Regarding the Exploitation of Loopholes in the Use of Assistive Software in Games

[13440130]

ServUO Version

Publish Unknown

Ultima Expansion

None

Assistive software such as Razor, RazorEnhanced, ClassicAssist, UOSteam, etc.

Specific effects:

1. Record a macro in the game that double-clicks any container inside the BANKBOX (taking its absolute Serial value). Then, at any time and from any location, playing this macro will open that container and allow manipulation of the items inside it.
2. Record a macro in the game that double-clicks any item inside the BANKBOX (taking its absolute Serial value). Then, at any time and from any location, playing this macro will allow the use of that item from the BANKBOX. On the Sphere v51a server, this is mainly used to quickly switch magic scrolls for PvP purposes.
3. Record a macro in the game that moves any item from the backpack to the BANKBOX. Then, at any time and from any location, playing this macro—with only the Serial value of the moved item modified—will place the item intended to be deposited into the BANKBOX.

I have tested these vulnerabilities on both Sphere v51a + 1.26.4 and ServUO/RunUO + 6.0–7.0.103, and they work on all of them.

Does anyone have a way to fix these vulnerabilities?