Interview with Dennis aka Toor

I’ve been trying to get a hold of Dennis for a long time. I actually started writing this blog mainly because I wanted to find some answers about the CIP hack.

If you dont know about Dennis, he was the owner a server called Realots, a server which used real CIP files. These files were obtained in 2006 when the 7.7v got ‘hacked’.



1. How did you acquire the CIP files? Rumor has it that you, or someone you know socially engineered the hosting company many years ago. How many people were involved?

I did it by myself. Initial penetration by social engineering. Their old hosting company allowed an administrative contact change for their account. I pretended to be a CIPsoft employee “on call” needing a password change. They asked me for the IP number and the name of the owner for the account and they made the change. I used a password recovery and gained access to a vast amount of tickets, some of them containing plain text IPs and passwords to KVM devices. That led to the compromise. However I didn’t compromise player accounts.

2. Another important question that people are wondering is who has the files besides you. From what I’ve gathered its you, Simone, Remere, GrizZmo and Iryont?

I dont want to answer that question. It’s a matter of safety. Referenced people may be subjected to attacks to obtain the files.

3. Some of the hacked files were leaked at some point. All the NPC files and the world map are available to download. Did you or someone you know leak it?

A select few had the map, monsters and NPC (amoung them an otfans admin and sim0ne). I’m guessing they released it.

4. You decided to use the files with your open tibia server, to mimic the conditions of tibia as it was in 2006, how usable were the raw files at first? Was it hard formatting them to be compatible with otserv? Anyone help you with that?

Sim0ne helped me convert the map and make sense of monsters but eventually we figured out the protocol to run the real thing.

5. You used the files with your server, were you worried about legal troubles? Did CIP ever threaten you or contact you regarding using their stolen data?

Cipsoft has always known that I ran the server. I had occasional correspondence with them about it and by not taking action they condoned it. It made legal action unlikely if not impossible due to their previous inaction. So I wasn’t worried about it. In law, if you want to be able to enforce a right you have to defend that right. If your actions are to the contrary you lose the option to enforce it.

6. There was a rumor you singed a legal contract to not distribute the files?

Ulrich Schlott(Durin) was intending to send me paperwork that would keep me from releasing material in exchange for legal immunity but it never came to that.

7. You made lots of money from your server by using the CIP files, can you give an estimate of how much?

I used to gross 4-5K/ euros a month during RealOTS peak time. It totals to alot.

8. Any truth that Doonark(Ryan) was going to buy a copy of realots for 5k Euros?

True, but the deal bounced.

9. What do you say to all the people who claim to have cipsoft files and open up servers saying they are 100% 7.7. Do you think they just have the npcs and map files while all the other aspects are recreated?

They just have the NPCs and map files and have to guess everything else. Almost no one has all files. There is just one other person with the complete distribution 😉

10. Having seen the codes, and other aspects that go along in quests, do you think that cip edited anything after the breach since you had inside knowledge on stuff that was unknown or undiscovered at that time?

Undoubtedly things have changed. At the time there were many unfinished quests as well.

11. When you first saw the files, were you surprised by anything? Did you expect anything to be or not be there?

I was surprised that spells were hard coded into the game rather than configurable. Same for formula’s, runes, etc. It meant that Cipsoft had to recompile and deploy a new version of the game server every time they wanted to make a change. For me it made things very tedious to edit.

12. Anything you wish people know that you know due to you seeing the files?

Two things: 1) Gamel is a rebel and 2) The sword of Fury _is_ obtainable but it’s very rare and extremely tough. The code detailing the quest (except for how to make it disappear) is in no one’s possession.

13. Who is Gamel? ;O

You should ask the guard Chester Kahs about him 😉

12. Favorite moment while hosting realots?
Definitely the creation of Kipsaté, a fast running chicken that spawned a whole myth with players chasing it to figure out its secrets.


13. Why did Iryont stop hosting realots?

I guess due to the workload. It’s very time intensive to make modifications to the server, requiring a lot of dedication.

14. What do you do for a living, and how did you start tibia?

In daily live I’m a lead programmer. I started on Balera when it was launched. 2005 I think. Great server until PvP ended.

15. Since your bringing realots back again, did you know that Ryan West is ddosing every old school server, do you think you will have a problem with him?

I doubt it. It will be a multiproxy setup so no DDoS can ever touch the actual server and at most temporarily disrupt the players of a single proxy.

12. Anything you wish to add?

Shoutouts to: Alvaro aka “Magz”, legendary mage and long time friend. One of the very very few people who have ever held a magic longsword and gave it back. Rodrigudo aka “Trenshy Master” who always had my back and was a role model in many ways, and to Simao aka “Smith Icarus” who risked it all to protect the innocent and serve justice.

There you have it :v)



One thought on “Interview with Dennis aka Toor

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s