API tools faq
paste
Guest User

[Suggestion] There better be anticheat in the final release.

a guest
Feb 1st, 2016
1,778
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.25 KB | None | 0 0
raw download clone embed print report
  1. [Suggestion] There better be anticheat in the final release by division_throwaway | Explanation and thread explaining the various exploits to how Tom Clancy's The Division trusts the client far too much
  2.  
  3. Hello The Division Subreddit.
  4.  
  5. I needed to get this information out somehow. I didn't want to post this on Ubisoft forums in fear of getting my account banned for experimenting/using said exploits.
  6.  
  7. I'd hope the developers are following this subreddit for information.
  8.  
  9. I'm a reverse engineer and experienced game developer that specializes in most game securities. I love this game too much to see this game go down in flames.
  10.  
  11. However, without stating anything specific on how to 'cheat' in this beta. It's scarily simple.
  12.  
  13. Everything from ammo count, level XP, Dark Zone currency, player speed are all CLIENT trusted, and take time to sync via server time.
  14.  
  15. For example. Infinite ammo is possible by removing the instruction that's responsible for adding/subtracting ammo into your player structure.
  16.  
  17. Speedhacking is possible by modifying the delta time used in the game's update.
  18.  
  19. And the speedhacking is possible for said 'invisible people'. If a player that is speedhacking runs ahead of the position stated on the server, because the client trusts the position of the players, you can very well quickly take out an enemy without them seeing you and reclaim the reward/loot.
  20.  
  21. Things such as extraction times, rogue times, and respawn times are the only thing that seems to be server side.
  22.  
  23. In the full game, I highly anticipate some sort of anticheat or method preventing any kind of open handle to the application.
  24.  
  25. I understand that this is a beta but for it to be this simple and with absolutely no way of reporting or having consequences, I'm scared for the full release.
  26.  
  27. Please discuss.
  28.  
  29. ---
  30. Edit:
  31.  
  32. Due to people such as /u/CaptainDegenerate claiming that I have been spewing false information, I gladly provided proof of my claims in these three videos below stating that everything I have said about how the player structure's information is in fact client side and not backed up by the server.
  33.  
  34. I apologize about the quality and choppiness. I use a crappy HP Elitebook laptop, so I used OBS to record and After Effects to edit these in 30 minutes.
  35.  
  36. I also apologize if this isn't enough proof for some people. Can't appease everyone
  37. ¯\\_(ツ)_/¯
  38.  
  39. ---
  40. >Video of Infinite Ammo
  41.  
  42. > * Proof that it is not a glitch by toggling it on/off and showing proof of bullets actually dealing damage/reclaiming rewards.
  43.  
  44. https://www.youtube.com/watch?v=H7klQfYYUHY
  45.  
  46. ---
  47. >Video of Speedhacking
  48. > >I apologize to the innocents I killed in this video. You were killed in the name of science ♥
  49.  
  50. > * Proof that it causes the 'invisible player' glitch and desync on the server. Enemies disappear/death locations are different than what the client sees.
  51.  
  52. > * Proof that the video isn't sped up since the delta time of the game doesn't affect the UI speed at the beginning of the video.
  53.  
  54. >* Proof that the game is in fact speedhacked/desynced showing the rogue timer stuck at 00 when toggled off.
  55.  
  56. >* Proof that the desync can cause glitches where the client can be stuck upon an object during vaulting cover since the server thinks the client is standing on ground.
  57.  
  58. >* Proof using speedhacking while extracting items does in fact work and allow the cheater to receive items in their stash.
  59.  
  60. >* Proof of respawn time being server-side due to the inability to respawn towards the end of the video even though the rogue-respawn time running out.
  61.  
  62. https://www.youtube.com/watch?v=1_lqMapJxvw
  63.  
  64. ---
  65. >
  66. Video of Rank Information being client-side
  67.  
  68. > * Proof of that the information can be changed on the fly, including proof of vendors declining purchases.
  69.  
  70. https://www.youtube.com/watch?v=DtZX_nCm3cA
  71.  
  72. ---
  73.  
  74. Edit #2:
  75.  
  76. I'm sorry but if you DO work at Ubisoft viewing this post, I assure you that "division_throwaway" isn't an account ;3
  77.  
  78. ---
  79.  
  80. Edit #3:
  81.  
  82. Wow I didn't realize this would get this much attention and front page.
  83.  
  84. I have to stress something I'm getting a lot of messages about:
  85.  
  86. **DON'T CANCEL YOUR PREORDER YET.**
  87.  
  88. This is a BETA, the game doesn't release until another month, Massive and Ubisoft can easily fix this upon release or in a later patch.
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!