[HR] Set Arena points

[Protuber]

Describe the hack in 5 words or less: I think this should be added because I really want to be on the top leaderboards

(Optional) Additional information

*Have you made sure this hack isn't available yet? (Yes/No)** Yes

[ArcerionDev]

This hack is possible, yes

However, Prodigy has a ratelimit of 100 points per minute, which means running it nonstop for the entire month would give you ~4382900 points. However, you'd have to keep it running all day, and all night. A month is ~30d so running it nonstop for 3 days would still give you about 438290 points, which usually would bring you to the top, but this really isn't ideal. So, we're planning on making a site where you can enter your credentials and we'll be giving you arena points even if you shut your device. However, this is difficult and probably won't be available for a while. We are working on it and hopefully will get it to you by the next arena season.

[Protuber]

wow you really toke the time to tell all this

[ArcerionDev]

um yes

[Protuber]

wait if you add out username and password it would just give us free points thanks man

[ArcerionDev]

that's the plan, it's in development, we have it in https://github.com/Prodigy-Hacking/ArenaPointsHost

[Protuber]

ok

[LeoBadeaux]

It is a slow progress botting arena points, and we have to learn how it is being ratelimited, we also need the bandwidth and the servers to handle 100+ users botting arena points on our servers. Server costs would be super expensive, and we might have to have a subscription system or something like that. Not easy.

[ArcerionDev]

the costs are fine, we have that covered

[Protuber]

when i click it you toke me to another same place

[LeoBadeaux]

@ArcerionDev Are you sure? We can expect thousands of users to be using this, and Prodigy is going to ratelimit by IP, the singular server you have isn't gonna be able to handle all thousands of people.

[LeoBadeaux]

Prodigy will get the IP and will blacklist it. Not to mention this is going to put a bunch of stress of Prodigy's servers as well, so technically it's a DDOS attack.

[ArcerionDev]

Prodigy will get the IP and will blacklist it. Not to mention this is going to put a bunch of stress of Prodigy's servers as well, so technically it's a DDOS attack.

wait i never thought of that

[ArcerionDev]

ummmm

[ArcerionDev]

hang on maybe we can spoof the request origin somehow

[Protuber]

ok

[LeoBadeaux]

I've tried looking into how spoofing IP works, and with today's technology and HTTPS it's not that easy.

[ArcerionDev]

you are also forgetting that prodigy makes multiple thousand requests to their servers every minute, because of their player base

[Protuber]

i dont know of yall should because don't what yall getting in legal trouble

[ArcerionDev]

it won't get anyone in legal trouble

[LeoBadeaux]

Either way, this still means our server won't be able to handle it all. This is a generic DevOps issue

[LeoBadeaux]

Pretty sure prodigy knows we're all just a batch of skids

[Protuber]

prodigy already has a lot of people who do arena battles also do yall think you can get harmony prize coming soon

[ArcerionDev]

Pretty sure prodigy knows we're all just a batch of skids

yes they know we're all sleep deprived teenagers if that's what you mean

[LeoBadeaux]

I don't remember what hosting we use for that server, but the server definitely has a bandwidth limit, unless you want to implement kubernetes on hundreds of servers with massive bandwidth which all cost thousands of dollars.

[Protuber]

to be honest, prodigy won't know a thing because a lot of people fo battle in the arena

[LeoBadeaux]

They'll be able to detect an IP sending thousands of requests every second.

[Protuber]

good point

[LeoBadeaux]

Should this be a team meeting? I thought the arena site was abandoned.

[Protuber]

same

[Protuber]

the arena points because there was a time I got 1100 arena points

[Protuber]

a battle

[ArcerionDev]

They'll be able to detect an IP sending thousands of requests every second.

hopefully will be able to find a way to edit the origin, maybe they accept x-forwarded-for headers xd

I wouldn't be surprised because their captcha doesn't even work

[LeoBadeaux]

I feel like they've given up trying to patch the hacks.

[LeoBadeaux]

Most of the recent times we went down seems to be updates to the prodigy system that unintentionally patched hacks?

[ArcerionDev]

I feel like they've given up trying to patch the hacks.

yes they occasionally do csp things but nothing significant

I mean I could unpatch it and that's saying something

[ArcerionDev]

Most of the recent times we went down seems to be updates to the prodigy system that unintentionally patched hacks?

perhaps intentional perhaps not

[LeoBadeaux]

and even like I said spoofing an IP, our tiny server can't handle thousands of users doing this.

[LeoBadeaux]

I mean I could unpatch it and that's saying something

I mean if I worked there I could patch it for good and that's saying something

[LeoBadeaux]

Our site is blocked by my school so there's other people in my school district using the hacks, which is interesting. Little do they know that someone in their district works on the very hacks they are using.

[ArcerionDev]

and even like I said spoofing an IP, our tiny server can't handle thousands of users doing this.

I don't actually know about that, because our gamemin gets thousands of requests each day and all of those calls to the gamemin require ~4 additional requests

[ArcerionDev]

Our site is blocked by my school so there's other people in my school district using the hacks, which is interesting. Little do they know that someone in their district works on the very hacks they are using.

wait hang on I thought you were in high school

[Protuber]

i mean it not blocked from out of comptuters

[LeoBadeaux]

that's inbound, and user's computers caching the response also helps the servers, we're sending outbound requests in this instance, and it will require a bit more computation on our servers to do an outbound request.

[LeoBadeaux]

yes I am

[Protuber]

when I try doing it said blocked by admin

[LeoBadeaux]

The way my area works is all the schools in the area use the same system

[ArcerionDev]

The way my area works is all the schools in the area use the same system

o

[ArcerionDev]

that's inbound, and user's computers caching the response also helps the servers, we're sending outbound requests in this instance, and it will require a bit more computation on our servers to do an outbound request.

um no, we need to make a request to prodigy to find the version, then another to get the gamemin, then another to get the publicgamemin

[LeoBadeaux]

anything blocked at my high school is blocked at another nearby highschool, middleschool, etc

[LeoBadeaux]

However my last day is the 28th, I am a senior.