: The primary technical method involves hijacking the window.WebSocket.prototype.send function. By using tools like Tampermonkey or Charles Proxy , users can intercept outgoing data packets.
: A non-technical "cheat" involves temporarily inflating ability scores or modifiers on a character sheet before rolling, then quickly reverting them before the Game Master (GM) notices. Known Tools and Scripts roll20-cheat-dice
: A showcase repository illustrating how to hijack WebSocket objects to modify client-side dice results. : The primary technical method involves hijacking the window
: Monitoring the chat archive for unusual patterns—such as long delays before rolls or a total lack of "average" results—can help identify users employing packet filtering software. Known Tools and Scripts : A showcase repository
This report examines technical vulnerabilities and common exploits associated with "roll20-cheat-dice," specifically focusing on client-side manipulation of the Roll20 virtual tabletop platform. Overview of Exploits