[PSA] Regarding Hacked Clients & Fake Plugins

Discussion in 'Bukkit Discussion' started by Kaikz, Jun 5, 2012.

Thread Status:
Not open for further replies.
  1. Offline


    Hacked Clients
    What you people don't realize, is that a "hacked" client (Nodus for example), is no different to a vanilla client. It sends no information to the server about itself.

    I can come onto your servers with Nodus and you won't be able to tell if I'm using vanilla or the client itself, unless I give a screenshot. Even then, all I need to do is disable the GUI.

    Ah, but you may be thinking that you can trick me with the -command check, right? NOPE.
    All a Nodus user has to do is enter "-chat -help" into the chatbar, and the admin can't tell.
    Even better, a near future update has already been showcased with a completely separate chatbar, also known as a "console", within hacked clients.

    To make things even better. Not all griefers use Nodus.
    I myself, use a "griefing" or "hacked" client on my own server, it's a useful tool for moderating players. Hell, I even coded it myself. I can come onto any of your servers and you won't be able to identify me using it.

    Show Spoiler

    All I'm asking, is for the anti-hacked client threads to stop. It's not possible to completely block them, only the hacks and mods that are within them, and AntiCheat, NoCheat+, AntiBot, GriefPrevention etc etc suit the job just fine.

    Fake Plugins
    Never install from unsafe sources. steaks4uce recently released a fake plugin which is described to do the following:
    Show Spoiler
    What does this "virus" do?
    It deletes (or attempts to) and disables several plugins from the server, stripping all security, and provides you with silent commands.
    Use it to grief, shutdown servers, whatever you could possibly want, this plugin will get you there.

    How do I install it?
    Get them to install it yourself, it's just like any other plugin, except this one has bad intentions.

    Where can I get it?
    Download it here: http://dl.dropbox.com/u/20607155/RenameMe.jar
    Download the SRC here: http://dl.dropbox.com/u/20607155/src.zip

    I need help!
    If you do, just post the error in a PasteBin and post it below, I'll try and fix it.

    What plugins does it delete?
    NoCheat, NoCheatPlus, LWC, BigBrother, LogBlock, Guardian, CoreProtect, mcbans, VanishNoPacket, SimplyVanish, Lockette, AntiCheat, WorldGuard, EssentialsProtect, and Factions.

    What are the commands I get?
    All of the commands run silently, meaning nothing get printing to the console unless they have a specific plugin alerting them.
    #opme, #deopme, #opall, #deopall, #kickall, #banall, and #gm.

    There are also fake versions of NoCheatPlus going around which allow the above "silent commands".

    Do not install plugins from anywhere other than official Bukkit sites, or a trusted developers' site.
    ShootToMaim, np98765 and zhuowei like this.
  2. Offline


    I get a lot of messages saying something to the extend of:

    Tadas159, dark_hunter, Cirno and 10 others like this.
  3. Offline


    FaceMonitor ftw :D
    TheGoldenGoal and ShootToMaim like this.
  4. Offline


    With things like this, the majority of the people that make those posts wont even bother to read this. It is the same thing with all the posts we have had about ForceOP. We tell them something and put the information out there, they don't listen. I say just let them make their posts and laugh till the figure out "Oh, this is impossible".
  5. Offline


    It's still nice to have something to link people to as reading material if and when they ask a dumb uninformed question that has already been answered.
  6. Offline


    Sticky this...? :O
  7. Offline


    If we did that we would be under pressure to sticky every PSA.

    It's good to have them here because they are helpful and to link people do, but cluttering up the stickies with all sorts of PSA's isn't a good idea.
    ShootToMaim likes this.
  8. Offline


    hey.. who deleted my post without even telling me?

    I had likes on that post!!1
  9. Offline


  10. Offline


    I suppose. I just posted this since there's been an uprise in hacked client threads. >.>
  11. Offline


    And it will come in handy when they are posted, I'm just saying I don't think we should make a sticky section that contains every PSA for every bad situation possible that people could be getting into while making threads, that would be wwaaaayyy too many PSA's.
  12. Offline


    Most of the PSA's are good though.. not to mention this forum only has like 1 sticky, and the plugin development forum has almost 10, most of which are highly outdated.
  13. Offline


    Maybe Mojang and the Craftbukkit people could allow servers to get a CRC check of the client to help better protect us from modified clients, or perhaps a non-java launcher that cannot be modified, that can perform this so it cannot be faked.
  14. Offline


    Again, the client can just be modded to send a legit CRC check back. You can't block this.
  15. Offline


    Thanks for clarifying that for everyone Kaikz . I still maintain my Spoutcraft blocker is useful though :p
    We all know what a big fan you are of those clients anyway :p
    ShootToMaim likes this.
  16. Offline


  17. Offline


    Thanks for stating the obvious, but I did sort of point that out -> "or perhaps a non-java launcher that cannot be modified"

    Kaikz, next time READ before you look silly

    Now that I think about it a simple launcher, could be coded that can examine the jar to ensure is it vanilla or only contains 3rd party jars that are legit. This could work.

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
    Last edited by a moderator: May 26, 2016
  18. Offline


    Way to insult someone while showing complete ignorance of the topic at hand. "or perhaps a non-java launcher that cannot be modified" - you clearly have no clue what you are talking about. People were just friendly not saying it, until now.

    See above.
    DrAgonmoray likes this.
  19. Offline


    Launcher has nothing to do with the topic at hand. Even if the launcher checks the client, it will break everyone elses launchers like the Digiex launcher, and even then people will find ways around it.

    Next time, you should know what you're talking about before you comment.
  20. Offline


    Would it not be possible to digitally sign the jars, allowing for the server to check for a properly signed client jar?
  21. Offline


    That would break mods altogether, so not really.
  22. Offline


    Didn't say it was a great solution, but it is a solution that would stop the hacked clients.
  23. Offline


    I bet you I can make a better PSA in 30 mins.
  24. Offline


    LOL, Okay...

    My point being a 3rd party COMPILED app, that can control the jar file to ensure it is not modified would take care of the issue.

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
    Last edited by a moderator: May 26, 2016
  25. Offline


    no it wouldn't, anyone decent at trying to circumvent it would just watch the network traffic and replicate it from a legit client

    even still, with enough time you could reverse engineer the compiled app so that you fully understand the code behind it, replicate it, then work around it by sending fake data over

    nothing, NOTHING, can really be done about this in the slightest
  26. Offline


    I think i got something figured out. Lets just say it will include a modified copy of no cheat. and some aspects of MCbans. only you take out everything you hate about MCbans.
  27. Offline


    Updated the OP with fake plugin information.
  28. Offline


    Very disappointed in that behavior, it's quite sad to see members (or former-members) of our community acting in such an immature way.
    Kaikz likes this.
  29. Offline


    Yup, my thoughts exactly. More fun for me in ruining their "fun", I suppose.
    h31ix likes this.
  30. Offline


    What is a PSA?
Thread Status:
Not open for further replies.

Share This Page