By Joe Schultz
As long as there have been video games, there has been some part of the user population trying to find flaws in games for a player’s benefit. Most games require one of two things, either time or skill. And sometimes there is just a matter of money. If someone spends copious amounts of time in a game, to improve their skill or get better in game items/stats/bonuses, or if they spend money on a game, they will not be happy when they learn of someone disregarding all of that by quickly exploiting a bug in the code.
Exploiters may take the argument of “well they should just fix the code.” The problem with this is that the game developers cannot always quickly find a way to fix an exploit, nor might they know about it for some time. Standing Stone Games, a gaming studio based in Boston, MA developed Dungeons & Dragons Online, a Massively Multiplayer Online Role-Playing Game (MMORPG) based around the well-known game Dungeons & Dragons. They have added a section about exploiting the game into their End-User License Agreement (EULA), as many companies tend to do.
In DDO, most of the item duplication that has occurred has generally been found to be used with packet-dropping. This is the practice of desynchronizing the client game-state versus the server game-state by dropping packets that do not update one side or the other. Standing Stone Games has specifically tried to stop this by making your item bank close if you drop any packets at all. As a player, I can say this is quite annoying as packets will just drop randomly for now reason.
A ”duper” (a person who duplicates items) would go about this by moving an item on their end, letting the server know that they have done so, then dropping the response, allowing them to show that they have the item in their bank on the client side, and in their inventory on the server side. This leads to two different items being made, allowing the owner to turn one item into two.
On a technical level, you may not know exactly what to be searching for in the packet headers/data. I have never violated EULA of Dungeons & Dragons Online and the following only a speculation, but my best theory of how this would work is by a certain percentage of packets.
In Linux, this can be done by using the Traffic Controller in the Linux kernel. For example, you can do sudo tc disq add dev ens160 root netem loss 2% and two percent of all packets will be dropped. Basically, you can keep moving that item back and forth between the bank and your inventory until the “desync” occurs and you end up with two items. This is why Standing Stone Games has implemented a way for the bank to close when a packet is dropped.
Of course, I can see ways around this, such as trading between characters, or using the in-game mailing system to mail an alternate account or a friend an item. There is no definitive published way at this time for item duplication to occur, but these are my best assumptions of how it could be done. Expensive items around USD $70 has been duplicated recently and sold in the game. However, Standing Stone Games has been active about banning accounts that have been involved.
Issues like this will continue to pop up in all games as programmers aren’t perfect, and they can’t test/theorize every scenario. Many instances of the exploits in Dungeons & Dragons Online has been reported by community members who want the game to continue being a fair ground for all players to build on.
By Joe Schultz