Legends of IdleOn RNG Manipulation

idleon.md

Disclosure Timeline

Note: All dates are in YYYY-MM-DD format (as per ISO 8601 and other standards).

Date	Action
2023-07-06	Emailed lava at lavaflame2 dot com with these details and a recommended fix.
2023-08-06	A month later, I follow up just asking if Lava has received my messages.
2023-11-15	Additional follow-up email
2023-11-15	Mentioned knowing an exploit in Discord, passed details onto moderator (Hotair)
2023-11-15	Additional follow-up email (as I cannot DM lava)
2024-01-16	Given a lack of repsonse after more than 6 months, public disclosure.

Screenshots are also available for some of my outreach attempts.

Exploit

This is easiest to do in the browser version of the game. You can use a Google Account for both Steam and Web in order to load an existing account in the web mode. Easy peasy.

Press F12 to open your developer tools. Run the following code:

// Make a native copy of your browser's Math.random function
Math.originalRandom = Math.random

// Now replace it
Math.random = () => Math.originalRandom() / 100000000000;

Open the Arcade. Press Launch. Notice all of the balls always fall to the right. You can score unlimited jackpots.

There are some other use cases where you want high numbers. There are yet others where you want to pingpong between high and low numbers for the desired effect.

Math.originalRandom = Math.random;
Math.lowRandom = function() {
    return Math.originalRandom() / 100000000000;
}

Math.highRandom = function() {
    return 1 - Math.lowRandom();
}


let breakCycle = false;
function luckyCycle() {
  return setTimeout(function() {
    if (breakCycle) return;
    // console.log('rng on');
    Math.random = Math.lowRandom;
    return setTimeout(function() {
      //console.log('rng off');
      Math.random = Math.highRandom;
      return setTimeout(luckyCycle, 30000);
    }, 30000);
  });
}

Then you can just Math.random = /* desired other function, such as Math.lowRandom */ your way to winning big.

Impact

• Millions of Gems
• See https://soatok.idleonefficiency.com for what controlling RNG outputs looks like on an account

Mitigation

Lava could mitigate this risk with one line of code, followed by a search and replace:

+ const LavaMath = Object.freeze(Math)

And then replace any calls to Math.random with LavaMath.random, and then this would no longer be possible.

(Yes, I included this one-liner in my email to Lava in July 2023.)

Advanced Exploit

Compile Chromium with a custom RNG that returns a low value (less than 0.000001) 9/10 times, then defers to the normal LCG the rest of the time. You'll win most luck-based things (Arcade Balls, Gaming Plants, etc.).

The mitigation I suggest doesn't defend against this, but using a secure RNG instead of Math.random would likely generate farier numers anyway.

Update

The /r/idleon mods censored the link to this Gist from their subreddit (Archive).

@moneymanmonhash
IMO Lava get too much with those in game purchases, while I understand he have to make money it is just too much.

Open game in chrome
Right mouse button -> inspect element
Go to Console tab
Write there "allow pasting" (or something like that) -> press enter
Copy paste "Math.originalRandom = Math.random" -> press enter
Copy paste "Math.random = () => Math.originalRandom() / 3;" -> press enter
Open arcade and launch few balls, do not launch too much because it may lag you and throw black screen for game.

@moneymanmonhash IMO Lava get too much with those in game purchases, while I understand he have to make money it is just too much.

Open game in chrome Right mouse button -> inspect element Go to Console tab Write there "allow pasting" (or something like that) -> press enter Copy paste "Math.originalRandom = Math.random" -> press enter Copy paste "Math.random = () => Math.originalRandom() / 3;" -> press enter Open arcade and launch few balls, do not launch too much because it may lag you and throw black screen for game.

legend thank you a lot

hey guys sorry to bother again, anyone got any tips to get lots of candies instead? like the 72 or 24h ones

hey guys sorry to bother again, anyone got any tips to get lots of candies instead? like the 72 or 24h ones

go to arcane and set MathRandom to like 1.3, works best doesnt get that many jackpots but gets a lot of 72hr candies, i have like 2000

hey guys sorry to bother again, anyone got any tips to get lots of candies instead? like the 72 or 24h ones

go to arcane and set MathRandom to like 1.3, works best doesnt get that many jackpots but gets a lot of 72hr candies, i have like 2000

Thanks legend

hey guys sorry to bother again, anyone got any tips to get lots of candies instead? like the 72 or 24h ones

go to arcane and set MathRandom to like 1.3, works best doesnt get that many jackpots but gets a lot of 72hr candies, i have like 2000

Hey actually could you elaborate on that a bit? I set mathrandom to 1.3 and tried dividing mathoriginal by 1.3 and all the stuff but nothing got me lots of candies, is there any specific way to write the line of code?

Make it worth, launch only 5 balls for example

// Step 1: Store the original Math.random function
Math.originalRandom = Math.random;

// Step 2: Override Math.random with your custom function
Math.random = function() {
return Math.originalRandom() / 3;
};

// Step 3: Restore the original Math.random function after 30 seconds (30000 milliseconds)
setTimeout(function() {
Math.random = Math.originalRandom;
}, 30000); // Make it 30 seconds or less, so the browser dont freeze

anytime i lower the value to below 1 my game crashes is there a way to avoid this?

@moneymanmonhash IMO Lava get too much with those in game purchases, while I understand he have to make money it is just too much.

Open game in chrome Right mouse button -> inspect element Go to Console tab Write there "allow pasting" (or something like that) -> press enter Copy paste "Math.originalRandom = Math.random" -> press enter Copy paste "Math.random = () => Math.originalRandom() / 3;" -> press enter Open arcade and launch few balls, do not launch too much because it may lag you and throw black screen for game.

Does this work to increase the drop rate of recipes and rare items?

The following code makes it go right for 5 seconds for a while, and then loop so your browser dont freeze. Just copy and paste it and watch the show. You can lower from 5000 ms (5 seconds) to 4 or 3 seconds if its still freezing...

// Save the original Math.random function
Math.originalRandom = Math.random;

// Function to modify Math.random
function modifyRandom(divisor) {
Math.random = () => Math.originalRandom() / divisor;
}

// Initial modification of Math.random
modifyRandom(3); // Start by dividing by 3

// Function to toggle the behavior
function toggleRandom() {
let divisor = 3; // Start with dividing by 3
let interval = 5000; // Initial interval for 5 seconds

// Function to change the behavior after the initial interval
const changeBehavior = () => {
if (divisor === 3) {
// If currently dividing by 3, switch to dividing by 1 for 10 seconds
divisor = 1;
interval = 10000;
modifyRandom(divisor);
} else {
// If currently dividing by 1, switch back to dividing by 3 for 5 seconds
divisor = 3;
interval = 5000;
modifyRandom(divisor);
}

setTimeout(changeBehavior, interval);
};

// Schedule the first behavior change after the initial interval
setTimeout(changeBehavior, interval);
}

// Start the toggling process
toggleRandom();`

The following code makes it go right for 5 seconds for a while, and then loop so your browser dont freeze. Just copy and paste it and watch the show. You can lower from 5000 ms (5 seconds) to 4 or 3 seconds if its still freezing...

// Save the original Math.random function Math.originalRandom = Math.random;

// Function to modify Math.random function modifyRandom(divisor) { Math.random = () => Math.originalRandom() / divisor; }

// Initial modification of Math.random modifyRandom(3); // Start by dividing by 3

// Function to toggle the behavior function toggleRandom() { let divisor = 3; // Start with dividing by 3 let interval = 5000; // Initial interval for 5 seconds

// Function to change the behavior after the initial interval const changeBehavior = () => { if (divisor === 3) { // If currently dividing by 3, switch to dividing by 1 for 10 seconds divisor = 1; interval = 10000; modifyRandom(divisor); } else { // If currently dividing by 1, switch back to dividing by 3 for 5 seconds divisor = 3; interval = 5000; modifyRandom(divisor); }

setTimeout(changeBehavior, interval); };

// Schedule the first behavior change after the initial interval setTimeout(changeBehavior, interval); }

// Start the toggling process toggleRandom();`

Lol I really don’t get 99% of but I get it but I don’t but I think that’s how coding works but thanks I’ll see what I can do with this if I know how to apply it for myself or smth idk

so i was messing with the code a bit using chat gpt and I managed it to give me basically infinite money which was completely unintentional XD

so i was messing with the code a bit using chat gpt and I managed it to give me basically infinite money which was completely unintentional XD

what did you do?

so i was messing with the code a bit using chat gpt and I managed it to give me basically infinite money which was completely unintentional XD

what did you do?

After scoring a jackpot

Math.random = () => Math.originalRandom() / 0

Otherwise:
MoneyBANK = 10e30

Would work too I believe. Not sure

so i was messing with the code a bit using chat gpt and I managed it to give me basically infinite money which was completely unintentional XD

what did you do?

After scoring a jackpot

Math.random = () => Math.originalRandom() / 0

Otherwise: MoneyBANK = 10e30

Would work too I believe. Not sure
i mean getting money from arcade is pretty stupid since at some point you make so much more due to boosters and stuff like that if we do it from the game perspective

so i was messing with the code a bit using chat gpt and I managed it to give me basically infinite money which was completely unintentional XD

what did you do?

After scoring a jackpot

Math.random = () => Math.originalRandom() / 0

Otherwise: MoneyBANK = 10e30

Would work too I believe. Not sure

this actually helped me when I transferred the money to the back and back it got rid of the money ty

any of you guys have a good auto clicker or maybe some application that can do repeated actions?

I'm not really comfortable with the direction this discussion is going. I'm not interested in enabling any sort of misbehavior in IdleOn. I disclosed what I found publicly because LavaFlame2 didn't even respond to my report.

@moneymanmonhash IMO Lava get too much with those in game purchases, while I understand he have to make money it is just too much.

Open game in chrome Right mouse button -> inspect element Go to Console tab Write there "allow pasting" (or something like that) -> press enter Copy paste "Math.originalRandom = Math.random" -> press enter Copy paste "Math.random = () => Math.originalRandom() / 3;" -> press enter Open arcade and launch few balls, do not launch too much because it may lag you and throw black screen for game.

Would it be possible to use this method to affect RNG on Sneaking (item finding rolls and detection chance) or farming overgrowth?

Is there a way to get unlimited dungeon flurbos?

can it work for the companion pets?

if anyone knows the code which can make all the balls turn into time candies let me know

@danielgarciabsb

The following code makes it go right for 5 seconds for a while, and then loop so your browser dont freeze. Just copy and paste it and watch the show. You can lower from 5000 ms (5 seconds) to 4 or 3 seconds if its still freezing...

// Save the original Math.random function Math.originalRandom = Math.random;

// Function to modify Math.random function modifyRandom(divisor) { Math.random = () => Math.originalRandom() / divisor; }

// Initial modification of Math.random modifyRandom(3); // Start by dividing by 3

// Function to toggle the behavior function toggleRandom() { let divisor = 3; // Start with dividing by 3 let interval = 5000; // Initial interval for 5 seconds

// Function to change the behavior after the initial interval const changeBehavior = () => { if (divisor === 3) { // If currently dividing by 3, switch to dividing by 1 for 10 seconds divisor = 1; interval = 10000; modifyRandom(divisor); } else { // If currently dividing by 1, switch back to dividing by 3 for 5 seconds divisor = 3; interval = 5000; modifyRandom(divisor); }

setTimeout(changeBehavior, interval); };

// Schedule the first behavior change after the initial interval setTimeout(changeBehavior, interval); }

// Start the toggling process toggleRandom();`

did you ever get any type of ban/shadowban after playing around with these codes? i wanted to be a little subtle with the use of them so I don't get locked out of playing with any friends :'] I've already spent almost $100 on gem packs so this would be cool if it's usable every now and then- also curious if you could use it to change the value of getting something like doot from the weekly pet, thanks in advance if you can manage to reply!