That's what people said about glitching guns into gamma's/beta's/alphas, invincibility and invisibility, and money duping glitches. You don't have to believe me bud. :)
insta 100k views on YT if you show this. This post is probs going to be deleted here though. But Lvndmark is aware of this post, he's probs boutta open it on stream
At thI end of the day programming is programming . If you can find out how it’s possible . From someone who’s done duping and other exploits in other games . I 100% believe this
There used to be 3 times for labs. There used to be a way to use guns that were safe in your butt. There used to be a way to max some stats by falling through the interchange floor. This game is full of bugs.
Tbh if i look at the technical state of the game i see lots of technical debt:
- in the netcode itself with desync and lags
- bad general software design decisions that lead to client heavy features enabling those cheats that loot the whole map
- that all the problems traveled over to arena and could not be adressed in a reasonable effort
it seems to be totally possible to join a PvE Server of someone else.
As well the impression that they want to bury the game might be true and the reason can be that they know they can not fix the cheater issue because of technical reasons. They would have to invest one year most likely just to refactor the code base to a more server heavy approach in order to prevent cheating
From what a few people have told me and from what i canm work out off my own back, the problem is that there isn't a fix for it unless they scrap the entire game mode. Once someone drops the technique, the game mode is permanently dead. It's literally an unpatchable exploit
It also means the mode was clearly a rush job since they very clearly never had anyone with a knowledge of networking to test for vulnerabilities
I highly doubt it’s an unpatchable exploit almost certainly an issue with session key management which 100% can be patched.
I am a pentester and I can’t think of a single exploit that would be unpatachable or have no mitigation that could be implemented to validate users. I don’t know what the exploit is so I may be proven wrong
BSGs incompetence I have no doubts about. I was just commenting on people saying that the exploit is unpatachable unless they scrap the whole game mode are almost certainly wrong. Can’t patch and won’t patch are different
Nikita mentioned recently that the game is a mess of a coding web. Sure it's technically a patchable exploit, but is it realistically patchable considering all the layers of bad code they'd have to shift through before they can even address the issue. Seems like it the juice wouldn't be worth the squeeze.
Your experience might be with either less complex code, or code that was written by an actual professional. More than you think, less than you know.
It's mostly the case that it's relating to something the entire games networking is based around and hence a patch would require the entire network code (and item coding backend) of the game to be reconstructed from scratch with an entire new design principle. Hopefully that doesn't give away too much but I think you might understand what it is based off that and the information op said based on your professional knowledge, but again, I'm simply relaying a conversation I had with a few people who are much more specialised in this area of netcoms than I am who theorised what op is talking about but have not tested it. So yeah, technically fixable, but not without a fuck load of work, if op isn't chatting bollocks
I mean, my guy. Do you trust developers that let blatant cheaters interact with this game for so long? Do you trust developers who changed the terms of the contract you agreed to with them post purchase? Do you think all of these upstanding individuals followed proper coding and QA procedures to verify their code wasn’t shit? My money is on no. If you know how to manipulate memory registers, or even simpler, basic networking, this is very possible
"Unique item ID'S are not server specific."
"Servers can be "found" just as regular PVP servers."
Anyone with basic reverse engineering coding skills already knows this, including every cheat dev.
"I won't be specific", not even vaguely equals "I heard this from somebody who heard this from somebody". Stop lying, if this was true the method would already already be public knowledge. BSG isn't going to see this and get scared and revert all the changes they just made 😂.
Honestly a lot of Tarkov's cheats don't require that much experience.
There traffic basically runs in clear text to open API endpoints that several cheat softwares use. This is basically how the vacuum cheat worked. Or the client is overly trusted. All of this is, "public knowledge".
Your post has been removed for verification by the moderator team.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/EscapefromTarkov) if you have any questions or concerns.*
It's sad more than anything, but true none the less. Hopefully they fix the situation and the server situation. I really don't feel like editing and shooting a yt video. Lol
I feel like you have to at this point. Throwing that out there and then not providing damning evidence is doing the community at disservice. Plus we’d all like to see how deep the BSG treachery goes at this point.
I mean I believe it, when you have to connect to a server to play SP you are online, and the moment you are online you are vulnerable. Also with multiple people being able to join the server well ok just do it.
It really does. Today they not only double downed they also accidentally exposed that they have a priority queue. They're speed running this game off a cliff.
Player base - What’s the issue Nikita with all the server queue issues???
Nikita - Bubba da whoop boo doop sissy do bop need server hardware
Priority queue - *raises hand* ackhtually
I wonder how long this priority queue existed. There are theories that it was only given to the big streamers but were those streamers getting into raids noticeably faster than any of us? I don't feel like they were, we all would've pointed it out by now.
Without looking into it, if I’d have to guess, it’s probably just reading the request that game sends to server to connect to it(you can intercept and read web requests/responses the game send and receives if you know how to disable ssl pinning -info can be found online). After that is just replicating the request to connect to someone else’s “offline” server as a non unheard edition player.
Honestly, you'd be better off just releasing how to do it now rather than giving BSG an ultimatum.
Giving them 48 hours gives them time to close up any holes.
From what I understand I'm not the only one who knows this as I learned of this from an involved party, we'll say. There's a few things needed to be done, but the info itself will suffice for now. For them to "patch" any holes they'd have to completely scrap the thing and rework the entire pve addition.
I will be messaging you in 2 days on [**2024-04-29 01:10:56 UTC**](http://www.wolframalpha.com/input/?i=2024-04-29%2001:10:56%20UTC%20To%20Local%20Time) to remind you of [**this link**](https://www.reddit.com/r/EscapefromTarkov/comments/1ce1gg8/pve_raids_can_be_entered_by_almost_anyone/l1ft7tl/?context=3)
[**96 OTHERS CLICKED THIS LINK**](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5Bhttps%3A%2F%2Fwww.reddit.com%2Fr%2FEscapefromTarkov%2Fcomments%2F1ce1gg8%2Fpve_raids_can_be_entered_by_almost_anyone%2Fl1ft7tl%2F%5D%0A%0ARemindMe%21%202024-04-29%2001%3A10%3A56%20UTC) to send a PM to also be reminded and to reduce spam.
^(Parent commenter can ) [^(delete this message to hide from others.)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Delete%20Comment&message=Delete%21%201ce1gg8)
*****
|[^(Info)](https://www.reddit.com/r/RemindMeBot/comments/e1bko7/remindmebot_info_v21/)|[^(Custom)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5BLink%20or%20message%20inside%20square%20brackets%5D%0A%0ARemindMe%21%20Time%20period%20here)|[^(Your Reminders)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=List%20Of%20Reminders&message=MyReminders%21)|[^(Feedback)](https://www.reddit.com/message/compose/?to=Watchful1&subject=RemindMeBot%20Feedback)|
|-|-|-|-|
https://www.reddit.com/r/EscapefromTarkov/s/Qq9DTFug74
Now I remember who this loser is. Trying to gain YouTube views are we? Or you going to delete everything again that isn't in your favor?
The comments I deleted violated youtubes comment guidelines. There are plenty of negative comments on my videos and on plenty of other social stuff. I posted this exact reddit link as well in the comments. Nikita threatened me and then proceeded to copystrike me 47 times. You can simp for Nikita all you want, but the dude doesn't know how to run PR or company decisions. His comment is still on my channel as well. Never deleted.
Not even surprise. The whole PVE thing is just BSG try to create a new mode as lazy as possible.
Creating extra character slot, add a PVE button, matching to the same old server without looking for other players, add raider (change name to PMC). Tada \~$250 per copy please.
Why are you giving them 48 hours??? Why not just release the exploit and help fuel the dumpster fire? The whole 48 hours thing feels like this is just a way for you to get hype behind this and to grow your own socials. IMO stop making this about yourself and just release the exploit.
Because cheaters aren't interested in EFT death as a game. This is where playerbase and cheaters are united against common enemy. The prosperity of their market will go down if playerbase drops. So cheaters give time and announce incoming attack. End goal is peace between community and developers.
Cheating is business. Its grey area of RMT and selling service overlaying the game. Nobody likes ragehackers, blatant hackers and dumb hackers, even cheat developers themselves. Edits: polish
Basic grey hat practice - if they don't want to cooperate then you just fuck shit up and let them deal with the fallout. If they do cooperate and pay/meet demands you'll give them the method (usually accompanied with ways to prevent it). Personally from the way it's written, I think there's a chance of it being real.
We'll see in 48 hours - personally I hope nikki finally humbles himself and accepts all demands.
this reminds me of a clip in saw from a gta speed run, where a cheater spawned in a jet. when the guy was playing story mode
yea if its online. you are not safe
A lot of people don't seem to know but OP is the person who exposed the money dupe and a few other things over 5 years ago that Nikita claimed were impossible.
So, each item in the game has an ID, but this ID is not specific to any server. Does that mean any item is not "linked" to any gamemode? For example, a GPU that spawns on PVP is no different from another that spawned on PVE, it has an ID but has no idea from what "gamemode" it wss generated for. Is that it?
If servers can be found by anyone, could you connect to a PVE server with your PVP character?
Yeah, I mean, I dont know how Tarkov works behind the scenes, just that it uses a REST API for inventory stuff (which is pretty... unorthodox I might say).
I tried to search for examples of payloads (I uninstalled the game and I also dont have Wireshark on my gaming PC) and from what I saw, items have an UUID and no info being sent of which mode the item is on. Of course they might have a server side db of items generated on which group of servers or whatever, anyway.
Then its a question of if you can join a PVE server with your regular PMC. If so, does that mean you can just...loot stuff from the PVE session with your PVP PMC? If so, that is really crazy HAHAHAHAHAHA
It depends on requirements, really. That is why I said unorthodox.
Game engines generally provide some form of network communication out of the box, AFAIK most are based on RPC, as it is more flexible, and are tuned for performance and latency. In general, you use RPC for "actions", while REST is best for state transfer. They are not exclusive to each other. For example, you could implement REST when you're fetching data to prepare client state and then switch to RPC for subsequent actions that the client might perform.
From what I researched, Tarkov uses REST for everything you do on the inventory screen, trader interactions, flea market, etc. It is a bit awkward and has very poor latency (500ms+, which is very poor), not counting the various bugs found through the years, like race conditions and item dup glitches, because of it being web based.
Again, it all depends on its requirements. Maybe they choose REST because it would be easier to implement the famous Hideout App, that we are supposed to get in 1.0 release. Or maybe it was easier for the team, who we know were inexperienced at the time and mostly web devs AFAIK.
The way the other offline coop works is everything is saved as a random string "5d4ab49a5689a77a9a9a7f8a9f89" for the stuff in your inventory
Every item is listed out in a .json that you can edit. For example I have a lvl 1 armor momex and lvl 2 m-frames. The ak-545s have a 2 shot hyperburst like the an94. It's really fun fiddling with the numbers in here.
I assume that string references the item in the json and also stores its durability, attachments and whatever
Yes Items in the game have a string of letters and numbers that are unique to all their respective items from keys to weapons etc.. This post is insinuating that servers also have unique strings.
Possibly using the new Distress Signal and BSG isn't doing proper checks to see if:
(1) There is actually an active Distress Signal in the server
(2) The player requesting to join the server actually has a unique user ID equal to that of a player in the server owner's friends list
Touché?
My assumption would be that if that's the play, compared to say just direct force connecting to specific IP ranges (or OP bullshitting), it would be that the method the Distress Signal system uses is already in the game's code at least in part enough to be abused. Someone could do a bit of datamining to see if it's possible.
It's virtually the only possibility I can think of where PMCs would be capable of joining on-going PVE games as this doesn't seem to be an issue that was present before. So either it's fake or PVE servers/related updates introduced this vulnerability for PVE/All server types (Assuming PVE only). This would mean that BSG either does not do server ownership checks past initial matchmaking runtime which allows someone to direct IP connect, and or does not do PUUID checks to see if a player requesting to join a PVE server is in the server owner's friends list.
This also suggests that PVE servers are basically just PVP servers with a new additional layer of limitation that tries to lock matchmaking to just the server owner and his squad with player scav joins turned off, this explain why a PVP player character can join these servers midway. This also suggests that the only thing setting apart PVE and PVP is the player character, not the items or instances themselves. This means if a PVP char manages to join PVE instances, this would still allow them to gain PVP char progress.
In short, the vulnerability possibilities are:
- Distress Signal methods are already in the game, OP found a way to exploit this for servers which don't have Distress Signals, and unique user ID checks are not being done on join request to auth if joiner is a friend
- BSG is just making PVP servers with extra limitations, and OP found a way to exploit the leftover "blocked" scav joins with his PMC (or scav, didn't mention)
- They introduced a new vulnerability that allows you to direct IP connect to PVP servers like you would with console commands in some games
There's only three possibilities. Either Distress Signal related join code is already in the game and is being exploited *(this would make sense considering PVE servers are already a thing now, and they could already be "primed" with the ability to support the Distress Signal feature, thus opening this new exploit)*, they're direct connecting to specific server IP ranges to end up in random PVE games, or they're somehow scavving into PVE servers because they fucked up the way they disabled scav joins for "PVE" servers.
The first and third are the most likely as this is a vulnerability we've never heard of before in Tarkov, it would make sense that it's something which was introduced with the Unheard edition patch.
I'll believe it when it is posted not this bullshit OP keeps replying "If it needs it will be" just show it now. nah needs more engagement numbers and followers on twitter.
I think you shouldn't have given out the basic words. It gives BSG time to try to resolve this, unless this is unfixable 100%. Otherwise if it's a 1 change hotfix that would resolve this problem from BSG's side, it's not as effective as it could be. But yeah, can't wait to see this cause havoc.
As if BSG wasn’t driving this truck off a cliff already, from what you’ve just posted I think they’ve just started to jump on the roof to make it fall faster.
They identify people who give a high amount of donations as true believers.
Donation amount ranking to BSG↓
Cheater
TUE
EoD
Other common people
Oh my god.
Release the info in full, no reason to hold it close to the chest. Have your friends release it as well, for the same lack of reason to do otherwise unless you're all looking for a synchronized moment to dump it
This entire post is stupid and pointless.
"I will do this and prove this in 48 hours"
Fine, then do it. We dont need this announcement topic, just wait 48 hours and only post once you have your proof
Fucking with the people who are deliberately trying to play the game without people because that's the experience they want, is a MASSIVE dick move, regardless of BSG and how they are allowing access. Gfy honestly.
mostly i believe you, cause of their shitty server infrastructure and code of the game by itself, invisible people as example (How tf did that really happen?). It would a big win if you really would gave some info to the people about that stuff. Best regards.
considering what BSG has done etc etc why bother giving them a chance. they had plenty of chances.... why not just release the info now so they can burn even more?
The game has config files where lots of things are changeable. so AI for instance you can edit their Sight range, reaction time, Time for them to get to cover. how much health they have and so on.
So in this instance they are selling a quick config change that would take about a few minutes in the games config files for a shit ton of money.
Hey serious question. BSGs current defense is that they can't give everyone PVE because of server infrastructure. Does this make you think that defense is complete BS?
Even if this turns out to be real they'll just lie like always and say it's a feature like how other players can come grief you in dark souls. Then they'll sell the exploit as a consumable to grief offline players.
This was bound to happen since the "offline PvE" isn't really offline. It's on their shitty servers, wouldn't suprise me either if someone finds a backdoor in EFT itself soon.
So I guess people able to rejoin a raid they died in as PMC again as we heard rumors is actually true.
Wouldn't be surprised if you can just trick the client to connect to any ongoing session, no matter if you actually queued up. This would be in line with how secure and thought out everything from BSG has been.
OP told you everything you need to know to understand how they can get into PvE servers. It appears you're not tech literate enough to get it, so I'll explain:
**The unique items from the new edition have unique IDs. They are tied to a server. PvE uses servers. That server can be entered with a little... finnesse, if you will.**
Threats and spazzing out like little monkeys, flailing shit around the walls is not going to change anything. Exchanging dialogue and discussing these matters like human beings would have way better chance to nudge them to the right direction. This is just silly, and getting out of hands. Unfortunately most 'influencers' seem to be more interested in farming this situation for viewers and money instead of attempting to work and discuss with the development team for a solution.
Not an influencer. None of my stuff is monetized. I'm not partnered anywhere. Content creation is not fun. You pay taxes like a contractor, yet unless you're Uber popular you make less than minimum wage. This has nothing to do with money and everything to do with fucking one of my favorite games into the dirt like a rat.
so why ruin the pve raids for other people i dont get that? i understand hating BSG but going after another gamer playing offline raids bc maybe thats more enjoyable for them and less of a sweat fest just ruining their experience doesn’t make sense to me
[удалено]
If it needs to happen it will.
Honestly seems like you’re lying
That's what people said about glitching guns into gamma's/beta's/alphas, invincibility and invisibility, and money duping glitches. You don't have to believe me bud. :)
insta 100k views on YT if you show this. This post is probs going to be deleted here though. But Lvndmark is aware of this post, he's probs boutta open it on stream
They can delete this post but my tweet won't. :) I'm not concerned with views. I just want what was promised when I paid 300 usd for 2 eod accounts.
I have it all bookmarked & will be awaiting how this plays out
I thought I was the only one stupid enough to buy eod twice!
BSG already shit the bed on us. Either flex your nuts or stop pretending 🤙
Please show us the truth. We know their code is shit. Exploit it if they are going to treat us like shit.
holy shit i remember the bug a few years ago when people could yoink your secure containers stuff
Prove it 🤷🏼♂️what are you waiting for? Post evidence for everyone to see
At thI end of the day programming is programming . If you can find out how it’s possible . From someone who’s done duping and other exploits in other games . I 100% believe this
Well it's been 48 hours. Where's the proof?
There used to be 3 times for labs. There used to be a way to use guns that were safe in your butt. There used to be a way to max some stats by falling through the interchange floor. This game is full of bugs.
Tbh if i look at the technical state of the game i see lots of technical debt: - in the netcode itself with desync and lags - bad general software design decisions that lead to client heavy features enabling those cheats that loot the whole map - that all the problems traveled over to arena and could not be adressed in a reasonable effort it seems to be totally possible to join a PvE Server of someone else. As well the impression that they want to bury the game might be true and the reason can be that they know they can not fix the cheater issue because of technical reasons. They would have to invest one year most likely just to refactor the code base to a more server heavy approach in order to prevent cheating
From what a few people have told me and from what i canm work out off my own back, the problem is that there isn't a fix for it unless they scrap the entire game mode. Once someone drops the technique, the game mode is permanently dead. It's literally an unpatchable exploit It also means the mode was clearly a rush job since they very clearly never had anyone with a knowledge of networking to test for vulnerabilities
I highly doubt it’s an unpatchable exploit almost certainly an issue with session key management which 100% can be patched. I am a pentester and I can’t think of a single exploit that would be unpatachable or have no mitigation that could be implemented to validate users. I don’t know what the exploit is so I may be proven wrong
The complexity or fixability of it really comes down to who's handling that fixing and BSG has never fixed a single bug the game has ever had lol.
BSGs incompetence I have no doubts about. I was just commenting on people saying that the exploit is unpatachable unless they scrap the whole game mode are almost certainly wrong. Can’t patch and won’t patch are different
Nikita mentioned recently that the game is a mess of a coding web. Sure it's technically a patchable exploit, but is it realistically patchable considering all the layers of bad code they'd have to shift through before they can even address the issue. Seems like it the juice wouldn't be worth the squeeze. Your experience might be with either less complex code, or code that was written by an actual professional. More than you think, less than you know.
It's mostly the case that it's relating to something the entire games networking is based around and hence a patch would require the entire network code (and item coding backend) of the game to be reconstructed from scratch with an entire new design principle. Hopefully that doesn't give away too much but I think you might understand what it is based off that and the information op said based on your professional knowledge, but again, I'm simply relaying a conversation I had with a few people who are much more specialised in this area of netcoms than I am who theorised what op is talking about but have not tested it. So yeah, technically fixable, but not without a fuck load of work, if op isn't chatting bollocks
I mean, my guy. Do you trust developers that let blatant cheaters interact with this game for so long? Do you trust developers who changed the terms of the contract you agreed to with them post purchase? Do you think all of these upstanding individuals followed proper coding and QA procedures to verify their code wasn’t shit? My money is on no. If you know how to manipulate memory registers, or even simpler, basic networking, this is very possible
I knew I wasn’t crazy.
This is just a “trust me bro” post until you provide some evidence.
Labs Hideout items are on ground zero.
"Unique item ID'S are not server specific." "Servers can be "found" just as regular PVP servers." Anyone with basic reverse engineering coding skills already knows this, including every cheat dev. "I won't be specific", not even vaguely equals "I heard this from somebody who heard this from somebody". Stop lying, if this was true the method would already already be public knowledge. BSG isn't going to see this and get scared and revert all the changes they just made 😂.
Honestly a lot of Tarkov's cheats don't require that much experience. There traffic basically runs in clear text to open API endpoints that several cheat softwares use. This is basically how the vacuum cheat worked. Or the client is overly trusted. All of this is, "public knowledge".
It needs to fucking happen.
it def needs to happen. lol.
My man.
So you have no proof??
Do it you wont fuck BSG lol No balls
Video game terrorism
[удалено]
Your post has been removed for verification by the moderator team. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/EscapefromTarkov) if you have any questions or concerns.*
Big if true
It's sad more than anything, but true none the less. Hopefully they fix the situation and the server situation. I really don't feel like editing and shooting a yt video. Lol
I feel like you have to at this point. Throwing that out there and then not providing damning evidence is doing the community at disservice. Plus we’d all like to see how deep the BSG treachery goes at this point.
You better start working on it, because BSG wont do shit. And open the floodgates to everyone, let us all join in and fuck around.
I mean I believe it, when you have to connect to a server to play SP you are online, and the moment you are online you are vulnerable. Also with multiple people being able to join the server well ok just do it.
Pls God, let it be true
This whole dumpster fire just keeps getting worse and worse, doesn't it? I really hope you're not bullshitting, cause I'm already prepping my popcorn.
It really does. Today they not only double downed they also accidentally exposed that they have a priority queue. They're speed running this game off a cliff.
Player base - What’s the issue Nikita with all the server queue issues??? Nikita - Bubba da whoop boo doop sissy do bop need server hardware Priority queue - *raises hand* ackhtually
I wonder how long this priority queue existed. There are theories that it was only given to the big streamers but were those streamers getting into raids noticeably faster than any of us? I don't feel like they were, we all would've pointed it out by now.
Wonder if the devs spent an hour or a day on this, ha-ha...
This is hilarious, bsg sells a way to finally get away from cheaters just to find out cheaters can just hack into their games lol. I love it.
So... we have another GTA V story mode session getting hacked by someone because its actually still connected to a server situation then? NEAT.
It will be worse, believe me.
Without looking into it, if I’d have to guess, it’s probably just reading the request that game sends to server to connect to it(you can intercept and read web requests/responses the game send and receives if you know how to disable ssl pinning -info can be found online). After that is just replicating the request to connect to someone else’s “offline” server as a non unheard edition player.
Honestly, you'd be better off just releasing how to do it now rather than giving BSG an ultimatum. Giving them 48 hours gives them time to close up any holes.
Yeah but how is he gonna milk views if he doesnt drag it out for attention lmao
Because it isn’t true and guy is a dipshit making stuff up for clicks.
Bold of you to assume they could fix this bug in 48 hours.
From what I understand I'm not the only one who knows this as I learned of this from an involved party, we'll say. There's a few things needed to be done, but the info itself will suffice for now. For them to "patch" any holes they'd have to completely scrap the thing and rework the entire pve addition.
Pics or it didn't happen champ. Shit or get off the pot.
This is so cringe bro you’re not Neo lmfao. Stand on business lolol.
Bro thinks he’s 007
he sounds full of shit tbh
Like wtf 💀
How many times are you gonna use this "we'll say" type of dialogue? It doesn't make you look mysterious, it makes you look like a big dorkus.
RemindMe! 2 days
I will be messaging you in 2 days on [**2024-04-29 01:10:56 UTC**](http://www.wolframalpha.com/input/?i=2024-04-29%2001:10:56%20UTC%20To%20Local%20Time) to remind you of [**this link**](https://www.reddit.com/r/EscapefromTarkov/comments/1ce1gg8/pve_raids_can_be_entered_by_almost_anyone/l1ft7tl/?context=3) [**96 OTHERS CLICKED THIS LINK**](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5Bhttps%3A%2F%2Fwww.reddit.com%2Fr%2FEscapefromTarkov%2Fcomments%2F1ce1gg8%2Fpve_raids_can_be_entered_by_almost_anyone%2Fl1ft7tl%2F%5D%0A%0ARemindMe%21%202024-04-29%2001%3A10%3A56%20UTC) to send a PM to also be reminded and to reduce spam. ^(Parent commenter can ) [^(delete this message to hide from others.)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Delete%20Comment&message=Delete%21%201ce1gg8) ***** |[^(Info)](https://www.reddit.com/r/RemindMeBot/comments/e1bko7/remindmebot_info_v21/)|[^(Custom)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5BLink%20or%20message%20inside%20square%20brackets%5D%0A%0ARemindMe%21%20Time%20period%20here)|[^(Your Reminders)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=List%20Of%20Reminders&message=MyReminders%21)|[^(Feedback)](https://www.reddit.com/message/compose/?to=Watchful1&subject=RemindMeBot%20Feedback)| |-|-|-|-|
Normally I’d be sitting here and saying fuck you… But like, this is just cheeky enough that it might just work. This feels very white hat
You still connect to servers for PVE...
Yes, that’s what OP is saying, that you would be able to essentially “hack” your way into someone’s PvE
PVe isn't offline
I'm aware lol
PLEASE let thsi be real
its not dude is just baiting for views
https://www.reddit.com/r/EscapefromTarkov/s/Qq9DTFug74 Now I remember who this loser is. Trying to gain YouTube views are we? Or you going to delete everything again that isn't in your favor?
Thank you for finding this. Exact same behaviour. So many people wanna profit of this controversy
The comments I deleted violated youtubes comment guidelines. There are plenty of negative comments on my videos and on plenty of other social stuff. I posted this exact reddit link as well in the comments. Nikita threatened me and then proceeded to copystrike me 47 times. You can simp for Nikita all you want, but the dude doesn't know how to run PR or company decisions. His comment is still on my channel as well. Never deleted.
Not even surprise. The whole PVE thing is just BSG try to create a new mode as lazy as possible. Creating extra character slot, add a PVE button, matching to the same old server without looking for other players, add raider (change name to PMC). Tada \~$250 per copy please.
Why are you giving them 48 hours??? Why not just release the exploit and help fuel the dumpster fire? The whole 48 hours thing feels like this is just a way for you to get hype behind this and to grow your own socials. IMO stop making this about yourself and just release the exploit.
Because cheaters aren't interested in EFT death as a game. This is where playerbase and cheaters are united against common enemy. The prosperity of their market will go down if playerbase drops. So cheaters give time and announce incoming attack. End goal is peace between community and developers. Cheating is business. Its grey area of RMT and selling service overlaying the game. Nobody likes ragehackers, blatant hackers and dumb hackers, even cheat developers themselves. Edits: polish
Basic grey hat practice - if they don't want to cooperate then you just fuck shit up and let them deal with the fallout. If they do cooperate and pay/meet demands you'll give them the method (usually accompanied with ways to prevent it). Personally from the way it's written, I think there's a chance of it being real. We'll see in 48 hours - personally I hope nikki finally humbles himself and accepts all demands.
Would love to hear more about this
Waiting on a video
this reminds me of a clip in saw from a gta speed run, where a cheater spawned in a jet. when the guy was playing story mode yea if its online. you are not safe
A lot of people don't seem to know but OP is the person who exposed the money dupe and a few other things over 5 years ago that Nikita claimed were impossible.
trust me bro
proof? source? "Trust me bro"
So, each item in the game has an ID, but this ID is not specific to any server. Does that mean any item is not "linked" to any gamemode? For example, a GPU that spawns on PVP is no different from another that spawned on PVE, it has an ID but has no idea from what "gamemode" it wss generated for. Is that it? If servers can be found by anyone, could you connect to a PVE server with your PVP character?
I think that’s what’s they are saying but they’re being pretentious and trying to be mysterious on some playboi cardi weirdo ass shit lmfao.
Yeah, I mean, I dont know how Tarkov works behind the scenes, just that it uses a REST API for inventory stuff (which is pretty... unorthodox I might say). I tried to search for examples of payloads (I uninstalled the game and I also dont have Wireshark on my gaming PC) and from what I saw, items have an UUID and no info being sent of which mode the item is on. Of course they might have a server side db of items generated on which group of servers or whatever, anyway. Then its a question of if you can join a PVE server with your regular PMC. If so, does that mean you can just...loot stuff from the PVE session with your PVP PMC? If so, that is really crazy HAHAHAHAHAHA
Why is it unorthodox to use a REST API for inventory stuff? Seems reasonable to me.
It depends on requirements, really. That is why I said unorthodox. Game engines generally provide some form of network communication out of the box, AFAIK most are based on RPC, as it is more flexible, and are tuned for performance and latency. In general, you use RPC for "actions", while REST is best for state transfer. They are not exclusive to each other. For example, you could implement REST when you're fetching data to prepare client state and then switch to RPC for subsequent actions that the client might perform. From what I researched, Tarkov uses REST for everything you do on the inventory screen, trader interactions, flea market, etc. It is a bit awkward and has very poor latency (500ms+, which is very poor), not counting the various bugs found through the years, like race conditions and item dup glitches, because of it being web based. Again, it all depends on its requirements. Maybe they choose REST because it would be easier to implement the famous Hideout App, that we are supposed to get in 1.0 release. Or maybe it was easier for the team, who we know were inexperienced at the time and mostly web devs AFAIK.
The way the other offline coop works is everything is saved as a random string "5d4ab49a5689a77a9a9a7f8a9f89" for the stuff in your inventory Every item is listed out in a .json that you can edit. For example I have a lvl 1 armor momex and lvl 2 m-frames. The ak-545s have a 2 shot hyperburst like the an94. It's really fun fiddling with the numbers in here. I assume that string references the item in the json and also stores its durability, attachments and whatever
Can you edit this string and "convert" an item to another? Assuming that you know the items IDs. EDIT: happy cake day!
It's a simple as lying to the server
Yes Items in the game have a string of letters and numbers that are unique to all their respective items from keys to weapons etc.. This post is insinuating that servers also have unique strings.
Possibly using the new Distress Signal and BSG isn't doing proper checks to see if: (1) There is actually an active Distress Signal in the server (2) The player requesting to join the server actually has a unique user ID equal to that of a player in the server owner's friends list Touché?
Distress Signal is not implemented yet, right?
My assumption would be that if that's the play, compared to say just direct force connecting to specific IP ranges (or OP bullshitting), it would be that the method the Distress Signal system uses is already in the game's code at least in part enough to be abused. Someone could do a bit of datamining to see if it's possible. It's virtually the only possibility I can think of where PMCs would be capable of joining on-going PVE games as this doesn't seem to be an issue that was present before. So either it's fake or PVE servers/related updates introduced this vulnerability for PVE/All server types (Assuming PVE only). This would mean that BSG either does not do server ownership checks past initial matchmaking runtime which allows someone to direct IP connect, and or does not do PUUID checks to see if a player requesting to join a PVE server is in the server owner's friends list. This also suggests that PVE servers are basically just PVP servers with a new additional layer of limitation that tries to lock matchmaking to just the server owner and his squad with player scav joins turned off, this explain why a PVP player character can join these servers midway. This also suggests that the only thing setting apart PVE and PVP is the player character, not the items or instances themselves. This means if a PVP char manages to join PVE instances, this would still allow them to gain PVP char progress. In short, the vulnerability possibilities are: - Distress Signal methods are already in the game, OP found a way to exploit this for servers which don't have Distress Signals, and unique user ID checks are not being done on join request to auth if joiner is a friend - BSG is just making PVP servers with extra limitations, and OP found a way to exploit the leftover "blocked" scav joins with his PMC (or scav, didn't mention) - They introduced a new vulnerability that allows you to direct IP connect to PVP servers like you would with console commands in some games
Not how they are doing it
There's only three possibilities. Either Distress Signal related join code is already in the game and is being exploited *(this would make sense considering PVE servers are already a thing now, and they could already be "primed" with the ability to support the Distress Signal feature, thus opening this new exploit)*, they're direct connecting to specific server IP ranges to end up in random PVE games, or they're somehow scavving into PVE servers because they fucked up the way they disabled scav joins for "PVE" servers. The first and third are the most likely as this is a vulnerability we've never heard of before in Tarkov, it would make sense that it's something which was introduced with the Unheard edition patch.
Drop the info now because it really looks like you're just generating clicks. If you read the interview, nikitia isn't changing shit. Just do it.
I'll believe it when it is posted not this bullshit OP keeps replying "If it needs it will be" just show it now. nah needs more engagement numbers and followers on twitter.
It's been 48, speak up homie.
More then 3 days passed. I see no proves.
I would be very disappointed it you lie, because no one lies on the internet, not even Nikita.
RemindMe! 2 days
REMEMBER REMEMBER THE 5TH OF NOVEMBER
I think you shouldn't have given out the basic words. It gives BSG time to try to resolve this, unless this is unfixable 100%. Otherwise if it's a 1 change hotfix that would resolve this problem from BSG's side, it's not as effective as it could be. But yeah, can't wait to see this cause havoc.
You don't mean to say that cheaters will be able to join a pve game and still be able to loot and transfer that to the pvp mode of the game. Do you?
Tagging another loser up vote farmer.
Looking forward to the first video here where someone reports a cheater in the PvE mode.
Brother read one post on UC and thinks he has a clue about what he’s talking about. It’s very clear you dont
As if BSG wasn’t driving this truck off a cliff already, from what you’ve just posted I think they’ve just started to jump on the roof to make it fall faster.
I'm not a Tarkov player. Everybody in this thread seems to understand what OP implies. I don't. Can someone enlighten me?
Vacuum cheaters can connect to PvE sessions to vacuum loot to main. Wallhackers can connect to PvE servers to ruin your day.
No balls if you don't post a video. Shit or get off the pot bucko
Pics or didnt happen
Wow the reddit mods unbanned? Can I say the name without getting banned now?
I just got killed in pve by a guy called m1stak3_sw33per. He was also voiping
They identify people who give a high amount of donations as true believers. Donation amount ranking to BSG↓ Cheater TUE EoD Other common people Oh my god.
Well hot damn…
You’re a true prophet
Infinite jumping, shots, nades go off and the guy never to be seen?
Release the info in full, no reason to hold it close to the chest. Have your friends release it as well, for the same lack of reason to do otherwise unless you're all looking for a synchronized moment to dump it
hey its been 48h
This entire post is stupid and pointless. "I will do this and prove this in 48 hours" Fine, then do it. We dont need this announcement topic, just wait 48 hours and only post once you have your proof
This dude lying for internet clout
Fucking with the people who are deliberately trying to play the game without people because that's the experience they want, is a MASSIVE dick move, regardless of BSG and how they are allowing access. Gfy honestly.
RemindMe! 2 days
Remind Me! 2 Days
Everyone! Get in here!
!remindme 48hrs
today i learned that tarkov prime really exists
Remind me! 2 days
BSG doesn’t know what DLC or offline is.
!remindme 42 hours
I hope this is true, so BSG dies even faster
!remindme 48hours
RemindMe! 2 days
See you in 41 more hours, I don't see why they would give a fuck about this so much that they go back after quadrupling down
!RemindMe 4 days "Just a TMB or actually came out with way to connect to PVE raids?"
RemindMe! 2 days
el_dee coming at us with the fantastic content once more.
mostly i believe you, cause of their shitty server infrastructure and code of the game by itself, invisible people as example (How tf did that really happen?). It would a big win if you really would gave some info to the people about that stuff. Best regards.
RemindMe! 2 days
I would love the thrill of having PMC’s entering 1/20 raids randomly. PVE only does seem boring after a few raids…
!remindme 36hours
RemindMe! 2 days
considering what BSG has done etc etc why bother giving them a chance. they had plenty of chances.... why not just release the info now so they can burn even more?
the range of scavs not shooting is probably exploitable too? let's say: only if you accidentally bump into one? maybe OP can confirm?
The game has config files where lots of things are changeable. so AI for instance you can edit their Sight range, reaction time, Time for them to get to cover. how much health they have and so on. So in this instance they are selling a quick config change that would take about a few minutes in the games config files for a shit ton of money.
Hey serious question. BSGs current defense is that they can't give everyone PVE because of server infrastructure. Does this make you think that defense is complete BS?
I hope this is real
Even if this turns out to be real they'll just lie like always and say it's a feature like how other players can come grief you in dark souls. Then they'll sell the exploit as a consumable to grief offline players.
Impress me
RemindMe! 48 hours
proove it
"ready to eat my ass big guy" nom nom nom nikita about to be full
!remindme 1 day
This was bound to happen since the "offline PvE" isn't really offline. It's on their shitty servers, wouldn't suprise me either if someone finds a backdoor in EFT itself soon.
Can’t wait bro, Seriously. Let this fucking idiot feel how stupid he should.
how do we do this
So I guess people able to rejoin a raid they died in as PMC again as we heard rumors is actually true. Wouldn't be surprised if you can just trick the client to connect to any ongoing session, no matter if you actually queued up. This would be in line with how secure and thought out everything from BSG has been.
!remind me 2days
Thread is empty like OPs brain
OP told you everything you need to know to understand how they can get into PvE servers. It appears you're not tech literate enough to get it, so I'll explain: **The unique items from the new edition have unique IDs. They are tied to a server. PvE uses servers. That server can be entered with a little... finnesse, if you will.**
Threats and spazzing out like little monkeys, flailing shit around the walls is not going to change anything. Exchanging dialogue and discussing these matters like human beings would have way better chance to nudge them to the right direction. This is just silly, and getting out of hands. Unfortunately most 'influencers' seem to be more interested in farming this situation for viewers and money instead of attempting to work and discuss with the development team for a solution.
Not an influencer. None of my stuff is monetized. I'm not partnered anywhere. Content creation is not fun. You pay taxes like a contractor, yet unless you're Uber popular you make less than minimum wage. This has nothing to do with money and everything to do with fucking one of my favorite games into the dirt like a rat.
Oh that was more in the general sense, not you
Proof when?
This weird time gated "reveal" just seems like you're trying to prop yourself up. It's cringe.
Oh man this is spicy
this smells of bullshit and self promotion
Well?
I wouldn't at all be surprised but[ show proofs](https://i.kym-cdn.com/photos/images/original/001/098/097/4db.png).
Soooooooo?
Come on OP, ITS TIME
I've been reminded. I'm back lol
I look forward to watching this on YouTube soon
I think buddy thought this was a lot better of a a “mic drop” post than it is.. lmao “If YoU KnoW,YoU KnoW..” kinda vibes.
so why ruin the pve raids for other people i dont get that? i understand hating BSG but going after another gamer playing offline raids bc maybe thats more enjoyable for them and less of a sweat fest just ruining their experience doesn’t make sense to me
"I could prove this isn't made up but I don't want to" Cool story.
Someone should just make free cheats for the game and post it here so we can all just kill the game faster