Mod detection

Discussion in 'Plugin Development' started by aPandaification, Jun 27, 2012.

Thread Status:
Not open for further replies.
  1. Offline


    How would I access someones minecraft files for example .class's in someones .jar or extra folders in their .minecraft - and is it even possible?
  2. Offline


    I don't think that's legal to do, much less possible.
  3. Offline


    Explain WorldEdit CUI, evilmidget38, then. Just an example.

    ... I do not know how to do it either.
  4. Offline


    Isn't that just a mod that simply makes boxes around points 1 and 2 during worldediting? :p
    The server has nothing to do with it, nor can it detect that a user has it. (that I know of)
    Feel free to prove me wrong, with proper proof though.

    And yes, it's illegal, as it's 'Invasion of Privacy' to even gain access to another user's personal files, even if it's just Minecraft. Plugins are not allowed to access user jars, but what they ARE allowed to do is check for packets being sent. But as far as I know, most, if not, all mods send 0 packets. The only things that really send packets in Minecraft are the features in Hack Clients. (Not counting particle effects and all that)
  5. Offline


    I was assuming you were talking about server side plugins considering this is the Bukkit forums.
  6. you can detect if an user bahaves itself abnormaly, like attacking entities behind him, moving at normal speed while pressing sneak, sprinting whit lower than 3 hunger trying to fly on survival, hitting blocks that are behind walls, or behind the person
  7. Offline


  8. Offline


    Your server has no access to their personal files.

    That said, if they install a client mod that notifies the server (as others have noted) you can tell based on that.

    You can't for example detect if someone is using a Nodus client by asking "Is your minecraft.jar this big?" to the player's computer. You can (as noted) really only detect when they actually misbehave. This is the goal of plugins like NoCheat++.
  9. Offline

    Father Of Time

    No one has the right to pry through private files to appease paranoia... That would be like the IRS just randomly scanning everyones hard drives to look for none claimed income... Sure they would likely find a lot of criminals, but at the expense of violating a bunch of ethically driven individuals; and frankly I would be horrified if any legal system allowed all individuals to be treated like criminals to catch the few that actual are...

    Cheating can't be stopped, diligent administration is the only true silver bullet.
  10. Offline


    What about the mcctf servers? If you go on one of their servers with nodus it'll automatically ban you, even if you don't use the hacks at all
  11. I can play whit nodus and autospawn turned on whitout getting bannen, your statement is invalid(and my frend who dont have mods gets banned often there)
    EDIT: I joined now whit nodus whitout ban
  12. I just tried, i got banned... for 23 houres:(
  13. I didn't use anny hacks while I joined, so I think they only see the precency of hacks when you use tham, and not know that its actually nodus
  14. Offline


    Nodus sends out packets and direct connections to the IRC Servvers and Scetch was dumb enough to add in capes for donators to the client... -_-

    All MCPVP does, is checks for that one packet, when they get the message..BAN HAMMA!
  15. Offline

    Paul O'Reilly

    When a player joins a server, and they mods installed with modloader / forge etc (like Industrial Craft and virtually all client mods), the clients sends information on which mods are installed to the server. You can see this in the server log / console, and it's part of the functionality that you get when the server also has forge installed.

    All that is doing (from a security viewpoint) is having the client say "I have these...", and that's not reliable information from a security viewpoint (and there's no point having cheating mods that would announce themselves)

    It does however tell you if the popular mini-map's and similar are installed, and some servers will ban based on that (unfair advantage)
  16. Offline


    So why isn't there a plugin that does that?
  17. Offline


    Because, no offense, but a lot of the big private plugin developers for servers like MCJunkies, MCPVP, used-to-be-raidcraft+raidcraft2, etc. don't share their methods. All their plugins are secure and secret, the source code lies in the hands of the owner and/or other developers of the same server and it's plugins.

    So unless you find a way yourself, because I don't know how to use packets yet, to do's going to be a while before someone detects nodus packets and shares. ;)

    Why, you may ask?

    Because you have to first decrypt the nodus client and unobfuscate class names, then locate the class which renders the capes of players, then find the packet that sends the cape. Once you get that packet, and are positive it's for nodus users only and not official capes, then you can check for that packet on your server or in your plugin that you choose to do whatever with.
  18. Offline

    mbaxter ʇıʞʞnq ɐ sɐɥ ı

    There is no way to detect someone is using a mod via plugin.

    All of the methods described in this topic so far are either completely incorrect or contain bad assumptions. I will happily answer why any individual suggestion is invalid privately (rather not give hack writers ideas).

    Locking this before someone convinces people of more false assumptions.
Thread Status:
Not open for further replies.

Share This Page