[MUD-Dev] Exploits and hacks in MMORPGs

Björn Morén <bjoernen@hotmail.com> Björn Morén <bjoernen@hotmail.com>
Fri Jan 9 13:18:59 New Zealand Daylight Time 2004

What kind of exploits and hacks can ruin a MMORPG? Please add to my
list below.

Lets assume the following basic setting. Client/server architecture,
where the server runs the true version of the world. The server
sends update messages to the client app, and accepts client control
messages. Messages/packets are encrypted both ways, so packet
content sniffing and impersonation is assumed impossible. Lets also
assume that the protocol and game mechanics can't be tampered with
(to limit the scope of the question).

The enemy has great resources, but the server machine is considered
secure.  The client app is in the hands of the enemy, and will
positively be reverse engineered, and completely rebuilt to fit what
ever needs they may have.


  - BOTs

    BOTs that can perform all player commands and that are
    indistinguishable from human players.

  - Real-time information sharing

    All types of real-time information that the player's client app
    receives can also be immediately forwarded to other players,
    presumably the friendly ones.  Assume that the client app will
    be engineered into a peer-to-peer app that shares whatever the
    players want to share.

  - Static information sharing

    A pool of common knowledge usually spread on Internet
    sites. Information on quests, plots, story development, game
    mechanics, maps or similiar that will either take the edge off
    the surprises or in worst case give players unfair advantage
    over others.

  - Company corruption

    Employees will tamper with the server or share static
    information, otherwise impossible to obtain.

  - Viruses

    Intruder software that will tamper with the client app to the
    advantage of some other player.
MUD-Dev mailing list
MUD-Dev at kanga.nu

More information about the MUD-Dev mailing list