Diablo II Menu
 Diablo 2 News
 Premium Diablo 2
 Scamming sites
 Link to Us
 Advertise on NewD2Event
 Firefox Browser

  Diablo 2 Topsites


Diablo 2 Download
 1.12a Hacks/Cheats/Bots
 Diablo II Demo
 Diablo I Demo

Single Player
 Saved Games

 Diablo II Methods
 Diablo 2 Auradin Glitch
 Forgotten Sands Exploit
 Act5 In classic
 How To Level Up
 Glitch Rush Guide
 God Mode Method
 Level 1-80 in 2 hours
 Teh Dupe 1.11b
 Dupe method 1.11b
 Merc Aura Stack Glitch
 Eth Armor Upgrade Bug
 PK in Town

 About MMBot
 Download MMBot
 MMBot History

 D2HackIt Modules
 D2HackIt Bots

RedVex and Plugins
 RedVex FAQ
 Adblock Plugin
 Flash Plugin
 Leader Plugin
 Macro Plugin
 MephStone Plugin
 NetStuff Plugin
 Tppk Plugin
 Magnet Plugin
 Chicken Plugin
 Keychain Plugin
 ZCommand Plugin
 TownTele Plugin
 HotPlug Plugin
 FastMod Plugin
 GameName Plugin
 Hide offline friends Plugin
 Forgotten Sands Exploit
 PreCast Plugin
 Crapstuff Plugin
 RedEye Plugin
 ChickY Plugin
 Mindigo Plugin
 FastTp Plugin
 EZBaal Plugin
 Origami Plugin
 autoHPK Plugin
 FollowBot Plugin
 OSTPPK Plugin

BlueVex and Plugins
The .NET Version of RedVex

 beta v0.5.0.x
 botNET Bots
 botNET MultiKilla
 botNET Utilities
 botNET Libraries
 botNET Applications

 1.08 Items
 Duped Items
 Hacked-Bugged Items
 Perfect Items
 Crafted Items

 v1.09D PC

Diablo 2 Info

 Cube buffer dupe
 Diablo2 RIP

Diablo 2 Items
 The Basics
 Basic Item Info
 Rings & Amulets
 Weapons & Armors
 Socketed Items
 Rune Words
 Magic Items
 Prefixes & Suffixes
 Rare Items
 Crafted Items
 Set Items
 Unique Items
 The Horadric Cube

Diablo 2 Quests
 Quest Index
 Quest Basic
 Quest Rewards
 Act I Quests
 Act II Quests
 Act III Quests
 Act IV Quests
 Act V Quests
 The Secret Cow Level

Diablo 2 Maps
 Act 1
 Act 2
 Act 3
 Act 4
 Act 5

Diablo 2 NPCS
 NPCs Index
 Act 1
 Act 2
 Act 3
 Act 4
 Act 5

Shrines and Wells
 Shrines and Wells

Diablo 2 Calculators
 More calculators

Diablo 2 Character Guides
 Faster Block Rate
 Faster Cast Rate
 Faster Hit Recovery
 Diablo 2 Hunters
 Amazon [7]
 Assassin [10]
 Barbarian [10]
 Druid [6]
 Necromancer [9]
 Paladin [20]
 Sorceress [13]

 D2event Network
 Diablo and Hellfire


Soj | MH | Ban | Cube buffer dupe | Diablo2 RIP | Noob
Diablo 2 Fun

Early April Joke - Cube Buffer Dupe (1.11b) by Snarg

The horadric cube is a special item in d2 in that it contains its own item buffer. You right click and a buffer opens up, just like that. Most people know the buffer exists even if you dont have a cube. But a little known fact is even if you dont have a cube, there is a hidden buffer on your character that contains the space for the cube when you pick it up. It is a 2 x 2 slot designed for the cube so that it can be right clicked to open into the larger buffer.

This new dupe uses advanced packet injection to cause the game server to desync the state of your cube, allowing the cube buffer (not the contents of the cube) to be manipulated. Since the game server never expect anything except the cube to be in the cube buffer, it is not subjected to the normal buffer behavior. Most interestingly, it is possible to put a non-cube item into the cube buffer. When you take the item out of the cube buffer however, since the game server does not expect the cube to ever disappear, the item is not removed from the buffer. So you can just keep taking the item over and over again and dropping it to your inventory, into the ground or wherever you like! This dupe has to be the easiest in Diablo history and now it is public in the hope that a new ladder season will begin when this is patched.

To use, all you have to do is run Diablo II in windowed mode (use -w on the command line) then run the included .exe. The .exe will alter the D2 interface to expose the cube buffer as a 2 x 2 item store right on your screen. Then simply pick up the items you want to dupe and drop them onto the cube buffer, then take them out again as many times as you want! Unfortunately only small items can be duped as you are limited by the 2 x 2 item buffer size. Ever wonder why item stores mainly stock runes? Now you know!

Darawk wrote:

Nice Snarg. 

For anyone curious about the technical side of this dupe, the "advanced packet injection" technique allows you to bypass normal spamcheck restrictions. If you can recall way back to the dupeswap dupe, it worked by very rapidly swapping your weapons. Blizzard fixed this with a spamcheck on the weapon swap packet. Simple right? Well, not quite. 

The spamcheck only applies to discrete network packets - not discrete packets within the game protocol. Now, the normal programmer who's just writing code to wrap a pre-written network library probably wouldn't realize that there is actually a distinction between the two. And in some protocol setups, there wouldn't be(specifically, datagram protocols). However, D2 operates over a streaming protocol...which means that packets are sometimes collated into larger packets and broken down by the recipient. What does this mean? This means that you can actually send 2(or more) game layer packets, in one network layer packet...and then the server code will separate the two and handle them individually. The design error that the programmers made was to put the spamcheck's in place before the network layer packet is broken down. This means that we can potentially send multiple copies of the same packet that appear to the spamchecking code to be only 1, by collating them all into a single network layer packet. 

What this means for us is that, with the proper timing and calculations, we can bypass the spamcheck filters to some degree, and cause buffer de-synch's by exploiting the same underlying threading issues that allowed exploits like dupeswap, which by the way...should also be exploitable using this new packet injection technique.

cube buffer dupe - read below:

Snarg wrote:
Oh, hey, I made the whole thing up.

Early April Fools.

It just makes a small window and does nothing :)

Diablo 2 Newsletter
Questions, ideas, problems, wishes?
Be informed whenever something new comes up
(or any important problems are fixed.).
You can unsubscribe from this newsletter at any time.
No comments yet
Notify me about new comments on this page
Hide my email

If you can't read the word, click here

Verification code:
Powered by Scriptsmill Comments Script