Alexandria 53 Posted July 23, 2014 Hello there, an user could get some items from this npc (it works with cash shop system). Do you have an idea how he could do it? I leave my npc: http://pastebin.com/qWhTmm7H Thank you Quote Share this post Link to post Share on other sites
0 evilpuncker 503 Posted July 23, 2014 OnBuyItem is easily hacked with WPE Quote Share this post Link to post Share on other sites
0 Litro 45 Posted July 23, 2014 OnBuyItem is easily hacked with WPE has someone report its to devs already? Quote Share this post Link to post Share on other sites
0 Alexandria 53 Posted July 23, 2014 Alright, do you have an idea on how to secure this script OR a better (safer) script to recommend please? By the way the server uses Harmony; Never had this kind of troubles before until today... Thanks for your help/recommandations Quote Share this post Link to post Share on other sites
0 Dastgir 1246 Posted July 23, 2014 OnBuyItem is easily hacked with WPEIs it really so??If yes, one can enable packet encryption to stop wpe. Quote Share this post Link to post Share on other sites
0 Angelmelody 221 Posted July 23, 2014 the below Code Snippet is dangerous , after submitting the select option, script should ValidateCost again if( select( "^0000FFPurchase^000000:Cancel" ) == 1 ){ if( getitemname( atoi( @Currency$ ) ) != "null" ) delitem atoi( @Currency$ ),@TotalCost; else{ set getd( @Currency$ ),getd( @Currency$ ) - @TotalCost; } for(set @i,0; @i < getarraysize( @bought_nameid ); set @i,@i+1) getitem @bought_nameid[@i],@bought_quantity[@i]; //message strcharinfo(0),"Received "+getarraysize( @bought_nameid )+" Items."; message strcharinfo(0),"[Cash Shop] Transaction completed."; mes "thx!"; } Quote Share this post Link to post Share on other sites
0 Angelmelody 221 Posted July 23, 2014 OnBuyItem is easily hacked with WPE http://herc.ws/board/tracker/issue-3680-npc-onbuyitem-when-attacked-by-wpe/ I think It was already fixed by Ai4rei https://code.google.com/p/eathena/source/detail?r=14616 Quote Share this post Link to post Share on other sites
0 Alexandria 53 Posted July 23, 2014 OnBuyItem is easily hacked with WPE http://herc.ws/board/tracker/issue-3680-npc-onbuyitem-when-attacked-by-wpe/ I think It was already fixed by Ai4rei https://code.google.com/p/eathena/source/detail?r=14616 Thank you but it seems it does not work anymore. Quote Share this post Link to post Share on other sites
0 iZeal 5 Posted July 23, 2014 what about the regular npc's we have by default out of the box from the git? Quote Share this post Link to post Share on other sites
0 Adam 3 Posted July 24, 2014 what about the regular npc's we have by default out of the box from the git? What about them ? Are you asking if they are safe or are you saying they are safe and should be used instead ? Quote Share this post Link to post Share on other sites
0 iZeal 5 Posted July 24, 2014 yes of course if they are safe. Quote Share this post Link to post Share on other sites
Hello there, an user could get some items from this npc (it works with cash shop system). Do you have an idea how he could do it?
I leave my npc: http://pastebin.com/qWhTmm7H
Thank you
Share this post
Link to post
Share on other sites