Jump to content

Recommended Posts

Posted

I dont think you need either the party or the trade. You can easily get the objectId of the item in other ways. And the party, i dont get why is it needed. From a first look its just that the server thinks you are picking up his object from the ground ... So why would a party be needed ?

Posted

hm

 

when you are in party with him, send packet and (i think) this packet simulates his pick up...

if you aren't in party, you can't get weapon

i tried

Posted

So where did you find that exploit exactly ? Cause judging from what you say, you dont know how exactly it works do you :) ? ( PS texted it with codex_ex , we managed to get consumables deleted from a player without party, no pickup yet cause it still belongs in the target ).

Posted

Thats a smart guy ;) Exactly. You can get his item objectid even if he has a private shop. YOu check his private shop, get the object id, then make him friend after 4 days, get him too party, do the exploiting packet , bye bye item ;)

Posted

I wonder what will happen if the item belongs in some clan warehouse ... ;)

Hmm.. You got something in your mind, don't you? ;3
Posted

Im checking atm what ownerId the item gets when its stored to the clan warehouse. If it gets itself or zero, then assuming you know the objectid of the item that is in the clan warehouse, you can pick it up from there without any need for party :)

 

Here's part of l2jbrazil code ( same in other packs too ):

 

if (target.getOwnerId() != 0 && target.getOwnerId() != getObjectId() && !isInLooterParty(target.getOwnerId()))

{

//Here it blocks the item pick up if the above conditions work;

}

 

So it says, that each item has an ownerid. If it is not zero and not itself and the actor of pickup is not in party with the object owner then block it. So if when it gets stored in warehouse it gets a zero or self owner ;) GG.

 

EDIT:

 

Bad news : ClanWarehouse :

 

@Override

public int getOwnerId() { return _clan.getClanId(); }

 

You cant pick the clan warehouse, damn :(

 

EDIT2:

 

By the way , did anyone check freya l2jserver code ? It could be vulnerable too if this is a 0day exploit ;)

Posted

By the way , did anyone check freya l2jserver code ? It could be vulnerable too if this is a 0day exploit ;)

 

Leluche this is a very old exploit. :)

 

With this exploit you can also dupe all the items that you want. The method is the same. If works this works also dupe items.

 

ps: i will send to you the video...

Posted

Leluche this is a very old exploit. :)

 

With this exploit you can also dupe all the items that you want. The method is the same. If works this works also dupe items.

 

ps: i will send to you the video...

Yeap, I tried it. :p

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...