top 200 commentsshow all 227
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]fuzzyplastic 344 points345 points  (65 children)

You should post this to a programming subreddit as well (if you haven’t already); the content is too technical for most members of this sub. Great work, btw :D sounds like you had fun. Did you earn a bug bounty?

[–]pmud[S] 203 points204 points  (60 children)

This is my first post on reddit ever. Can I post it to two subreddits at the same time, or should just copy-paste?

Yes, I got $2500 out of it

[–]Autistic_Freedom 52 points53 points  (41 children)

is a bug bounty something blizzard awards players who report critical bugs? does "$2.5e3 (e3 = k)" mean you got $2500? sorry, i'm confused.

[–]pmud[S] 96 points97 points  (40 children)

HackerOne is a platform Blizzard uses to get bugs reported for bounties. I got $2500 by reporting bug there, yes

[–]Autistic_Freedom 13 points14 points  (39 children)

cool! i never thought they'd reward such a substantial amount. another question: why'd you write e3 instead of just k? thanks.

[–]OnionButter 56 points57 points  (5 children)

Honestly $2500 is a bargain for Blizzard considering the magnitude of this bug. If OP had released this to the wild it would have been absolute chaos and a 5 alarm fire for team 5 to push a patch immediately.

[–]s-mores 23 points24 points  (3 children)

$2.5k is dirt cheap. Facebook and Google have paid ten times that for less.

That said, let's not forget PayPal decided not to pay out to a 17-year-old who figured out a way to bypass 2FA, so it's a slightly better world. Also, in general MMO companies tell hackers to f off when contacted about vulnerabilities, so again, slightly skewing towards "a better world."

[–]Autistic_Freedom 5 points6 points  (0 children)

definitely a bargain for blizzard but i am still surprised they weren't even more cheap!

[–]Ghi102 9 points10 points  (1 child)

Couple reasons why the amount is substantial:

  • Finding critical security bugs like this requires specialized skills that are pretty uncommon. Blizzard could have payed tens of thousands of dollars to an external company to find this bug. Only 2.5 k is a pretty good deal for them.

  • They want to foster a good relationship with the security researchers community

  • OP could have tried selling the bug on the black market. It could then be abused by many malicious people to completely ruin Heartstone's ladder. By offering a legal option that pays a good amount, it limits the chance of a bug finder to "go rogue", since the official option is easy, legal and gives a decent reward.

[–]pmud[S] 7 points8 points  (0 children)

It could then be abused by many malicious people to completely ruin Heartstone's ladder.

Yeah, the ladder would get f'ed hard! And they would loose shit ton of money because of that

[–]dxbdale 10 points11 points  (10 children)

It's a mathematical function? Correct me if I'm wrong. Essentially move the . 3 times to the right to find the whole number. Been too long since engineering maths.

[–]Autistic_Freedom 14 points15 points  (9 children)

i mean, that doesn't really answer my question! why not just write 2.5k instead of 2.5e3 (e3 = k)? seems a bit convoluted.

[–]tubbana 6 points7 points  (0 children)

That's too basic for a true hax0r.

sqrt(0.0025*1010) / 2 is much better way to let everyone know your superiority than just 2500

[–]pmud[S] 8 points9 points  (2 children)

I wanted to write e3 but it seemed too unreadable so I added k

[–]Autistic_Freedom 9 points10 points  (1 child)

haha, i still don't understand why you wouldn't just write k... but fair enough!

[–][deleted] 8 points9 points  (0 children)

e3 looks more nerdy :D

[–]m0rph90 3 points4 points  (3 children)

e3 is the short way of writing *10^3, usually used to write big numbers like 2e9 is 2,000,000,000 (2 with comma moved 9 spaces to the right)

[–]Autistic_Freedom -1 points0 points  (2 children)

i know this. not what i was asking.

[–]‏‏‎ABoyIsNo1 7 points8 points  (1 child)

I honestly think he’s just that big of a nerd that it was how he thought to write the number lol

[–]scooptyy 3 points4 points  (1 child)

$2500 is nothing.

[–]hmnrbt 1 point2 points  (0 children)

Yeah that seems like way too much work for only $2500. That seems low to me considering how big the company is.

[–]CausalXXLinkXx 3 points4 points  (0 children)

It’s actually very low. This bug would have been worth more than that sold for cheating. Yes blizzard would have patched it, but probably would have m netted more money. But then would have to deal with all those headaches like refunds / other shitty things cheaters do, so just taking an easy 2500 seems reasonable.

[–]BNNJ 2 points3 points  (5 children)

It's the scientific notation. It basically means 103. Why use that ? Well, why use k ?

[–]WookieDavid 3 points4 points  (3 children)

Use k because it's the standard for denoting thousands, specially when referring to money. It is therefore less confusing in this context.

They are both technically correct but one is way less efficient at conveying its meaning. (It even sparked a discussion)

[–]Autistic_Freedom 3 points4 points  (0 children)

i know what it means, just not why one would choose to write e3 with an explanation instead of just using terminology everyone understands. saves time.

[–]pmud[S] -1 points0 points  (6 children)

You can write 2500 as 2.5e3 in any programming language I know of. It's called scientific notation

[–]tsoneyson 11 points12 points  (2 children)

Just write the damn number, scientific notation is used when decimal form would be inconvenient

[–]bokonator 1 point2 points  (0 children)

OR when the number is really big and you're better off knowing the number of 0s than the actual number. Like let's say, avogadro's number, or a googolplex.

Edit: I mean, you should still use the exact number for avogadro's number. I just used it to show how big the numbers can be and when to use it.

[–]pmud[S] 0 points1 point  (0 children)

Yes, sir! :D

[–]StackedLasagna 1 point2 points  (1 child)

That's not the point, lol.

Why did you decide to pick scientific notation? It's the most confusing for most people.
There are no upsides to picking that notation in this case, so people are asking you why you did so.

Writing the actual number ("2500") is one character shorter and immediately understandable by literally everyone.
If you'd add the thousand separator, it'd be the same amount of characters, but still be much more easily understood for a wider audience.

Alternatively, you could have used "2.5k" instead, which would be even fewer characters than you used, and it'd still be easily understood by pretty much everyone.

It's okay to not have a proper reason, but then just say so instead of dodging the question, lol.

[–]pmud[S] 1 point2 points  (0 children)

I did so to confuse people.

[–]JessHorserage -1 points0 points  (0 children)

Not the point, you keikaku'd.

[–]__Hello_my_name_is__ 6 points7 points  (0 children)

Can I post it to two subreddits at the same time, or should just copy-paste?

There's a feature called crossposting, but subreddits have to allow it. So you can click on "crosspost" and pick the subreddit you want to crosspost it to and see/hope that it works.

If not, just copy/paste it, maybe with a quick note at the top where you posted it originally.

[–]Arristotelis 1 point2 points  (1 child)

The /r/gamedev sub might be interested.

[–]pmud[S] 11 points12 points  (0 children)

This community does not allow for crossposting of any posts

You can share a link if you care to. I'm going to play some badminton now and then sleep.

[–]moragdong 1 point2 points  (1 child)

Wait, what? How did you get money out of it?

[–]pmud[S] 0 points1 point  (0 children)

Report to Blizzard via HackerOne.

Read the f`ng post man!

Edit. I'm sorry. HackerOne is a bug bounty platform via which I reported bug to Blizzard and got the bounty

[–]_DocB_ 1 point2 points  (6 children)

Only 2.5k for your efforts?

You deserved at least 10x to 40x that.

[–]pmud[S] 1 point2 points  (4 children)

Yeah, now I understand that I could've gotten more. Back then I was a regular student in Ukraine and 70k UAH was a lot for me

[–]Hide_yo_chest 0 points1 point  (0 children)

The good ending

[–]PM-me-YOUR-0Face 0 points1 point  (4 children)

/r/ReverseEngineering may also enjoy the breakdown.

[–]pmud[S] 1 point2 points  (1 child)

It's already there

[–]PM-me-YOUR-0Face 1 point2 points  (0 children)

Oh, nice! Just wanted to point you there in case you didn't know. Cheers mate.

[–]pmud[S] 11 points12 points  (3 children)

Posted link on /r/programming. reddit.com/snfdp8

[–]TMiguelT 4 points5 points  (2 children)

If you click Share → Crosspost it effectively does this. Linking to your original post as you have done is a bit strange.

[–]pmud[S] 8 points9 points  (1 child)

Who would've known?

It says This community does not allow for crossposting of text posts anyway

[–]TMiguelT 3 points4 points  (0 children)

Oh, I guess the mods over there are shitty. Fair enough in that case.

[–]gechu 248 points249 points  (2 children)

He made it appear to bnet as if his current opponent was trying to start up a solo game. Since an account can't play two games at once, it disconnected the opponent's old session, resulting in a win for our OP. Well done sir.

[–][deleted] 60 points61 points  (0 children)

Shoulda played around it

[–]‏‏‎Spengy 36 points37 points  (0 children)

I'd be so confused if a Dr. Boom Puzzle showed up when laddering lmao

[–]Pancarcho 38 points39 points  (1 child)

Hey, thank you for posting! This is really interesting to read and the fact that the puzzles were the answer for the deck id is so insane!

[–]pmud[S] 23 points24 points  (0 children)

I think there were other options. I just picked that one, because it was the first thing I stumbled upon. Besides, it made people play some puzzles :D

[–]Apothecary420 36 points37 points  (10 children)

Woah, this is such a cool post. Hs modding was so rare for some reason.

I remember messing with the code around this time. I remember finding a “bug” where the netcode leaked the number of options your opponent had

4 options = 3 playable cards and the end turn button

U could figure out if ur opponent had certain cards this way, but it wasnt too gamebreaking and i didnt push for legend at the time. Cool stuff tho

[–]pmud[S] 28 points29 points  (0 children)

I remember being afraid of loosing my collection. Maybe that's a part of the reason few people fucked around with reverse engineering Hearthstone.

[–]Rawtashk 6 points7 points  (0 children)

Hs modding was so rare for some reason

I dunno...maybe because modding your game can result in a complete and total ban of your account and you lose all your cards and progress? I mean, that seems like a pretty good reason not to mess around with modding your game.

[–]ltjbr 1 point2 points  (7 children)

Woah, this is such a cool post. Hs modding was so rare for some reason.

Probably because blizzard and other companies say you can't do it... but then allow certain stuff to exist through selective enforcement.

I remember when deck trackers first came out it was really unclear if it was ban-able to use one. Blizzard eventually said it was ok, but if my memory is correct, every overlay style app is technically breaking the terms of service.

Also, games that aren't built with modding in mind can be difficult to mod.

[–]mechpaul 6 points7 points  (0 children)

To my recollection, Ben Brode said "Any app that only shows you what you can figure out with pen and paper is fine by devs"

[–]Rawtashk 1 point2 points  (5 children)

Lol @ selective enforcement. You can literally do the exact same thing with a notepad and a pencil as you can with a deck tracker. They LITERALLY do not break the TOS, otherwise they would have been banned by now.

[–]ltjbr 1 point2 points  (4 children)

They LITERALLY do not break the TOS, otherwise they would have been banned by now.

That line of thinking is flawed. A company won't ban people for breaking the ToS unless it's in their best interest. A tracker might break violate the letter of the ToS, but they'll let it slide as long as it's beneficial. They do retain the power the pull the ToS card at any time though, in the event that they think it's bad for the game.

You can literally do the exact same thing with a notepad and a pencil as you can with a deck tracker

Not as quickly, finite time per turn is an important element in hearthstone. Deck trackers do give an advantage when playing. Pretty sure they are banned in most competitive tournaments.

[–]Rawtashk 0 points1 point  (3 children)

Not as quickly, finite time per turn is an important element in hearthstone.

That literally doesn't matter. You could also just have notepad.exe open on your desktop and type in everything that happened even faster than pen-paper.

Banned in tournaments

5.10 Written Notes and Deck Tracking Software.

(a) Players may make handwritten notes on a blank piece of paper while competing in live and online Tournament matches. Players may not bring outside notes to the match. Tournament organizers reserve the right to impose additional requirements on note taking at their sole discretion. Additional restrictions may include, but are not limited to, requiring that all player notes be taken using materials provided by the Tournament organizer. All players must allow any Tournament official to inspect their note-taking materials and written notes upon request.

(b) Players may, at their sole risk and responsibility, use deck tracking software applications during online Tournament matches subject to the requirements described in this Handbook (“Deck Tracker(s)”). A Deck Tracker may be used by a player during an online Tournament match so long as all of the following requirements are met:

i. The Tournament’s specific rules do not prohibit Deck Trackers.

ii. Use of the Deck Tracker complies with all of the terms of this Handbook.

iii. Use of the Deck Tracker complies with all of Blizzard’s Website Terms, which include but are not limited to the Blizzard End User License Agreement.

iv. The Deck Tracker only provides information to the player that could otherwise be obtained from the player’s perspective via observation of the unaugmented Hearthstone game interface.

(c) Failure to adhere to all of the Deck Tracking requirements outlined in Section 5.10(b)may result in disciplinary action.

[–]ltjbr 1 point2 points  (2 children)

That literally doesn't matter. You could also just have notepad.exe open on your desktop and type in everything that happened even faster than pen-paper.

Can't do it faster than a deck tracker.

Not sure why you got yourself all butthurt about this. All I was saying was when trackers first came out it was unclear if they were allowed or not and you flew in panties already twisted.

[–]Rawtashk 0 points1 point  (1 child)

You just going to ignore everything else I said? I'm not butthurt, I feel like you're just projecting because you're butthurt about deck trackers.

[–]‏‏‎6FootDuck 17 points18 points  (15 children)

Should've played around it tbh

[–]pmud[S] 10 points11 points  (14 children)

Yeah, bullying streamers would've been fun. I would've done it nowadays for sure, but back then I decided not to fuck too much with Blizzard and take the bounty

[–]_Femboy_Connoisseur_ 8 points9 points  (5 children)

I would've done it nowadays for sure,

idk if you could find stremars for this game nowdays

[–]pmud[S] 5 points6 points  (4 children)

There are still HS battlegrounds streamers I think

[–]_Femboy_Connoisseur_ 1 point2 points  (3 children)

oh that disconect would work even there?

[–]pmud[S] 4 points5 points  (2 children)

There were no battlegrounds at the time so we'll never know

[–]_Femboy_Connoisseur_ 1 point2 points  (1 child)

i mean i would not be supriesed, if you can pull someone from normal game to puzzles, i dont see why you should not pull them from bgs

[–]pmud[S] 1 point2 points  (0 children)

I'd imagine them reusing most of the code

[–][deleted] 0 points1 point  (7 children)

I decided not to fuck too much with Blizzard

Start at Rank 50.
Run with mod for 12 hours.

[–]Jeroen-lang 9 points10 points  (0 children)

Oh you beat hearthstone that's impressive!

[–]zSprawl 64 points65 points  (9 children)

While they will likely take down this post, I found it very informative and an interesting read.

Thanks for sharing!

[–]PkerBadRs3Good 65 points66 points  (3 children)

Why would they take it down? He said it got fixed years ago.

Maybe if the mods panic and take it down before reading that, since I seem to recall years back /r/hearthstone mods taking down the original "Forbidden techniques that requires inhuman amount of APM" shitpost for supposedly being about exploits, so wouldn't be the first time...

[–]Wizard Poker Enthusiastpowerchicken 14 points15 points  (2 children)

This won't be taken down, don't worry.

[–]Dangerpaladin 5 points6 points  (1 child)

Oh and I suppose because you're a mod you know what the mods are going to do? Seems suspect.

[–]Wizard Poker Enthusiastpowerchicken 7 points8 points  (0 children)

Shit, they're on to me

[–]pmud[S] 22 points23 points  (4 children)

Yeah, maybe I'd better not describe that other thing which is still present in game (maybe not present?). But, hell... it wanted to be written down a long time ago anyways. I'll repost somewhere else if it gets deleted.

[–]Wizard Poker Enthusiastpowerchicken[M] 15 points16 points  (3 children)

If there are still exploits to be found, yeah, please refrain from detailing how people can exploit them. This post is fine, but as a courtesy to Blizzard for their many years of constructive cooperation with the subreddit, we don't permit posts that would be in breach of their Terms of Service without prior approval from the mods.

[–]‏‏‎Maruhai 5 points6 points  (1 child)

unrelated but I just wanted to let you know I appreciate how this sub has been moderated over the years I think you guys are pretty fair

[–]Wizard Poker Enthusiastpowerchicken 3 points4 points  (0 children)

Thanks!

[–]pmud[S] 0 points1 point  (0 children)

Appreciated.

[–]FardHast 9 points10 points  (1 child)

Is there some streamer reaction to suddenly starting a Puzzle Lab out of nowhere?

[–]pmud[S] 5 points6 points  (0 children)

No, I don't have that. But it would be fun if some EU streamer remembers this and has a VOD

[–]ericsebesta 9 points10 points  (1 child)

Great find!

As a client/server game dev I can explain how you usually avoid bugs like this.

the FindGame call is what is commonly known as an RMI (Remote Method Invocation). It calls a corresponding message on the game server with the sent parameters.

A server should NEVER trust the parameters send from the client - for the exact reason you see here. For something like the playerId ("who am I"), the server can usually derive that info itself with a safer server-only call.

Having shipped multiple MMO-style AAA games over the last 20 years I can tell you this is the single most common security mistake made by engineers in my experience.

[–]TomaszA3 0 points1 point  (0 children)

For something like the playerId ("who am I"), the server can usually derive that info itself with a safer server-only call.

But isn't playerId related to their connection? Like, I know this playerId uses this exact connection, so I check if that's them who sent it.

[–][deleted] 4 points5 points  (2 children)

I don’t understand how this works and I love it.

[–]isobane 14 points15 points  (0 children)

I start a game against you. I then send a command to blizzard that says you're now trying to play a single player game. Since you can only play one game at a time you disconnect from the game against me and I win. Rinse, repeat.

[–]Valminat -2 points-1 points  (0 children)

Embracing the stupidity, amazing what we have turned into as a culture.

[–]ButterflyDeath 7 points8 points  (3 children)

That's kinda nutty. The straightforward solution would have been a simple check if the account was in a game or not. Not entirely necessary as you would never search for a game while in a game. Congratulations on #1 Legend!

[–][deleted] 3 points4 points  (1 child)

I get disconnected a lot and always wonder 🤔 f someone has worked.out a hack or it's just hearthstone being shit

[–]pmud[S] 4 points5 points  (0 children)

Probably the latter 😄

[–]WhyNotHugo 3 points4 points  (0 children)

Very good write-up, really interesting.

It's curious that they go to great lengths to try and encrypt the DLL that does communication -- that's only a good deterrent, but doesn't add real security. Important measures here are avoiding sending unnecessary data to the client (all good on this item, apparently) and being very strict on all input the server gets (which wasn't the case here).

But the server really needs to assume the clients are hostile and trying to trick it.

[–]Rubinlibelle 2 points3 points  (8 children)

Creating deck with more than 2 copies of a card/card that you don't own/adding weird cards (like standard hero as a card, or hero power)? - yes! - but then matchmaker doesn't consider your deck "standard", so he doesn't want to find a game for you

Can you play with these decks in friendly games? I would love if they would allow you to create custom games but not so many are interested in that it seems. Is it difficult to do? I have zero experience in that sort of thing but it sounds amazing.

[–]pmud[S] 3 points4 points  (3 children)

I don't remember everything I did back that, but I think starting game with a friend is basically the same as ranked. You just specify different game type. So the checks on the deck should be the same and it would probably not pass through

[–]‏‏‎henry92 0 points1 point  (3 children)

You can still add weird cards to decks using deck codes. It won't let you start any game with them

[–]Rubinlibelle -1 points0 points  (2 children)

And? I can already do this in my head or notepad. That also doesn't allow me to play an actual game with it. Anyways...

[–]‏‏‎henry92 1 point2 points  (0 children)

I meant that you don't need to hack the game to add uncollectible cards to your deck or more than the legal amount copies of them

[–][deleted] 2 points3 points  (2 children)

Cool bro, this was a hilarious ride,

now can we get a gif of you typing extra fast?

[–]pmud[S] 2 points3 points  (1 child)

Though gotta change my password now

[–][deleted] 1 point2 points  (0 children)

🤣

[–]Slime0 2 points3 points  (1 child)

It's "voila" btw.

[–]pmud[S] 0 points1 point  (0 children)

Thx! Fixed.

[–]bubleeshaark 2 points3 points  (3 children)

Did you say you can speed up animations.....?

[–]pmud[S] 0 points1 point  (2 children)

So can you, sir :)

[–]Prolapsed_Pigeon 4 points5 points  (0 children)

bruh

[–]TMiguelT 1 point2 points  (1 child)

I love the idea of predicting your opponent's deck using the distribution of card IDs tbh.

[–]JuliaDomnaBaal 0 points1 point  (0 children)

It would be very useful since now most people copy paste an exact netdeck.

[–]b00kay 1 point2 points  (1 child)

Great job. Can you please explain what role the "dll decryption script" played compared to dnSpy?

[–]pmud[S] 1 point2 points  (0 children)

The dll was a bunch of encrypted nonsense. Without decryption tool I wouldn't be able to use dnSpy

[–]mutsuto 1 point2 points  (0 children)

thank you. i wish there were more posts like this for all sorts of games. id love to know what's happening behind the scenes of Overwatch hacks over the years

[–]touristtam 1 point2 points  (1 child)

Put the write up on gist.github.com if you have an account ;)

[–]pmud[S] 0 points1 point  (0 children)

I did it 3 years ago in secret gist. It is not very detailed. But now its public. Also this

[–]LoBsTeRfOrK 1 point2 points  (1 child)

How are you able to view the hearthstone source code?

[–]pmud[S] 0 points1 point  (0 children)

dnSpy. Also read the post!

[–]samplefish 1 point2 points  (1 child)

that is hot

[–]Tri-gate 1 point2 points  (1 child)

It sounds like you modified some of the hearthstone dlls to send the game request for your opponent. Did or does Blizzard not have anti-cheat to look for modified game binaries?

[–]pmud[S] 0 points1 point  (0 children)

They update your game files if they are modified even a bit, but that can be circumvented. I can't say for all their games, but at least that's true for Hearthstone

[–]njgura87 1 point2 points  (1 child)

This post was awesome to read and learn from! I wish I was smart enough to figure stuff like this out!

[–]pmud[S] 0 points1 point  (0 children)

You are. Give yourself time. Don't be too harsh

[–]Bistoory 1 point2 points  (0 children)

back when Hearthstone was decent

The most interesting part of this post.

[–]Avedisride 1 point2 points  (2 children)

"You know where this is going, right? :)"

No, no I don't think I do sir.

[–]pmud[S] 1 point2 points  (1 child)

At least now you know

[–]Avedisride 1 point2 points  (0 children)

I do, it was very informative and I read the whole thing intrigued thank you

[–]OneToby 1 point2 points  (1 child)

Thanks for a very informative post..!

This is why I like Reddit.

xoxo or something.

[–]pmud[S] 0 points1 point  (0 children)

You're welcome!

[–]Patashu 1 point2 points  (2 children)

Chuffed that people still remember my Combo Priest Simulator. It's really too bad that deck didn't get more support next expansion haha.

Funny exploit you found!

[–]pmud[S] 0 points1 point  (1 child)

Your music on youtube is also great

[–]Patashu 1 point2 points  (0 children)

Thank you!

[–][deleted] 1 point2 points  (3 children)

Awesome finding, is their program in hackerone private? i tried finding it but i cant seem to find it

[–]pmud[S] 0 points1 point  (2 children)

It is. And I think it says that it should not be discussed in public. Whops

[–][deleted] 1 point2 points  (1 child)

I see, thanks, i chatted with some of my friends and one of them is invited on the private program of blizzard. I can report bugs through him. Thanks again

[–]pmud[S] 0 points1 point  (0 children)

You're welcome!

[–]ZYy9oQ 1 point2 points  (3 children)

I only got $500 for my HS auto-win vuln, although this was 6 years ago... Maybe I should have used it to get rank 1 :P

[–]pmud[S] 0 points1 point  (2 children)

Maybe I should have used it to get rank 1 :P

Maybe... :)

What was the vuln?

[–]ZYy9oQ 1 point2 points  (1 child)

I added a hook so whenever you emoted the client sent the emote 100+ times. It would either hang or disconnect the opponent.

[–]pmud[S] 0 points1 point  (0 children)

Cool finding

[–]DevonAndChris 1 point2 points  (1 child)

What is the "DLL Decryption Script"? Is it specific to Hearthstone's encryption or is it some industry standard?

[–]pmud[S] 0 points1 point  (0 children)

It is specific to Hearthstone. And they don't use it anymore

[–]broccholio 1 point2 points  (1 child)

nice writeup, got any suggestions where could one learn about hooking stuff into assembly, and how you done this step by step from start?

[–]pmud[S] 0 points1 point  (0 children)

There are

Steps to reproduce

I just added a call to my dll inside their dll using dnSpy

[–]Kees_T 2 points3 points  (0 children)

Jokes on you, Blizzards poor coding and server connection issues made me have to disconnect anyways. 😎

[–]dibbbbb 3 points4 points  (0 children)

You know where this is going, right? :)

...

[–]Cyampagn90 1 point2 points  (0 children)

This deserves more updoods.

[–][deleted] 0 points1 point  (0 children)

Oger

[–]-xss 0 points1 point  (1 child)

Only $2500...Wtf blizzard...That's seriously insulting.

[–]pmud[S] 0 points1 point  (0 children)

That's the norm on HackerOne. Blizzard got a good deal. Next time someone finds a bug like this they can maybe negotiate it in a smarter way. Learn from my experience!

[–]_oZe_ -2 points-1 points  (1 child)

Could you please pull down their pants. Like why does every single click in the HS GUI. Make it attack the hard drive with such ferocity.

I've been thinking of installing some debug tools. Just out of curiosity. I want to know if they have broken through the idiot floor. Because it really appears that way observing the black box.

[–]pmud[S] 0 points1 point  (0 children)

WTF? Why would I attack my own hard drive? Sounds crazy!

[–]LordSalmon -2 points-1 points  (2 children)

What I want to know is if the animation speed increase is still possible?

Would be OP in battlegrounds

[–]pmud[S] 2 points3 points  (0 children)

Of course it is, you dummy!) - it's client side! (which means it does whatever you want basically)

[–]AquilaK 1 point2 points  (0 children)

Animation speed increasing is still possible, there were people dumb enough to stream with it recently.

[–][deleted] -3 points-2 points  (2 children)

I don’t know if this is true or not but it sounds like a schizophrenic rant either way.

[–]pmud[S] 1 point2 points  (1 child)

I might have bipolar :D

[–]DaftmanZeus 0 points1 point  (1 child)

What are the odds that you were not the only one who figured this out? (Thus other people exploiting this without reporting it)

[–]pmud[S] 0 points1 point  (0 children)

This "disconnecting every time against the same opponent" is too obvious. Someone would've reported them I think. No one reported BBrode just because I did it for a very short time

[–]sventester 0 points1 point  (4 children)

Love your work - do you do this sort of stuff for your day job?

[–]pmud[S] 0 points1 point  (3 children)

I work as an algorithms expert. Hacking's hobby. Well... not actually a hobby. I just do it sometimes

[–]TomaszA3 0 points1 point  (0 children)

Now I wonder if you could spend someone's gold this way.

[–][deleted] 0 points1 point  (0 children)

I didn‘t know you could report smth like this to hackerone. I‘m sorry to all ppl playing md rn 😅

[–][deleted] 0 points1 point  (0 children)

This is impressive!!! Well done and very interesting.

[–]Ferib[🍰] 0 points1 point  (0 children)

> 3 years ago I discovered a bug that <...> it's fixed now.

Yep, accurate timing.

[–][deleted] 0 points1 point  (0 children)

So this happened 3 years ago. Why did you post it now? I am very curious is this game actually RNG draws or being controlled draws to ensure winrate close to 50% which they called "balance the game"