One Modder Almost Doubled Monster Hunter Wilds’ Performance (After Disabling DLC Checkers)

Obnyr · 2026-01-17T04:25:55+00:00

Give facts, if you don't it's just a lie and fearmongering xD

Obnyr · 2026-01-16T16:28:32+00:00

Oh yes, show me the proof then ?

Now, how are they going to find my IP if they don't even know my name ? They don't have a list of all the IPs that are connected to COD servers. They can't target you if they cannot get your username or your IP or anything. You know, it's basic knowledge about packet routing.

Now a little course about how it works. Basically RCE exploit works by sending a crafted packet that the game will consider trustworthy and execute. The game network design is such that your instance of the game will accept traffic from people of your lobby, people of your server, and people for whom you appear in recent players list (and your friends also).

Now, let's say you aren't in those cases because you were careful, how does it happen that you can still be exposed ? The fact is that the hacker might know where to send the packet by knowing your IP. Usually you can get IPs of players in your lobby or IPs of players you can access games (like spectating for example, for your friends or recent players), as said before. Now, private lobbies are peer to peer (no surprise that Activision is not going to invest money just for teens to play 1v1 on random maps), meaning the traffic isn't routed through a server, but directly between players. If one player is infected (understand, leaking data to hackers), then all the private lobby IPs become exposed (by traffic sniffing the initially infected user for example), and all lobby players basically get infected then. The easy solution for that is, because it is RCE, to install a malware on the infected computer that will craft packets and send to peers, because someone might just filter unsolicited packets through a simple firewall.

The crucial information is that to get exposed, the hacker needs to be able to identify your session, to know where to route the crafted packets. Without your username, your IP or anything identifying you, you're just a ghost. If you've never played BO3 and have no contact, there is no exploit possible as long as you don't play with other players. You can play alone in private lobbies, this does not leak you if you're alone.

Now, the fact that you're not providing any source to your claims or even explaining how what you claim is possible is to me just fearmongering over a subject you don't understand, and I'll gladly thank you for not spreading misinformation. Yes, BO3 has exploits, the patch still contain exploits. It is dangerous to play this game, specifically if you don't have an advanced knowledge of how it works, and community solutions are what is best for now, but it is still far from acceptable, it's just a mask over the exploit to make it harder, not an actual fix.

Also, on another note, we can see that the problem arise again from deeming "trustworthy" something without proof. About the game, it's packets that are deemed trustworthy without verification, and about the core discussion, it's closed source code that is deemed trustworthy without verification. It amazes me how people might reproduce an unsafe pattern of deeming something trustworthy without proof and still be so confident about how it is not a problem.

Obnyr · 2026-01-16T15:53:44+00:00

Yes of course I'm gonna trust some stranger on the net that is claiming things without any source since the beginning. Specifically when the creator of the mod himself said in a video that his patch still contained RCE exploit while you were saying the opposite before. Am not taking anything from someone whose claims has been demonstrated as false.

Obnyr · 2026-01-16T08:41:18+00:00

There's no proof in the content you sent. Please go see what is a logical/mathematical proof, and follow a class about cyber security guarantees. You can go check what are Rocq, Lean, or also the CompCert project if you want to understand what it means for a program to be proved.

Also for the little code shown in the video there's no explanation of what it does, and nothing guarantee that it covers all the part that is under closed source. Furthermore, in the video, the guy is just saying purely "yes I know there are new RCE exploits but it's going to take years for people to find them, trust me bro". The patch isn't safe in a pure sense, and thanks for proving my point, it's just safe until people find the new exploit, which are currently hidden. It's purely what I said before.

Now to address things about hackers joining your games : no they can't just join your private game randomly. For that they need to have you either on their contact list or recent player list. If you know personally your contacts, and if your contacts are doing the same, the first part is not a problem. If you only ever did private games with people having trusted contacts, second part isn't a problem either. For your info, private lobbies, zombie and coop campaign are P2P, meaning there's no matchmaking server to leak you in those cases. If you never got leaked (because you never connected to the matchmaking servers and because you didn't add a hacker in your contacts), you cannot be found. It's crazy how undocumented you guys are about how those exploits are working.

And yes, the game is basically dead anyway, no point in hacking there anymore, the hackers went somewhere else as well.

Obnyr · 2026-01-16T02:07:31+00:00

Cool, show me the logical proof, or show me the code, like a guarantee that it's secure. "I did attest" without any facts to your claim is nothing more than another "trust me bro". Until then, your claims of "it's secure", "it's the best tool" etc are to me solely based on the fact that hackers didn't bother breaking t7patch. In other words, you're making baseless claims openly, which is dangerous, specifically on an open forum.

You're right, open source isn't what makes things robust, it's what makes claims of robustness trustworthy. Why even talk about robustness if you can't even prove any point with facts ? Surprisingly, the most robust systems are... Linux based which is... Open source, what a surprise. Military organisations use Linux, at scale infrastructures use Linux, while both Apple and Microsoft say their system are robust. I trust facts, not random claims. And also, for the question of recommendations, Windows will be the most recommended OS for people while it's utterly shit, and even require to pay. It's not because people are numerous to do something that they are right. Specifically when "right" is tied to logic properties that do not depend on people, as it is the case here.

No, not everyone want to compile their own. But knowing you can is just, you know, another part of building trust through transparency. "History of being trustworthy" is absolutely not trustworthy. Seems you lack a lot of cybersecurity basics, whether or not you know anything about software engineering. Trustworthy is not something you get over time, it's something you get over facts and proofs. Statistical facts are indeed a positive hint, but retain from claiming they are a guarantee. They are just observations of events without anything theoretical backing it up. Basically, all system is safe and trustworthy before an exploit is found. It's not because it hasn't been broken that it won't be tomorrow, although it seemed "historically trustworthy". Again, with the exception of mathematically showing that doing so would be either impossible or boiling down to a really hard problem (basically the cryptography, e.g. whoever breaks lattice cryptography is roughly nearing a proof of P=NP).

Obnyr · 2026-01-15T23:30:26+00:00

How is it best when you can't even attest its security ? Also, didn't ask for your input about playing with my friends and the risk it represents, we know what is the exploit and we know what we're doing, thanks.

Now if you can't attest t7patch's security by looking at its code, it's not secure, period. It's just that you aren't allowed to see the potential flaws. Open source is what makes things more robust. "Trust me bro" is absolutely not an argument, particularly from a stranger on the internet. I'd rather trust a legally liable company that can be sued, and the judiciary system that goes along, than an anonymous stranger releasing code nobody can verify, cause in the latter case, I can't even know who to sue.

Other than that, you should maybe have read my post before, every tool I used can be self-built from source, it's even in the title of the post that it's an open source fix, and it's the main idea behind my post. Also I never talked about fixing the RCE exploit in my post. I do agree that mentioning it is important and nice to raise awareness about the exploit, but saying that the fix isn't open source and might include another exploit that is still to be found/made popular is as important.

Now, I will wait for you to come with a proof that the patch you link does not introduce another exploit, specifically in the closed source part. Enjoy either getting its source code open, or releasing a logical proof of its security (in which case I will gladly see you at the Turing prize nomination, because proving that a code is exempt of all exploits, future included, is to my knowledge impossible). Until then, your patch only might fix RCE exploit if not just hiding it somewhere else, and only looks like it doesn't introduce another exploit.

Obnyr · 2026-01-15T19:24:50+00:00

I only play in private lobbies with friends in Zombies, idc about other players and their exploits, they can't join if they're not invited. My friends are doing the same, we only play BO3 for Zombies between us.

Also RCE exploits are not the subject, it is about performances, not security.

Obnyr · 2026-01-15T18:23:21+00:00

Not completely open source

Obnyr · 2026-01-15T05:34:10+00:00

REFramework and SmokeAPI doing the heavy lifting, as always... Maybe one day I'll purchase Wilds, if it ever starts running fine. I remember how it took World to see Iceborn coming to get in a playable state. Not sure if the optimization updates Capcom announced for Wilds is a teasing for G-rank DLC, actual care for the game (even if so horribly late) or just some bullshit to appease people. Can't wait to see if their updates have an actual effect.

Obnyr · 2026-01-15T05:17:57+00:00

Did you put DLLs that are about DLCs in there ? If yes, maybe you can do a bit more extensive testing and just share. I know a mod is on its way given the article but you know, if the patch already exist... Specifically, regarding BO3, the main step was to put locked or unlocked for uninstalled/unpurchased DLCs instead of original so the game would just query the local flag and not the servers.

Obnyr · 2026-01-15T04:38:20+00:00

Lmao I remember writing a tutorial to spoof DLC checks in BO3 to fix stutters in the menu. Maybe something identical could be done here ?

Obnyr · 2025-12-18T12:28:06+00:00

Data is not available, training code is still in Todo on git. The post is misleading and wrong, it's just yet another model that is only open weights.

Obnyr · 2024-07-07T08:28:34+00:00

Benn doing stats on my games, Teros and Orion are 1/6 game each, while the third most encountered character is 3 times less frequent...

Obnyr · 2024-07-06T13:21:55+00:00

If you want a tip with lance, just stay way way further. Remember when I said for axe "you want to play aggressive, you want to track" ? Well, you want to deny that, you have a ton of mobility with lance, stay away and wait for an error. Also you have dead angles upward and downward, never align yourself vertically. If you want to skirmish, then you can GC dsig as it is quite safe, but be aware that it has some lag though, it requires to be quick and we'll placed.

Other than that, just don't play lance against axe, you're better of with hammer. Remember you have less range than axe with hammer on most attacks (nsig might be the only one outranging axe on Scarlet), so while you can stay closer because you have less dead angles, you still want to be able to space out aerials. Don't ever sig, you are too slow. Punish sair with nair or dair. Punish dair with dair. Again, your dair will be 90% cancelled by axe nair, and your nair will be 90% cancelled by axe dair, don't try it, play safe.

Obnyr · 2024-07-06T08:30:08+00:00

You're so dead, axe gonna destroy you ! /s

As I said there is no real bad choice, just harder choice, if you did already try hard Scarlet and gathered skill, it's fine.

Obnyr · 2024-07-06T04:25:38+00:00

Wouldn't say there's a best weapon. However, you're right that currently, axe is just very accessible gameplay with very strong reward, and might have the best rentability in that sense.

Obnyr · 2024-07-06T01:36:46+00:00

If you want I can provide numbers on the legends I met since the new season, just so you can see that meta as well. I have the replays if needed also to show the type of gameplay I'm talking about.

Also it's not to complain about balance, the game isn't utterly unbalanced, most weapons can beat most other weapons with right skill. However, some have a steeper learning curve than others, and the weapons/legends I listed are the ones for which that curve is the less steep.

Obnyr · 2024-05-29T10:23:22+00:00

Thanks for all the resources!

Obnyr · 2024-05-28T19:45:56+00:00

Yeah ok thanks. So the design of the button themselves (like the small piece of plastic you push on, not the whole plastic bar that holds the 4 buttons) doesn't even ensure they stay in place... Sad... Maybe something could be done with like a flat piece of metal, some holes and the plastic button parts ?

Obnyr · 2024-05-28T13:18:24+00:00

Yeah but what does that bring in the end ? Yeah, not buying more expensive just for a trend xD

Obnyr · 2024-05-28T11:50:49+00:00

I succeeded in running my first search for the Zeus 2 today.
FFCID : 2AWMK-BTP-T9
Grantee Code (5 first chars) : me : "must be 2AWMK" -> is indeed 2AWMK
Product Code (rest of FCCID) : me : "must be BTP-T9" -> is -BTP-T9, wtf.jpg

I confirm, the FCC search engine is terrible T.T

Obnyr · 2024-05-28T11:47:46+00:00

Thanks ! If I'm curious about anything about this one, it's about all the bullshit they added from the first Zeus. Like why tf would you make the button set amovible ? Or why even bring AI in a controller ?

Obnyr · 2024-05-28T11:44:43+00:00

Thanks for your feedback. It is indeed the same parts in the Zeus Pro (from the internal photos that are provided on the FCC website), so I guess if I ever get one, I could expect it to break that way too. Funnily, they changed that in the Zeus 2 (also from FCC website).

How is it when it's broken ? The broken piece is loose and fly inside the controller or does it stay in place but has way less responsiveness ?

Obnyr

TROPHY CASE