How one small exploit ruined all Entropia market in 3 years.

Status
:scratch2:
I don't even know how to respond to this post other than if I could somehow convince people that thorifoid hats are indeed made of tinfoil!


Cheers,
Salty

for me it is just too many coincidences...

0. MA programmed this game
1. there is this thing that you pay 20 ped for something that costs 60 ped, but you don't get any 7 ped claims?
no one could show since now that you get 1/3 size claims...
2. one sceptic tests and says " wow other than i expected"
3. the other sceptic is not finish with testing yet..but his results since now match the "exploit" theroy exactly and perfect since now..
4. there are some things i didn't understand really like a fishy guys beahviour (pressing out as many % with unfair tricks and then gamble on high amp treasures on ark underground?) or why you would make a new ava to make high level mining?..that make prefect sence to me now..
...and some minor things more...

i am really an objective and sceptic thinker...i don't come to final conclusion quickly and i am not 100% convinced yet that this really is exploit...

but the facts and non-facts really point towards the direction that we got a bug which could be heavily exploited since treasure was introduced and enm+ore combined...
 
Last edited:
all amps except lvl5 type, even unlimited ones.

Not true. And as nicely as I can put this...THIS is something you should be doing since this is your thread! :swoon:


Name, Cost per search (ped), Amp tt(ped), 3%(ped), Triple(ped), Lowest possible final drop tt, Net + or - from true zero when final drop triple dropped,

D-Class Mining Amp (L) 4.00 160 4.80 12 8 -4.00
DSEC Seeker Amplifier III (L) 2.85 268 8.04 8.55 8.65 .10
eMINE Amplifier I (L) .75 105 3.15 2.25 3.75 1.50
eMINE Amplifier II (L) 1.50 105 3.15 4.50 3.50 -1.00
Level 1 Finder Amplifier .25 78 2.34 .75 unsure of minimum repair value ?
Level 1 Finder Amplifier (L) .25 78 2.34 .75 2.50 1.75
Level 1 Finder Amplifier Light (L) .25 30 .90 .25 1.00 .75
Level 2 Finder Amplifier .50 78 2.34 1.50 unsure of minimum repair value ?
Level 2 Finder Amplifier (L) .50 100 3.00 1.50 3.00 1.50
Level 2 Finder Amplifier, SGA Edition .50 78 2.34 1.50 unsure of minimum repair value ?
Level 2 Finder Amplifier Light (L) .50 50 1.50 1.50 1.50 0
Level 3 Finder Amplifier 1.00 114 3.42 3 unsure of minimum repair value ?
Level 3 Finder Amplifier (L) 1.00 114 3.42 3 4.00 1.00
Level 3 Finder Amplifier, SGA Edition 1.00 114 3.42 3 unsure of minimum repair value ?
Level 3 Finder Amplifier Light (L) 1.00 75 2.25 3 3.00 0
Level 4 Finder Amplifier (L) 1.50 150 4.50 4.50 4.50 0
Level 5 Finder Amplifier 2.00 113 3.39 6 unsure of minimum repair value ?
Level 5 Finder Amplifier (L) 2.00 200 6.00 6 6.00 0
Level 6 Finder Amplifier (L) 2.50 250 7.50 7.50 7.50 0
Level 7 Finder Amplifier 3.00 120 3.60 9 3.68 -5.32
Level 7 Finder Amplifier (L) 3.00 120 3.60 9 6.00 -3.00
Level 8 Finder Amplifier 4.00 160 4.80 12 unsure of minimum repair value ?
Level 8 Finder Amplifier (L) 4.00 160 4.80 12 8.00 -4.00
Level 9 Finder Amplifier (L) 5.00 260 7.80 15 10.00 -5.00
Level 10 Finder Amplifier (L) 7.50 300 9.00 22.50 15.00 -7.50
Level 11 Finder Amplifier (L) 10.00 350 10.50 30 20.00 -10.00
Level 12 Finder Amplifier (L) 15.00 255 7.65 45 15.00 -30.00
Level 13 Finder Amplifier (L) 20.00 340 10.20 60 20.00 -40.00
Level I Finder Amplifier 'Achilles' (L) .25 89 2.67 .75
Level II Finder Amplifier 'Achilles' (L) .50 115 3.45 1.50
Level III Finder Amplifier 'Achilles' (L) 1.00 131 3.93 3.00
Level VII Finder Amplifier 'Athena' (L) 3.20 198 5.94 9.60
Level VIII Finder Amplifier 'Athena' (L) 3.80 208 6.24 11.40
Terra Amp 1 (L) .80 45 1.35 2.40
Terra Amp 2 (L) 1.60 195 5.85 4.80
Terra Amp 3 (L) 2.50 300 9.00 7.50 10.00 2.50
Terra Amp 4 (L) 3.50 315 9.45 10.50 10.50 0
Terra Amp 5 (L) 4.50 325 9.75 13.50
Terra Amp 6 (L) 6.00 338 10.14 18 14.00 -4.00
Terra Amp 7 (L) 9.00 360 10.80 27 18.00 -9.00
Terra Amp 8 (L) 12.00 385 11.55 36 13.00 -23.00
Terra Amp 9 (L) 16.00 400 12.00 48 16.00 -32.00
Terra Amp 10 (L) 20.00 442 13.26 60 22.00 -38.00
Terra Amp I 'Athena' (L) .40 64 1.92 1.20
Terra Amp IV 'Athena' (L) 1.20 134 4.02 3.60
Terra Amp VI 'Athena' (L) 2.60 188 5.64 5.80


Fuck! it looked so nice before I posted it!...oh well you can still read it...that took me like 2 hours :(

Some of the amps I didn't compute yet because it takes too long for me to figure out the tt of the lowest possible dropping point. So I just the bolded the ones that show how far above or below zero you can get the amp. (sorry about the bolding, haters, but I had too :p)

One thng i want to verify, i cant remember...you can still drop an amp when the tt is exactly the same as the 3% condition limit right? I think so but not positive.

And if anything is wrong so far, let me know I will fix it.

EDIT: Nvm, I see one already...the UL amps do not have the same minimum dropping point... They can be repaired up to some x number, but I don't know what that is cuz I dont own any. Ok I added with Drew's info...I know the slider moves in chunks, so if anyone else can repair an UL amp as little as possible over the 3% limit, I will appreciate the info. Anyways, fixed the numbers above to reflect this.
 
Last edited:
Good job. Thank you
 
Last edited:
noobish question : may be this was well known by MA and it was designed in this purpose, so some people will take care when their amp is TT=20 to change settings (to search ore+enmat+tres), and other people will do it straight without analyzing the problem ? No ? This is not possible MA did this in this purpose ?

P.S. I have ready only 50% of all posts, i do not want to offend anyone, i really wonder if it was not designed like this by MA knowing all the consequences of that
 
the major problem MA dont think when they implement somthing new

before if you want the mine ore you had to use a ore finder same for enmater they never check when
they put both toghether to see if the min tt was good anouf after that treasure came that 3 item per drop

if he getting close to 100 percent what do you thing if he was mining treasure also i would bet it would be close to 130% or more

instead of making new stuff go over what you have and fix everything AHHHHHHH they dont loose anything

its us player that pay for it when the dont make aouf money they past the buck to us we pay more
 
noobish question : may be this was well known by MA and it was designed in this purpose, so some people will take care when their amp is TT=20 to change settings (to search ore+enmat+tres), and other people will do it straight without analyzing the problem ? No ? This is not possible MA did this in this purpose ?

P.S. I have ready only 50% of all posts, i do not want to offend anyone, i really wonder if it was not designed like this by MA knowing all the consequences of that

Yeah I think MA figured we were all smart enough to decide when it was best to whip out a triple drop...so I think with L amps, there is little problem except that Ark gets to triple drop and no one else does.

Also, because I feel that the effects of doing this with the L amps is still something that MA has figured into the loot, and therefore has little effect on overall returns, I DEFINITELY see where this might be a bigger problem...and that is with repairable UL amps.

So I think the OP was right there might be a problem, but I think it lies less with the L amps, and more with the repairable ones. If I spend 470 ped for a L13, I get only the 40ped of "bonus" (if it exists) when triple dropping. But if one spends 470 ped repairing an UL L7 amp, roughly 270 ped of that 470 is "bonus" when triple dropping. SO the MAIN effect that OP was worried about lies not in L amps, which we all have access to and can figure out the best way to use, but to the UL amps.

Then this begs the question, if UL amp owners do this, does their loot get shit on through low hit rates or something to offset a return that the game is keeping track of...I believe this is what it would do...because despite what MA says, I believe the game knows EXACTLY what you are getting, and exactly how much to take from you.


I think solution pretty simple...L amps MA doesn't have to worry about as much since we all have same benefit (well, ark has more, but whatev, we will all have universal treasure hunting soon when Ark's exclusive license runs out :D).
BUT:
UL amps, there are very few...it is easy for MA to check repair logs. (and I hope they have the decency to see that Drew is testing this for us, and I believe that he doesn't do this normally) I don't want anyone in trouble anyhow, but the minimum tt of the UL amps needs to be made higher than the tt value of a triple drop asap so they can be dropped to 0 only, and the L amps need to be explained and/or fixed to only be dropped to zero too! They can change the condition limits easy....just find the right number and change it. That is the easiest way by far...



Raddim et all never paid for the repair cost...hence why they could profit so quick. (if they had, even paying only 360 for repair on each amp they used, it would probably would not have been profit mining on FOMA with no mu anyhow. SO when we are looking at the grand scheme of things...over time, Raddim's 360 free tt was the Titanic, and this is just a dinghy with an easy little hole to plug.
 
Last edited:
Yeah I think MA figured we were all smart enough to decide when it was best to whip out a triple drop...so I think with L amps, there is little problem except that Ark gets to triple drop and no one else does.

Also, because I feel that the effects of doing this with the L amps is still something that MA has figured into the loot, and therefore has little effect on overall returns, I DEFINITELY see where this might be a bigger problem...and that is with repairable UL amps.

So I think the OP was right there might be a problem, but I think it lies less with the L amps, and more with the repairable ones. If I spend 470 ped for a L13, I get only the 40ped of "bonus" (if it exists) when triple dropping. But if one spends 470 ped repairing an UL L7 amp, roughly 270 ped of that 470 is "bonus" when triple dropping. SO the MAIN effect that OP was worried about lies not in L amps, which we all have access to and can figure out the best way to use, but to the UL amps.

Then this begs the question, if UL amp owners do this, does their loot get shit on through low hit rates or something to offset a return that the game is keeping track of...I believe this is what it would do...because despite what MA says, I believe the game knows EXACTLY what you are getting, and exactly how much to take from you.


I think solution pretty simple...L amps MA doesn't have to worry about as much since we all have same benefit (well, ark has more, but whatev, we will all have universal treasure hunting soon when Ark's exclusive license runs out :D).
BUT:
UL amps, there are very few...it is easy for MA to check repair logs. (and I hope they have the decency to see that Drew is testing this for us, and I believe that he doesn't do this normally) I don't want anyone in trouble anyhow, but the minimum tt of the UL amps needs to be made higher than the tt value of a triple drop asap so they can be dropped to 0 only, and the L amps need to be explained and/or fixed to only be dropped to zero too! They can change the condition limits easy....just find the right number and change it. That is the easiest way by far...



Raddim et all never paid for the repair cost...hence why they could profit so quick. (if they had, even paying only 360 for repair on each amp they used, it would probably would not have been profit mining on FOMA with no mu anyhow. SO when we are looking at the grand scheme of things...over time, Raddim's 360 free tt was the Titanic, and this is just a dinghy with an easy little hole to plug.

awsome post , but... you forget that for you : -40 phantom tt is nothing, but for sweater is 3 days fullhours os sweat and for new player is 1 day of shooting with opalo :)

that is why we all have different meaning of what is much and what is not much :p

yeah... reorganized my sentences ... i will make a gift for EU players and for Mindark if they will not be praud and just fix this exploit "if it is still not a feature" :) in fastest way.
 
Last edited:
Nice test!!!!

Now it is proven MA lose money from this.....they will patch it.

Or more accurately it costs MA money

Rgds

Ace

MA lose nothing, playerbase lose, dont think MA will take less peds from the system becouse someone is exploiting.
 
MA lose nothing, playerbase lose, dont think MA will take less peds from the system becouse someone is exploiting.


This is the way i see it;

Lets say there is one person that plays PE, (one person in the entire PE Universe)
The player deposits £10 into the game, and gets 100 ped (ignoring fees) on his ped card.
The player then finds an exploit that gives him double the amount he decays. So he drops a bomb decaying 20 ped and finds 40 ped of ores every time.

So player turns that 100 ped into 200 ped.

Player then withdraws the 200 ped.

Player up by £10, deposits £10, withdraws £20

MA down by £10, had a deposit of £10 from player, and paid back £20.

Rgds


Ace

EDIT: this is the reason why they took down servers when there was a bug and you got a tower with every find on CND
 
This is the way i see it;

Lets say there is one person that plays PE, (one person in the entire PE Universe)
The player deposits £10 into the game, and gets 100 ped (ignoring fees) on his ped card.
The player then finds an exploit that gives him double the amount he decays. So he drops a bomb decaying 20 ped and finds 40 ped of ores every time.

So player turns that 100 ped into 200 ped.

Player then withdraws the 200 ped.

Player up by £10, deposits £10, withdraws £20

MA down by £10, had a deposit of £10 from player, and paid back £20.

Rgds


Ace

EDIT: this is the reason why they took down servers when there was a bug and you got a tower with every find on CND



there is not only 1 players, there is many players that do fill the pool up.

and just like u said, when MA lose they turn off servers and fix problem asap.
 
This is the way i see it;

Lets say there is one person that plays PE, (one person in the entire PE Universe)
The player deposits £10 into the game, and gets 100 ped (ignoring fees) on his ped card.
The player then finds an exploit that gives him double the amount he decays. So he drops a bomb decaying 20 ped and finds 40 ped of ores every time.

So player turns that 100 ped into 200 ped.

Player then withdraws the 200 ped.

Player up by £10, deposits £10, withdraws £20

MA down by £10, had a deposit of £10 from player, and paid back £20.

Rgds


Ace

EDIT: this is the reason why they took down servers when there was a bug and you got a tower with every find on CND

he cannot get 200ped if system pool is only 100 ped. that he just allways would get no loot if there is no ped to pay in that range system should give.
 
he cannot get 200ped if system pool is only 100 ped. that he just allways would get no loot if there is no ped to pay in that range system should give.

You don't know that. We are, after all, talking about an "exploit".

Rgds

Ace
 
Last edited:
since i cannot reveal my sources and test results i have no right to deny you.


Your sources are irrelevant, you could have programmed PE solely by yourself, and you still would not be able to stop a potential exploit, getting more out than in.

You could programme to look for it, easy enough. Comparing totals, springs to mind, to see if something has gone wrong, but that wont stop it from happening.

You seem to be missing the whole point of an "exploit". You cannot gaurantee an exploit wont create tt value out of nothing.

Christ almigthy, this has happened in real life on the stock exchange, which have a helluva lot more safeguards than PE!

Rgds


Ace
 
Your sources are irrelevant, you could have programmed PE solely by yourself, and you still would not be able to stop a potential exploit, getting more out than in.

You could programme to look for it, easy enough. Comparing totals, springs to mind, to see if something has gone wrong, but that wont stop it from happening.

You seem to be missing the whole point of an "exploit". You cannot gaurantee an exploit wont create tt value out of nothing.

Christ almigthy, this has happened in real life on the stock exchange, which have a helluva lot more safeguards than PE!

Rgds


Ace


1. if loot <> loot rules then loot = 0;
2. if loot > loot rules then loot = 0 and run function report(avatarname,DateTime,Urgency) end;
 
1. if loot <> loot rules then loot = 0;
2. if loot > loot rules then loot = 0 and run function report(avatarname,DateTime,Urgency) end;


If 2, that means the exploit has already happened

Rgds


Ace

EDIT: and when you have 10ks of transactions an hour, then it wont be obvious at all
 
If 2, that means the exploit has already happened

Rgds


Ace

EDIT: and when you have 10ks of transactions an hour, then it wont be obvious at all

no if 2 is just attempt to exploit and person got autoban + reported as urgent



numbers never lie, there are 10000 times already who hacked bank internet systems, but they had nothing special , because numbers never lie, and compairing it with last number recalculating it still shows all faults and missing or added numbers.


simple as all databases, they have LOG files and have databases. Database can be recreated if log file exists. programmers who knows any database like mssql knows that.

taht is why there is not possible to make more ped because you cannot add numbers and history(where it came from) in one time.
 
no if 2 is just attempt to exploit and person got autoban + reported as urgent

Again, in a universe where loot is paid disproportiante to decay, as seen by dropping 1 ped and getting hundreds back.

Your logic will fail.

Rgds


Ace

EDIT: last time, i give up, MA should hire you, as you will be the first programmer in the history of mankind to "gaurantee" no expoits will ever gain more than was put in.
 
1. if loot <> loot rules then loot = 0;
2. if loot > loot rules then loot = 0 and run function report(avatarname,DateTime,Urgency) end;
You can get back more than you put in. I got a couple HOFs that put me +400PED tt with unamped f-104 no exploits that i know of. With your plan there I would be reported and probably locked for no reason?
 
You can get back more than you put in. I got a couple HOFs that put me +400PED tt with unamped f-104 no exploits that i know of. With your plan there I would be reported and probably locked for no reason?

rules ... not tt return .... rules is something like : if return pass more than max multiplier given.
 
rules ... not tt return .... rules is something like : if return pass more than max multiplier given.
My understanding is this exploit is giving an incorrect multiplier to start with because the code thinks the extra drops are amped when they shouldn't be. Not sure how your safety rules would catch that. What should be happening is the code stops the drop and gives an error message because the amp is to far decayed to drop the other probes. Fix that and problem solved.
Not saying your rules idea is wrong and I bet they already exist. Problem is the exploit part works around those rules because of a coding error.

At least thats what I am getting from this mess. I certainly could be wrong.
 
IF this exploit is real...
Doesnt that mean that MA is missing some income?
Cause if i remember well, they earn from decay generated by players on items.
 
My understanding is this exploit is giving an incorrect multiplier to start with because the code thinks the extra drops are amped when they shouldn't be. Not sure how your safety rules would catch that. What should be happening is the code stops the drop and gives an error message because the amp is to far decayed to drop the other probes. Fix that and problem solved.
Not saying your rules idea is wrong and I bet they already exist. Problem is the exploit part works around those rules because of a coding error.

At least thats what I am getting from this mess. I certainly could be wrong.

yes, it pass because all rules let it pass.

1. claim drop is from 1 to 3 - right
2. all finds cost 20 ped eatch
3. useble condition still lets proccess to start

seems there is missing 1 rule to check overall action tt, because after checking 3 procedures they have processing it wrong , i want to describe but ofc it would be only my igmagination :

Code:
1. procedure ores(lvl13)
2. procedure enm(lvl13)
3. procedure arch(lvl13)

run procedures(ores,enm,arch) in synch time 

reqbombs_ore = 20;
reqbombs_enm = 10;
reqbombs_arch = 30;

decay =20

if procedure(ores)=checked then item=lvl13amp and itemtt>minimalcond and reqbombs_ore<useritem(bombs) than go //checking rule
if procedure(enm)=checked then item=lvl13amp and itemtt>minimalcond and reqbombs_enm<useritem(bombs) than go //checking rule
if procedure(arch)=checked then item=lvl13amp and itemtt>minimalcond and rreqbombs_arch<useritem(bombs) than go //checking rule

run checked procedures(ores,enm,arch) //running mining procedure to generate answer-claims

useritem(bombs)=useritem(bombs)-reqbombs_ore-reqbombs_enm-reqbombs_arcj; //removing item bombs
itemtt=itemtt-decay;

and only this scenario fails, because removing item(bombs) + removing tt form amp action goes after all procedures, and all rules say that everything is in order because it is checked before action actually happens.
 
Last edited:
So I think the real question is are the extra drops actually amped or do they default to the finders stock settings and just decay the finder? 1 of the 3 drops are amped and decays the amp and the finder while the other two drops are not amped and just decay the finder. That would not be a problem if that is the case.

Is that what these test runs are trying to prove?
 
So I think the real question is are the extra drops actually amped or do they default to the finders stock settings and just decay the finder? 1 of the 3 drops are amped and decays the amp and the finder while the other two drops are not amped and just decay the finder. That would not be a problem if that is the case.

Is that what these test runs are trying to prove?

in my opinion there are alot procedures that has higher or lower permissions.

in this case after all 3 drops procedure(ore) , procedure(enm) and procedure (arch) makes same action : itemtt=itemtt-decay;

but in this case since alot of rules has perimison and priorities, the rule which can be described :if itemtt<0 than itemtt=0 has most highest priority.

that we hace action called procedure missfunction when :

Code:
itemtt:=itemtt-decay;
// it goes trough all rules and hangs on rule:
if itemtt<0 than itemtt:=0;
 
IF this exploit is real...
Doesnt that mean that MA is missing some income?
Cause if i remember well, they earn from decay generated by players on items.

I believe in the loot-pool theory or the "slot machine model". The peds only goes between the pool and the players, so the exploit are giving other players on unfair advantage compared to other players, not directly hurting MA so much.
 
I believe in the loot-pool theory or the "slot machine model". The peds only goes between the pool and the players, so the exploit are giving other players on unfair advantage compared to other players, not directly hurting MA so much.
If this is happening its 40PED decay not being recorded every time they do this. That means that's 40PED that someone is not depositing to cover that. Assuming what MA says is true that decay is were they make their money. If the item is not decaying they are losing.

Depending how wide spread this exploit is happening it could be 10s of thousands a year. If any of the above is true.
 
If this is happening its 40PED decay not being recorded every time they do this. That means that's 40PED that someone is not depositing to cover that. Assuming what MA says is true that decay is were they make their money. If the item is not decaying they are losing.

Depending how wide spread this exploit is happening it could be 10s of thousands a year. If any of the above is true.

The item is decaying, but the player gets more loot than they should have. If work as it did, the player still should had decay it to zero, making the last drop, but should get less return. The player would not TT the amp at 20 ped when he could make on drop. So in both cases the player should have used up the last 20 ped amp, decaying the finder.

The decay of the amp goes to the "lootpool" and not to MA, so it the other miners that are loosing potential loot (at least that's my theory).
 
Status
Back
Top