Unofficial CraftBukkit Build, [556] works with 1.3/1.4 MC Clients, ALL PLUGINS WORK!

Discussion in 'Bukkit Help' started by Zidonuke, Mar 31, 2011.

Thread Status:
Not open for further replies.
  1. Offline

    EvilSeph Retired Staff

    drtshock likes this.
  2. In no way do we ever allowed hacked clients on our server - just posting this here for factual information. Zidonuke, I'm more than greatful for this fix - but using it to leverage / test your new 'client' mods - will not be tolerated.

    Over the course of a few days while using this 1.3/1.4 fix - we have crashed (console being frozen) about 3 times.
    http://pastie.org/1755178

    Third freeze (5ish mins after Zidonuke logged in?)
    http://pastie.org/1755496

    Picture 1) http://img850.imageshack.us/i/haxa.png/

    I can post the other logs - but I dont feel that its necessary.
     
  3. Offline

    Mukrakiish

    Malicious activity? Was it just to you Kainzo or is this something that others that have used this (I just upgraded away from it this morning) that they/we need to know about?
     
  4. Offline

    Dinnerbone Bukkit Team Member

    Apparently some people were concerned about security or something, so I opened this up. The ONLY changes this makes are that is disables version checks on login, and it replaces your /version text.
     
  5. Offline

    Zidonuke

    Wat. Wat. Wat.
     
  6. Offline

    Mukrakiish

    I figured that's all this custom CB did. That's why I was confused by this followup.

    Edit: fixed my typo. Sorry >.<
     
  7. But... this isn't a custom client, it's a custom CraftBukkit?
     
  8. Exert from the logs Kainzo posted (open)


    Line 102896: 2011-04-03 03:17:16 [INFO] Whitelist: Player Zidonuke is trying to join...
    Line 102898: 2011-04-03 03:17:16 [INFO] Zidonuke [/209.0.143.119:51429] logged in with entity id 1397792
    Line 102983: 2011-04-03 03:18:29 [INFO] [HeroChat] [o] Zidonuke: <.<
    Line 102994: 2011-04-03 03:18:44 [INFO] [HeroChat] [o] Zidonuke: you know I can see past vanish right
    Line 103009: 2011-04-03 03:18:57 [INFO] [HeroChat] [o] Zidonuke: No
    Line 103010: 2011-04-03 03:18:59 [INFO] [HeroChat] [o] Zidonuke: lol
    Line 103013: 2011-04-03 03:19:02 [INFO] [HeroChat] [o] Zidonuke: modified client
    Line 103016: 2011-04-03 03:19:05 [INFO] [HeroChat] [o] Zidonuke: myself :d
    Line 103019: 2011-04-03 03:19:07 [INFO] [HeroChat] [o] Zidonuke: :D
    Line 103027: 2011-04-03 03:19:15 [INFO] [HeroChat] [o] Zidonuke: vanish exploits a MC bug
    Line 103035: 2011-04-03 03:19:21 [INFO] [HeroChat] [o] Zidonuke: I remove that bug
    Line 103056: 2011-04-03 03:19:38 [INFO] [HeroChat] [o] Zidonuke: Turn the server to offline mode
    Line 103064: 2011-04-03 03:19:41 [INFO] [HeroChat] [o] Zidonuke: I show you notch :D
    Line 103100: 2011-04-03 03:20:14 [INFO] [HeroChat] [o] Zidonuke: hold on let me screenshot you
    Line 103205: 2011-04-03 03:21:55 [INFO] [HeroChat] [o] Zidonuke: http://images.zidonuke.com/antivanish.png
    Line 103205: 2011-04-03 03:21:55 [INFO] [HeroChat] [o] Zidonuke: http://images.zidonuke.com/antivanish.png
    Line 103207: 2011-04-03 03:21:56 [INFO] [HeroChat] [o] Zidonuke: :D
    Line 103244: 2011-04-03 03:22:35 [INFO] [HeroChat] [o] Zidonuke: mhmm
    Line 103573: 2011-04-03 03:26:43 [INFO] Zidonuke lost connection: disconnect.genericReason
    Line 103597: 2011-04-03 03:27:00 [INFO] [HeroChat] [nw] [Mod]Brutalacerate(*): Zidonuke has a modded Client, "Yiffcraft". He admitted it and I have an SS.
    Line 103645: 2011-04-03 03:27:33 [INFO] [HeroChat] [nw] [Architect]Symbolite: who is zidonuke?
    Line 103688: 2011-04-03 03:28:08 [INFO] Whitelist: Player Zidonuke is trying to join...
    Line 103690: 2011-04-03 03:28:08 [INFO] Zidonuke [/209.0.143.119:58610] logged in with entity id 1681160
    Line 103869: 2011-04-03 03:30:22 [INFO] [HeroChat] [o] Zidonuke: Well I help make yiffcraft with my pet Dori :p
    Line 103936: 2011-04-03 03:31:06 [INFO] [HeroChat] [o] Zidonuke: mhmm x3
    Line 103961: 2011-04-03 03:31:22 [INFO] [HeroChat] [o] Zidonuke: Duh x3
    Line 103983: 2011-04-03 03:31:37 [INFO] [HeroChat] [o] Zidonuke: I mean honestly there are worse hacks than fly hax
    Line 103991: 2011-04-03 03:31:43 [INFO] [HeroChat] [o] Zidonuke: Minecraft is soooo exploitable :eek:
    Line 104040: 2011-04-03 03:32:20 [INFO] [HeroChat] [o] Zidonuke: all hax are preventable tho
    Line 104051: 2011-04-03 03:32:38 [INFO] [HeroChat] [o] Zidonuke: writing a new craftbukkit to turn diamond into stone unless your 15 blocks away
    Line 104074: 2011-04-03 03:32:57 [INFO] [HeroChat] [o] Zidonuke: you monitor all diamond breaks and then spy on them
    Line 104135: 2011-04-03 03:33:47 [INFO] [HeroChat] [o] Zidonuke: anyways I'll be providing my anti-xray cheat system to the public in a week or so
    Line 104150: 2011-04-03 03:33:53 [INFO] [HeroChat] [o] Zidonuke: soon all hacks will be finished
    Line 104181: 2011-04-03 03:34:17 [INFO] [HeroChat] [o] Zidonuke: its why I develop this hax client too in order to test anti-hack
    Line 104194: 2011-04-03 03:34:33 [INFO] [HeroChat] [o] Zidonuke: Use nocheat its pretty effective
    Line 104198: 2011-04-03 03:34:38 [INFO] [HeroChat] [o] Zidonuke: Really >.>
    Line 104214: 2011-04-03 03:34:56 [INFO] [HeroChat] [o] Zidonuke: yeah
    Line 104217: 2011-04-03 03:34:59 [INFO] [HeroChat] [o] Zidonuke: its a plugin
    Line 104220: 2011-04-03 03:35:03 [INFO] [HeroChat] [o] Zidonuke: stops speed and fly hacks
    Line 104228: 2011-04-03 03:35:12 [INFO] [HeroChat] [o] Zidonuke: even with my super client
    Line 104300: 2011-04-03 03:35:57 [INFO] [HeroChat] [o] Zidonuke: I wonder why he doesnt use it unless its a lag issue.
    Line 104308: 2011-04-03 03:36:05 [INFO] [HeroChat] [o] Zidonuke: maybe thats it.


    Kainzo does not seem to be accusing Zidonuke of adding exploits to this CB build.

    Kainzo seems to be accusing Zidonuke of running a custom client, something Zidonuke was readily admitting in the logs.
     
  9. Well, you know, so do lots of other people.
     
  10. Offline

    Mukrakiish

    Fixed my typo. Sorry!

    And I was referencing rather then a custom client being used which...many many of us use in one form or another.
     
  11. Offline

    Zidonuke

    the /version text was changed using the manifest file and the version checks are removed. There is no security issues.~ The custom client is a side project that I work on with a friend of mine and its more or less for demonstrating the capabilities and possibilities of modified clients and weakness in the minecraft client<->server protocol. In reality I never actually play on other peoples servers and never use hacks in order to cheat because I've only gone on other servers just to be showoffish of the technology created. At no time would your servers be degraded or abused that would cause lasting effects or modify gameplay. From the results of this incident I have decided to step back from my childish actions. I'm regretful for the displays of the hacks on your servers.

    As for the server crashes, I have no clue...
     
  12. As I said, this isnt a witch hunt - just an alert - There was correlation between 'said client' and our server hard freezing. Other server admins using this came to me and asked if I had the same issues after certain players had joined.
    I'm not here to spread drama or cause issues, I am only here for facts and awareness.

    If there is nothing wrong here - then move on. Take it as you may.

    Again, thanks for the fix - it is definitely useful - however, an easier and safer way to manage this without the messy /version changes - would be to take the changed .class (NetLoginHandler) and drop it in the Official 556 build - instead of not using an official download of Bukkit. At that point - you will know that the /version reads the same and you can still have the 1.3/1.4 client attached.
     
  13. Offline

    Binaryclock

    My situation is exactly the same as Kainzo. My server was crashed three (3) times, and before that it was up for 48 hours without crashes. As soon as Zidonuke logged in, the server was crashed over and over. I also saw the fly hacks and run/sneak hack with my own eyes.

    I can post logs that look almost the exact same as Kainzo.

    I really liked the modified server, but Zidonuke is highly suspect.

    What started this is I randomlly told Kainzo on IRC to watch out for Mr. Zidonuke. As soon as I mentioned his name, Kainzo came back with the exact same story as what I told him to watch out for. It seems he did the same on both of our servers.

    Hope this helps..
     
  14. Offline

    WolwX

    Outch that's look bad :s
    but people there is the source code into the one you can check after malicious things?

    Personaly it fixed my problem of overload and add à fine compatibility option for clients.

    That compatibility can be added to the official bukkit release?
     
  15. Offline

    bukloveur

    xauth don't work plugin !
     
  16. Offline

    Dinnerbone Bukkit Team Member

    This evening Zidonuke has taken it upon himself to go on a mass server crashing rampage. Rest assured his exploits will be fixed, and he is banned.
     
  17. Offline

    thorn2k

    I can confirm what Dinnerbone said. Zidonuke broadcasted his rampage on livestream, using a hacked client to crash the top 100 servers on some list he had. He then logged onto Doridian's server to brag about it, and received a warm welcome. I recall Doridian was another MC modder who also wrote exploits and backdoors into his program to be used maliciously against servers.

    I also heard he threatened a few servers who were running his mod, saying he was being paid by friends to take them offline.

    Anyone using this person's mod should immediately STOP using it, it is malware infested.
     
  18. Offline

    Dinnerbone Bukkit Team Member

    The server modification itself is clean, as of time of writing. No guarantee he won't edit something in after this post.

    I was right. Removed link. Topic locked.

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: May 13, 2016
Thread Status:
Not open for further replies.

Share This Page