossal amount of noteworthy exploits?
Cashmere unlimited gil
"fishing up basically anything" (fishing table)
Dupe that was active in 2005ish I don't know much about it
"wall of justice" "pining" (this is actually still active, by the way)
2007 dupes of some kind caused the infamous christmas sale
Salvage dupes
Einherjar unlimited ichor
WoE dupe/underflow
ToM underflow (is that the same one as woe?)
Salvage respawning
Dynamis resets
Unlimited cards at the goblin
Unlimited gil at the repository
This new one, whatever we're defining it as, 2019
I'm probably missing a few
(honorable mention for 'rerolling')
Oh the memories......god that Christmas sale I had completely forgotten about that business. I swear gilbuyers funded me leveling Clothcraft thru buying my overpriced random ***.
By Shichishito 2019-11-16 23:56:28
how many of those are reiterations of the same exploit or concept and shouldn't have happend again in the firstplace?
Asura.Eiryl
Serveur: Asura
Game: FFXI
By Asura.Eiryl 2019-11-17 00:08:41
how many of those are reiterations of the same exploit or concept and shouldn't have happend again in the firstplace? About half of them come down to "telling the game to do something it shouldn't" aka "packets"
The other half are "seeing things that you shouldn't" or "telling the server your location, tricking it"
Cashmere/Adoulin food(?)/pinning was just simple stupidity
[+]
Serveur: Asura
Game: FFXI
Posts: 3113
By Asura.Aeonova 2019-11-17 00:09:51
how many of those are reiterations of the same exploit or concept and shouldn't have happend again in the firstplace?
Serveur: Cerberus
Game: FFXI
Posts: 4415
By Cerberus.Senkyuutai 2019-11-17 00:45:45
Y'all don't seem to realize that the Windower dev team besides Chiaia (last time I checked) doesn't play FFXI. There is no one else that could have used it.
I am in the dev channel there (other channels have always had too much chatter for me to get anything out of them in finite time, as Thorny said) and saw nothing about this until this thread.
There are occasionally exploits or weird packet things found by Windower team, but they cannot be responsible for the security of FFXI. One reason is, again, finite time. A second reason is that SE practices digital security by obscurity, which means it is difficult to help them fix their bugs because they like to shoot the messenger. I would bet there is no quicker way to get a ban than sending SE a bug report with POC that you executed from your account. Your hat cannot be white enough to protect you from SE. Final reason is that FFXI is massive, old, and was written by console designers making an MMO for the first time. They trusted basically everything the client sent. As an employee I reproduced a certain exploit years ago after getting my hands on a certain addon.
I raised the issue to Japan (while on shift), they asked me to make a proper report and send it to the devs directly.
I reproduced it with a normal account (not GM since Windower was involved), videos and stuff, the addon in question, a guide and even chatlogs pulled straight from the GM tool. I had a SGM vouch for me so that my character wouldn't get banned (we went above and beyond on that one).
They thanked me and stuff, exploit fixed within a day.
A few weeks later we receive the list of accounts to be terminated, the account I used was on the list.
Suiciding an account per exploit fixing is clearly not worth it and is plain stupid. We were lucky this time, the next big exploit may not be solved that easily.
[+]
Serveur: Asura
Game: FFXI
Posts: 252
By Asura.Friedrik 2019-11-17 00:45:47
It still would have been realized, m/dollar price was tanking. The people that aroused suspicion on Asura were legit potatoes, they weren't going to figure out the wider scope of the exploit.
By Shichishito 2019-11-17 00:47:45
how does it happen over and over again?
if they had a dedicated team for FFXI they'd anticipate a similar exploit cause they had to deal with it in the past. do they always reaasign differnt employees for new content without properly briefing them or do they simply not care at all?
Quote: Regarding an Item Duplication Exploit
Good day, adventurers. This is the Special Task Force (STF), the team charged with investigating and suppressing unethical conduct that negatively impacts players’ FINAL FANTASY XI experience.
Several days ago we confirmed that some players were using an external program to create duplicates of specific in-game items. We would first like to apologize for the concern that this has caused, as bits and pieces of this information were posted on unofficial fan sites and message boards.
This message is to inform you of the measures we have taken to address the exploit and the punishment disseminated to the culpable parties.
Background Information and How We Have Addressed the Exploit
On the night of November 12 (Japan time), we received a bug report stating that it was possible to receive an unlimited number of Beastmen’s Medals and Kindred’s Medals. We acted immediately to verify the report, and determined that it was, in fact, possible to duplicate the items in question. We consulted with producer Akihiko Matsui and temporarily removed the affected NPC as a provisional emergency measure.
The development team then undertook a detailed investigation and confirmed that the exploit did exist and pinpointed concrete methods for consistently reproducing said exploit. As part of the emergency maintenance on November 14 (Japan time), we implemented a server-side fix addressing the exploit and have confirmed that it is no longer possible to duplicate items in this manner.
Player Punishment for Abuse of the Exploit
While the development team worked to fix the underlying cause, the STF focused on investigating suspicious players. We have completed our investigation of all characters who interacted with the NPC in question from early last week until the NPC was temporarily removed, and discovered that 45 players used the aforementioned exploit. We terminated the accounts of those 45 players on November 13 (Japan time).
We take the integrity of the game very seriously, and are widening the scope of the investigation to determine if any players used this exploit before the period in question, and whether or not it was possible for similar exploits to be used on other NPCs or items. If we discover any related conduct, those players will be punished in the same manner.
As we have communicated to players since the game’s inception, the use of external programs in FINAL FANTASY XI violates the Terms of Use, and we will take all necessary measures against players who do so, up to and including account termination. We would like to take this opportunity to again warn you against using such programs, as doing so will put your account in jeopardy.
If you witness any suspicious activity in-game or read information on how to perform such activities on external sources, do not try them yourself or distribute the information to others, and instead report them to the STF immediately.
We will continue to remain ever vigilant against suspicious activity in FINAL FANTASY XI and ask for your continued support in ensuring a level playing field for all players.
|
|