(844) 627-8267
(844) 627-8267

League of Legends hackers discover exploit that makes them immune to bans | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Published: 2023-06-29T01:24:32

  ❘   Updated: 2023-06-29T01:24:46

League of Legends players have discovered some tech wizardry that allows them to completely bypass an account ban and continue playing, resulting in scripters being able to run wild in matches.

Between scripting, inting games, and poor in-game conduct, there are a number of reasons a player could get banned from League of Legends. These penalties are in place to ensure that players who log in and play fair don’t have their game quality ruined by those who aren’t following the rules.

Article continues after ad

Bans can also be either temporary or permanent, with some players getting a slap on the wrist and a few days away from the game while others are permanently barred from playing.

However, due to a newly discovered exploit involving the way a user’s client interacts with Riot’s servers, anyone who knows how to create this workaround can trick League’s client into thinking they haven’t been banned.

Hackers discover League of Legends ban workaround

While scripters aren’t overly common in League of Legends, they do exist. Not to mention a number of high MMR players that purposely grief streamers and snipe their games to try and ruin them as well as people who snipe matches to try and influence them for the sake of solo queue betting.

Article continues after ad

The ban system is essential to keeping things civil at all levels of play, and the idea that a ban could be bypassed is a frightening proposition for the health of the game.

While it isn’t exactly easy to pull off, players have discovered a way to bypass a ban on their account. The solution isn’t nearly accessible enough to be a problem for the average player, but those who have the know-how can run free even if their account catches a ban.

Article continues after ad

As explained by Hawolt, players have discovered a few holes in the way the League of Legends client processes bans.

First off, players can “forge” a ban by using a proxy to trick their client into thinking they’ve been banned from the game. This merely makes a window pop up in your client as if you were banned from the game but doesn’t actually affect your account. Strange, but ultimately pretty harmless.

Where things get a little scary is that the opposite is true; players can bypass an account ban by preventing the ban message from hitting your client entirely.

Article continues after ad

This is possible to pull off in two ways. One method is to bypass the ban by keeping a JWT token alive from when the account wasn’t banned. A JWT token is essentially a digital signature that allows access to a user’s account, and holding on to a token from an unbanned version of the account will grant that player access.

However, this method only works until a new patch comes out and makes the token that’s essential to the workaround no longer usable. In other words, it’s only effective if a user plans on getting banned and prepares in advance, and it has a limited life cycle.

Article continues after ad

Alternatively, you can use a proxy to make it so that data that’s supposed to be sent to your client (AKA the line of code that locks players out of their account) gets blocked and never hits the client. As a result, that account can gain access to the game.

It remains to be seen how this exploit will affect League of Legends, especially in the case of players scripting in high-level matches.


Click Here For The Original Story From This Source.

National Cyber Security