| |
|
»
»
|
|
| |
A story about a game, that changed my life
|
|
|
Daraznor
|
  |
| Joined: 17 May 2012 |
| Total Posts: 323 |
|
|
| 30 Jul 2012 05:49 PM |
Yes, you might think, I'm just a little 12'er. But you're wrong. I've played this game since 2006.
Now to my main part: Well, on some random day in 2006 I was searching for a new game, that could awake my interest. I've found the game Block__Land then, which was really great, however it wasn't that good in this time(2007 Retail version was the complete update release, which made that game 200% better). I've had a lot of fun, but then I was bored again, because players were going inactive and friends were gone either. When I was lurking around on their game's forum, I've found a thread about how Roblox is a clone of Block___Land (I think neither of them cloned it. It just did randomly happen. That happens often.) I went to roblox.com and saw the classical look. Normal chat login, and a view to the most popular places, also the famous video, with the epic music. However, It didn't convinced me yet. I've registered there with my account todd12005. (But somehow I can't enter anymore, it got PG'ed or I forgot my PW for it). I've played several games. There were 2 options: Roblox Games and User Games. I've played alot on the Roblox Games first. My favorite were Crossroads and Chaos Canyon. Later I've played in 07 one of miked's places, it was Paintball CTF and something with rollercoaster. That was the last time, I've played with todd12005. Then in 2008, I've registered again as jXPfgr44, but didn't used it for long and directly created the user Tarek701 in October 08. Roblox was really great in 2008, even 2009 was one of the good years. While in 2008, I've discovered how Roblox's algorithm is actually working. This first brought me to the idea, if it's possible to trick over the client with the server. I've discovered the CE sword exploit for myself(I don't know, if someone else has discovered either. But I expect it was dignity). I was sucessful and were able to exploit servers. Instead of destroying anything, I brought fun to SFOTHO. A bit later, I also tried to exploit other servers. I was also sucessful, when I edited the reset button script. Then I begun to tell trusted people about the discovering of that exploit. Some spread it around and it got popular. (Youtube says all, still not safe, if it was me or someone else) I've then experimented with Roblox, with help of the memory editor, and discovered another exploit. It was the "Torso" exploit. According to Assembling codes, the word "Torso" was really important, because it was the word, which is actually connected with the clients. Another script is searching for the name "Torso" as long it says Torso, the body will be stable. But when you change Torso to dorso or anything like that, it killed all people. Reason for this is, Roblox Studio used the Torso as Server part, while it's a the same time client-side. So, the name was in a conflict between the client's torso and the server's search for name torso script. I also told it some people around there. However, it got patched later. I still didn't liked the idea with using CE everytime. Because some servers, didn't had the tools, that we're that exploitable. Then I found Fiddler2 on my computer. I used it actually for HTTP Debugging on my sites to test if everything worked fine. I started it and saw that roblox is directly connected with the Toolbox. I've did some little experiments. First I took the old Help button as try, but it didn't worked, because it wasn't bind into the game. But then I saw the report button. Perfect idea. And what happened? I was successful. I found another way of exploiting. But 3 others knew about it also. Now, we were able to exploit server, without swords or even without tools. (But Torso exploit and Fiddler2 wasn't in 2008 anymore. It was in 2010 and 2011, I've made several alts in these years). I've also meeted exploiters like BLACKENED and leetHAX. They were really creative in their doing and that's actually what I really liked on them. Also, after some time around november or december 2011, the Fiddler2 exploit has been also patched. For months we were not able to do exploiting. But I decided to stop exploiting, because it was really boring after a due of time. While then groups like ExPro were formed and they created an DLL file to call up the needed functions to enable Roblox Studio, while in online mode. I've meeted them also, talked with some of them, but it wasn't really something big. Also, in 2011 25th march, I've found a leak in Roblox's database and used S(QLi) to get inside it( the brackets are for bypassing the filter). But one of the biggest exploits I've ever discovered were: The hijacking account exploit. This was the last time, that I've exploited roblox. I scammed the people with an program, if they give me their source. In my video description it was: "Source is at the My Roblox page, then press Show sites source copy and paste it and send me a PM." When I got the site's source, then I just copied the Place Hash part and pasted it inside my chat. Then I pressed on "Play" (Yes, you were able to show html stuff inside the chat, but only you could see it.) Then Roblox started, and suddendly I'm in the target's place. Then while in Roblox Studio, I opened a page to roblox. And then it showed: "Hello, *Name removed". Great! I was successful, but Phizo and the others also discovered it and used it for their purpose. Then xHTMLx released some idiot the god damn exploit and after a short period of time, it got patched. That was also my last time exploiting roblox.
But whatever I've done in my past, Roblox is still one of my favorite. Even if it changed alot and got worse in some parts, it will be still one of my favorites.
Thank you Roblox, Telamon, and everyone who worked on this great and awesome game. It will be always in my hearts until I die. |
|
|
| Report Abuse |
|
|
Daraznor
|
  |
| Joined: 17 May 2012 |
| Total Posts: 323 |
|
|
| 30 Jul 2012 05:51 PM |
| The TL;DR people can just read the last two sentences. |
|
|
| Report Abuse |
|
|
|
| 30 Jul 2012 05:52 PM |
| The last too sentances are too long, so I didn't read. |
|
|
| Report Abuse |
|
|
Hyraphax
|
  |
| Joined: 14 Jul 2011 |
| Total Posts: 22544 |
|
|
| 30 Jul 2012 05:53 PM |
| Thanks god you added that TL;DR section. |
|
|
| Report Abuse |
|
|
Daraznor
|
  |
| Joined: 17 May 2012 |
| Total Posts: 323 |
|
| |
|
| |
|
|
| 30 Jul 2012 05:57 PM |
Read the whole thing.
Exploiting seems easy in the past. |
|
|
| Report Abuse |
|
|
arbirator
|
  |
| Joined: 07 Aug 2008 |
| Total Posts: 23723 |
|
|
| 30 Jul 2012 06:01 PM |
| Yes there was a lot of hacking back then |
|
|
| Report Abuse |
|
|
scrat1908
|
  |
| Joined: 09 Sep 2010 |
| Total Posts: 215 |
|
|
| 30 Jul 2012 06:02 PM |
| Need some coffee if I should read that. |
|
|
| Report Abuse |
|
|
|
| 30 Jul 2012 06:02 PM |
| OMG ANOTHER 11er/12er WHO CLAIMS HE HAD AN ACCOUNT IN 2006! |
|
|
| Report Abuse |
|
|
Daraznor
|
  |
| Joined: 17 May 2012 |
| Total Posts: 323 |
|
|
| 30 Jul 2012 06:06 PM |
@Robloxian25537811 Omg another robloxian, which has no knowledge of 2006, 2007 and 2008 and still asserts that I didn't played Roblox in 2006. |
|
|
| Report Abuse |
|
|
|
| 30 Jul 2012 06:07 PM |
This is why they created paragraphs
Bobberkins alternate |
|
|
| Report Abuse |
|
|
sesma97
|
  |
| Joined: 15 Jul 2007 |
| Total Posts: 1183 |
|
| |
|
Daraznor
|
  |
| Joined: 17 May 2012 |
| Total Posts: 323 |
|
|
| 30 Jul 2012 06:18 PM |
So, made it a bit clearer as before.
==The Search for an new game==
Well, on some random day in 2006 I was searching for a new game, that could awake my interest. I've found the game Block__Land then, which was really great, however it wasn't that good in this time(2007 Retail version was the complete update release, which made that game 200% better). I've had a lot of fun, but then I was bored again, because players were going inactive and friends were gone either. When I was lurking around on their game's forum, I've found a thread about how Roblox is a clone of Block___Land (I think neither of them cloned it. It just did randomly happen. That happens often.) I went to roblox.com and saw the classical look. Normal chat login, and a view to the most popular places, also the famous video, with the epic music. However, It didn't convinced me yet. I've registered there with my account todd12005. (But somehow I can't enter anymore, it got PG'ed or I forgot my PW for it).
==Good memories==
I've played several games. There were 2 options: Roblox Games and User Games. I've played alot on the Roblox Games first. My favorite were Crossroads and Chaos Canyon. Later I've played in 07 one of miked's places, it was Paintball CTF and something with rollercoaster. That was the last time, I've played with todd12005. Then in 2008, I've registered again as jXPfgr44, but didn't used it for long and directly created the user Tarek701 in October 08. Roblox was really great in 2008, even 2009 was one of the good years.
==Beginning of Exploiting==
While in 2008, I've discovered how Roblox's algorithm is actually working. This first brought me to the idea, if it's possible to trick over the client with the server. I've discovered the CE sword exploit for myself(I don't know, if someone else has discovered either. But I expect it was dignity). I was sucessful and were able to exploit servers. Instead of destroying anything, I brought fun to SFOTHO. A bit later, I also tried to exploit other servers. I was also sucessful, when I edited the reset button script. Then I begun to tell trusted people about the discovering of that exploit. Some spread it around and it got popular. (Youtube says all, still not safe, if it was me or someone else)
I've then experimented with Roblox, with help of the memory editor, and discovered another exploit. It was the "Torso" exploit. According to Assembling codes, the word "Torso" was really important, because it was the word, which is actually connected with the clients. Another script is searching for the name "Torso" as long it says Torso, the body will be stable. But when you change Torso to dorso or anything like that, it killed all people. Reason for this is, Roblox Studio used the Torso as Server part, while it's a the same time client-side. So, the name was in a conflict between the client's torso and the server's search for name torso script. I also told it some people around there. However, it got patched later.
==Fiddler2 Exploit== I still didn't liked the idea with using CE everytime. Because some servers, didn't had the tools, that we're that exploitable. Then I found Fiddler2 on my computer. I used it actually for HTTP Debugging on my sites to test if everything worked fine. I started it and saw that roblox is directly connected with the Toolbox. I've did some little experiments. First I took the old Help button as try, but it didn't worked, because it wasn't bind into the game. But then I saw the report button. Perfect idea. And what happened? I was successful. I found another way of exploiting. But 3 others knew about it also. Now, we were able to exploit server, without swords or even without tools. (But Torso exploit and Fiddler2 wasn't in 2008 anymore. It was in 2010 and 2011, I've made several alts in these years). I've also meeted exploiters like BLACKENED and leetHAX. They were really creative in their doing and that's actually what I really liked on them. Also, after some time around november or december 2011, the Fiddler2 exploit has been also patched.
==DLL exploit== For months we were not able to do exploiting. But I decided to stop exploiting, because it was really boring after a due of time. While then groups like ExPro were formed and they created an DLL file to call up the needed functions to enable Roblox Studio, while in online mode. ==SQLi Exploit==
I've meeted them also, talked with some of them, but it wasn't really something big. Also, in 2011 25th march, I've found a leak in Roblox's database and used S(QLi) to get inside it( the brackets are for bypassing the filter). Forgot something: I've got unbanned several people, such like 1x1x1x1(changed his name later to request with random numbers) and so Dignity. Then I created an new account called 1x1x1x1, because the other one was changed to request(random numbers). I've played around and everyone went insane. Well, however that 1x1x1x1 account got also banned.
==Biggest and last exploit by me== But one of the biggest exploits I've ever discovered were: The hijacking account exploit. This was the last time, that I've exploited roblox. I scammed the people with an program, if they give me their source. In my video description it was: "Source is at the My Roblox page, then press Show sites source copy and paste it and send me a PM." When I got the site's source, then I just copied the Place Hash part and pasted it inside my chat. Then I pressed on "Play" (Yes, you were able to show html stuff inside the chat, but only you could see it.) Then Roblox started, and suddendly I'm in the target's place. Then while in Roblox Studio, I opened a page to roblox. And then it showed: "Hello, *Name removed". Great! I was successful, but Phizo and the others also discovered it and used it for their purpose. Then xHTMLx released some idiot the god damn exploit and after a short period of time, it got patched. That was also my last time exploiting roblox.
==Today==
But whatever I've done in my past, Roblox is still one of my favorite. Even if it changed alot and got worse in some parts, it will be still one of my favorites.
Thank you Roblox, Telamon, and everyone who worked on this great and awesome game. It will be always in my hearts until I die. |
|
|
| Report Abuse |
|
|
Phizo
|
  |
| Joined: 26 Jun 2009 |
| Total Posts: 269 |
|
|
| 11 Aug 2012 09:09 AM |
You claim to have discovered it? I'm not saying you didn't but I believe I was the first to have discovered it. I'm not sure if you meant I discovered it on my own or I found out you did it and found it that way, please enlighten me on that. I offered ROBLOX the exploit, however they didn't believe I was able to actually do it as they believe they are completely secure. I'm sure there are more ways, but I've grown bored of ROBLOX and I only come on daily to check my inbox. I visit the forum rarely also if you were going to question that. |
|
|
| Report Abuse |
|
|
|
| |
|
|
| |
|
»
»
|
|
|
|
|