Our testing on TERA were conducted under our Black Box penetration testing service, a real-world approach to hacking.
TERA’s services were built on a custom in-house engine and network protocol. To support this, we had to perform reconnaissance on their services and reverse engineer a solution to integrate our tools. Because we had no access to documentation, we had act independently to discover and extract functionalities from the game client to test them.
During our work with the TERA developers, we tested a variety of functionalities. These include:
- Network-based packets
- Physics (meaning player movement and attacking)
- Fighting Abilities
- Player skills (such as mining and crafting)
- Trading between players (individually and large scale in the “Grand Exchange”)
- Duelling
- Quest start and completion
- Mounts
- Guild and party system
- Account registration and authentication
- Character creation
Results
Our testing of TERA was actually composed of several iterations. Our collaboration was extended upon the results of each iteration, which revealed multiple vulnerabilities. As we did so, our testing continued to cover a wider net of the services and functionalities. Once each iteration of patching had been completed, we conducted full sanity and regression testing.
Several vulnerabilities were discovered with each iteration. Many were considered high-risk by the publisher and developer. One in particular, allowed players to repeatedly attain the “quest complete” state and easily farm experience points and the quest rewards.
The Black Box testing was the most convenient approach for Gameforge as they valued the real world approach to hacking.
“The security audits are always splendid. With the extensive reporting and risk assessment, our developers can effectively patch vulnerabilities.”
Gameforge
