Flitterkill July 14, 2012 Share Flitterkill GC Board Member July 14, 2012 Legit unfortunately. Some folks have broken out the hex editors and are hacking at the bid and buy it now buttons apparently allowing them to buy out items at the initial listing price, not the buy out price. Options: 1) Wait until this is patched. 2) Set a comfortable starting bid to protect yourself. Enjoy! Link to comment Share on other sites More sharing options...
lousiest July 14, 2012 Share lousiest Member July 14, 2012 Thanks for the info FK Link to comment Share on other sites More sharing options...
Sedah July 14, 2012 Share Sedah Member July 14, 2012 I salvage most of my stuff and sell in /trade chat -_- taht 15% is huggggge Link to comment Share on other sites More sharing options...
JackieChan July 14, 2012 Share JackieChan GC Alumni July 14, 2012 I guess more people should just make the starting bid the same as the buyout price like I always do...or did. Link to comment Share on other sites More sharing options...
crasx July 14, 2012 Share crasx GC Alumni July 14, 2012 thats bad programming on diablos part. never trust the user Link to comment Share on other sites More sharing options...
lousiest July 14, 2012 Share lousiest Member July 14, 2012 never trust the user qft Link to comment Share on other sites More sharing options...
VooDooPC July 14, 2012 Share VooDooPC Member July 14, 2012 thats bad programming on diablos part. never trust the user Turns out the devil is a pretty crappy programmer. Link to comment Share on other sites More sharing options...
Sky July 15, 2012 Share Sky Member July 15, 2012 (edited) i blame the novice programmers activision-blizzard hires. i mean, "let's fire the diablo developers, and then make diablo 3 with a fresh team." I mean, people narc on torchlight as a diablo clone, but those people don't realize that the team developing torchlight is the team that created diablo 1 and 2. And that's why diablo 3 is so different, and so freakin broken. Ugh. just remember, don't believe everything you hear. If this came from a diablo 3 post and you didn't discover it yourself, it's most likely dismissable. A lot of topics started by people are just garbage, like the session id spoofing which is impossible. A while back, I farmed out two storm shields, and bought a third, and when I saw what the third was going for on the AH, i bought it out, and then posted on the diablo 3 forum how funny it was that I bought a storm shield for 1000 gold. And the guy who sold it posted on there accusing me of hacking him. Which is just why you can't believe what people say. But, since the post is buried, I at least thought someone here might get a good kick out of it. It was a low-end stat shield, but, still, the block % is reason enough to own one. But if you really want to follow the rumor mill, just do what jackie and i do, set your B/O to your Bid. Edit: Always search for people who accidentally post stuff below what they thought they posted it for. If it's something worth a lot, chances are they'll post one of those "i got hacked" posts =p Edited July 15, 2012 by Sky Link to comment Share on other sites More sharing options...
Flitterkill July 15, 2012 Author Share Flitterkill GC Board Member July 15, 2012 Sky can evaluate the following Hex Editor (recommended to use Hex Fiend if you are using Mac) Steps on using Diablo 3 Exploit RMAH Bid Cheat Note that the steps in here are only an educated guess on how Diablo 3 hackers perform the Diablo 3 RMAH bid cheat. We will not spoon feed you on how to use some of the tool involved in this. We will just quickly brief you on how the process is done. Look for an item using the RMAH. Dump the memory. (memory editor can also be used) Scan for the item memory address (E.g. 0x1b450c60) Find the “real” reference for the item. Find the hex values for the bid confirmation and buyout confirmation. Switch the bid confirmation with the buyout confirmation. Find the hex values for the bid button and buyout button. Switch the bid button with the buyout button. Click the bid button. Tada! I use these guys as my Diablo news source - have for over a decade. If they post up about it, I'm inclined to trust them. http://diablo.incgamers.com/blog/comments/nasty-auction-house-exploit Link to comment Share on other sites More sharing options...
Sky July 16, 2012 Share Sky Member July 16, 2012 Alright, so I've taken some time to play around with this, and, I admit, I seriously didn't think the developers could accidentally leave something like this available to clients, which is why I shot it down so quickly. So, here's how it works. The best way to make a general example is to open visual studio, and create a win32 application. Win32 tutorials often start out with their own version of hello world, which has you typically create a box, and a button, which when you press, screams "hello world!" into it. The way it works is each button is assigned a memory address. You've seen memory addresses before if you've ever played with a game genie, and effectively, this trick is effectively like plugging a game genie into diablo 3, or any other game, which is why certain modifications on the genie worked, while others didn't. When you run a memory dump on this little program you've built, you'll see the hex value for the hello world button. As we all know, Diablo 3 uses an mmo standard, but creates separate instances for players, and restricts those instances to small groups of players. It's like joining a raid group in an mmo. You go into that dungeon, and it creates a separate instance for you, but you are still connected to a server, which is relaying information back and forth. Typically, the server forces clients to adhere to certain rules. The server being the centralized location or target locations where clients connect and send information to, as well as receive information in return. The client is each player's system. Typically, you send information to the server, it evaluates it, determines if it's legitimate, and depending on A or B, it sends certain information back to the client. We can sort of see how hastily thrown together the Diablo 3 Auction House is. It suffers from vulnerabilities not present in World of Warcraft, in which we can't hack the auction house in this fashion. Unfortunately, after playing around with hexedit, I'll confirm the above, which is apparently disturbing. See, when you make a change to a memory address, typically, the server has fail safes built in to catch it and say something like "Whoa dude! You hit the bid button, not the buyout button!" but in this case, it takes whatever the client says to the server and let's it go through. This is particularly disturbing, because when a player disconnects prematurely, even if the player doesn't die on his screen, and he does on the server, the server then relays that back to the player. So, in Diablo 3's case, as long as the client is actually connected to the server, the client is the overriding force. Meaning the server checks with the client to determine if the action is valid, and it's generally the client -> server <-> client , but in this case it's client <-> server -> client. My honest conclusion, from being a software developer most of my life is that this had to be left intentionally by the developers. I just can't fathom how else it would be able to validate itself against the server. I can't begin to understand why they'd leave it in, but anyone who knows anything about programming would have prevented this. With further inspection, though, if you take a look, you'll notice there are hidden buttons on the auction house, that aren't visible on your client. I'd test out what they do myself, but I'm not really into getting banned. At the same time, this isn't easily detectable, at least not at this time with the current code. If this was being detected, the server would stop the action before it was successful. With that being said, I highly doubt this is being logged, either. All in all, I'm disturbed. I'd say put your items up for the buyout price without a low bid, like jackie and i do. 1 Link to comment Share on other sites More sharing options...
lousiest July 16, 2012 Share lousiest Member July 16, 2012 can the client be patched by bliz? Link to comment Share on other sites More sharing options...
Sky July 16, 2012 Share Sky Member July 16, 2012 (edited) Well... It seems to be that the servers are assuming that whatever the client is sending must be correct. Period. "In my haste, I forgot coke." Upon further inspection of the whole fiasco, I figured out some more things, and walked nightling how to do it. I did this privately, as I think everyone can understand why this shouldn't be public. I did want to at least clarify what I meant about game genies. you could use alphanumeric values ranging from 0 to 9 and a to f. [65][6e][74][2e][43][6c][6f][73][65][42][75][74][74][6f][6e][00] What blizzard really needs to do is patch the server, to always check client files each time a client connects, much in the way that sv_pure 1 in left 4 dead enforces file purity, i.e. vanilla files. Check the hash tables, etc. As of now, it doesn't matter if they force you to download a new client during an update. You can simply edit the files and reassign the memory addresses, much in the way we used to edit the dll file that prevented us from using the riot shield or cs_knife in left 4 dead, make the change, and save. With that being said, no, you won't get banned for using this trick, because as of right now, they can't detect it. Edit: Blizzard claims to have hotfixed it. I assure you, it is not fixed. I'm fairly confident this is another one of their "Let's say it's fixed so people stop spinning the rumour mill." So, I actually talked with another programmer, whose response to it was: "... that's terrible, clearly it was an interns job... no programmer would truck that up that much." And now, time for bed. ~<:-) Edited July 16, 2012 by Sky Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now