Action overloading: Difference between revisions

From The Urban Dead Wiki
Jump to navigationJump to search
m (moved Action Overloading to Action overloading: Correct case)
(not php)
Line 1: Line 1:
'''Action Overloading''' was a bug exploit which was fixed on January 18th, 2006. The exploit took advantage of a bug in the PHP code which allowed multiple actions to take place at the same time, while only charging AP for the first action. Since the "drop" action costs 0 AP, the exploit allowed most actions to be executed for free.
'''Action Overloading''' was a bug exploit which was fixed on January 18th, 2006. The exploit took advantage of a bug in the Urban Dead source code which allowed multiple actions to take place at the same time, while only charging AP for the first action. Since the "drop" action costs 0 AP, the exploit allowed most actions to be executed for free.


==Use==
==Use==

Revision as of 21:21, 29 May 2011

Action Overloading was a bug exploit which was fixed on January 18th, 2006. The exploit took advantage of a bug in the Urban Dead source code which allowed multiple actions to take place at the same time, while only charging AP for the first action. Since the "drop" action costs 0 AP, the exploit allowed most actions to be executed for free.

Use

The exploit was employed as follows:

The first part of the url was the drop command: http://urbandead.com/map.cgi?drop=p (this would drop a pistol)

After this, a weapon and target could be specified: http://urbandead.com/map.cgi?drop=p&weapon=?X&target=?Y

Where ?X = the name of the weapon (maul, pistol, shotgun, etc.) and ?Y = ID of the target (the user number, or Z for the top zombie)


Alternatively, the exploit would allow free movement as in: http://urbandead.com/map.cgi?drop=p&v=XX-YY

Where XX and YY are the coordinates of the square to move to.


Searching could also be done for free as in:

http://urbandead.com/map.cgi?drop=p&search


Limitations

For reasons unclear to the discoverer of the exploit, some actions, like using items, were not susceptible to the bug. Other actions which were not free include: rising from the dead, entering buildings and speaking.

In addition, the IP hit limit made it impossible to execute more than 160 actions per day, unless the player donated money.


Blesley Mall

Five days before the bug was fixed, HackinOnTheIIGS moved into Blesley mall and, more or less single handedly, killed every survivor there by using the exploit. Ironically, due to the tiny number of zombies involved in the attack, most survivors and zombies assumed that the mall had simply evacuated to avoid the wrath of a zombie mall tour which was ongoing at the time, and many remarked about the impressive coordination required to execute such an evacuation.


Fix

The bug was finally fixed after two players, HackinOnTheIIGS, and Sarrge the Pirate, were noticed with extremely large amounts of XP. A bug report was filed, and within a week, Kevan had fixed the bug.

Questions were raised as to whether the two players known to have exploited the bug had their accounts locked. As their XP had not increased, several users assumed that they had. In fact, the accounts were not locked, and did not need to be; after tasting the power of the exploit, it was more or less impossible for either player to go back to normal play.