Major FFXIV Database Exploit revealed
It seems Final Fantasy XIV: A Realm Reborn players have found an exploit that allows players to level their characters within minutes by taking advantage of a major database exploit that allows players to edit their characters info directly.
The exploit was found via the Lau scripting that FFXIV uses and JSON which is an API query used to retrieve character info for the Lodestone armory, which is normally a one way street. You can make request to get info on your character, but you can’t send requests to change the character. It seems with this exploit you can. Players can send commands to LAU to directly edit their characters.
Players can level their characters instantly to the cap or give themselves 50 billion gil if they wish. Players can also take any item they currently have and send a request to change that item into anything they want.
There have been some major exploits in the past, like Neverwinter over the summer that required them to roll back their servers to fix the economy after players were able to create billions out out of thin air, but this one makes that look like nothing.
This exploit will not doubt require a full server roll back to fix the game and as of this point Square Enix have not even acknowledged there is a problem.