Very serious problem - Group of hackers able to duplicate any item

Discussion in 'Bukkit Help' started by Menox, Dec 14, 2012.

Thread Status:
Not open for further replies.
  1. Offline


    Hello! First of all i apologize if this is not the right place for this thread, if so, please move it to the correct place.

    Yesterday something happened I'd never seen before. I came home from school and basically all the players were in a panic on the server. People walked around with the whole inventory filled with stacks of diamond blocks, beacons, emerald blocks and more.

    Some players on the server, which according to statistics had started on the server the same day, had several million dollars, something that obviously is not possible to get in such a short time (a few hours).

    The players told me that some guys suddenly had started on the server at about 11 o'clock and started handing out lots of things that nobody really should have in such enormous quantities.

    The duplicated things were everywhere. They had distributed them to everyone on the server, the entire economy was crashed for good.

    But it did not stop there. In the end we found out who was guilty. We banned the players and hoped that it would stop here. But we were wrong.

    The mean players use the VPN and have several different accounts, so our bans do not work.

    The hackers continue to duplicate things and spread them on the server. I was talking to one of them on skype, and all he says is that it's very easy for them to carry out the duplication, but he will not tell me anything more.

    After talking a little more with him, he told also told that this is a glitch in bukkit and a "plugin". I asked if the plugin was towny, a guess by me, and he said "believe what you want.."

    I really need your help. Since I can not keep out the players for good, I have to find out what they do to duplicate things! I can not think of anything myself, I did not even think it was possible to duplicate things. But for them it seems super easy.

    They are not OP and I've checked the log, and they have left no strange commands.

    Have any of you experienced the same thing the past few days and do you know how they are doing and how to prevent it from happening again?
    Please help me!
  2. Offline

    Super User

    Give me a list of you plugins, check your shops for any sale leaks, like selling each set of iron armor for $200.
  3. Offline


    Plugin List, Start up log, server properties.
  4. Offline


    Stupid of me to not give you such information from the start, sorry. These are my plugins:

    Buycraft 4.7
    CapsControl 0.2
    CasinoSlots 2.5.5
    ChestShop 3.46
    CustomServerMessages 2.9.6
    Essentials Pre
    Essentials AntiBuild Pre
    Groupmanager 2.0 (2.9.3)
    Essentials Protect
    Essentials Spawn
    LWC 4.3.1
    Lottery 0.8.1
    Multiverse-Core 2.4
    Multiverse-Inventories 2.5
    NoChickenEggs 0.1
    PvPLog 1.0
    Questioner 0.6 (For towny)
    RateOfXray 1.0.12
    Register 1.8 (For towny)
    Scavenger 1.14
    SimpleCensor 2.3
    SimpleReserve 0.5.0
    SimpleSign 2.3
    Skript 1.4.9
    TownuChat 0.30
    Vault 1.2.204
    Websend 2.3
    WorldBorder 1.6.0
    WorldGuard 5.6.5
    FlyNoKill 1.0

    It really could be with towny, or with something else really.. I have no clue. Seems like he duplicates items though, though I'm not sure whether he actually glitch and gets money or if he really duplicates items. It seems like he duplicates items though.

    Server properties:
  5. Offline

    Super User

    I would check on the plugins that give you money like the lottery ones, see if there's any flaws. For right now shutdown your server and restart (player files new world)
  6. Offline


    The first thing you should do is check over any plugins that handle money (Essentials, Towny, etc.) to make sure that they don't have any get-rich-quick (I've seen /sell abused on many servers) or infinite money loopholes. Disabling the economy temporarily until these people get bored and move on is the next best idea. Just ban the accounts that have all the money/items and disable your economy plugin. Best of luck to you and your server :)
  7. Offline


    "The mean players use the VPN and have several different accounts, so our bans do not work."
    keep banning them till they run out of accounts? its an online mode server after all.
    or is it?
  8. Offline


    ChestShop may also be the cause. Try disabling the sign opening chest in the config.
  9. Offline


    It could be websend, as it can execute scripts remotely. Try changing your passwords for everything server-related.
  10. Offline


    That's correct. The server is in online-mode and since it is way harder nowadays to get working fake-accounts (as I understand it) it shouldn't take too long until they run out of accounts.

    What makes me afraid though is that they were 4-5 people involved is this, making it possible for them to have an arsenal of 20+ accounts total which they could share.

    Would you guys think that updating Bukkit to the absolute newest dev-build would solve the problem? I read on the nodus griefing forums about a recent duplicate-glitch in chestshop, but that glitch seems to be fixed now since I cannot get it to work and neither can other people who replied in the thread.

    Since the hackers didn't use too much commands at all, I really think it is something with chestshop or similar.

    Thanks for your answers!
  11. Offline


    This is quite wrong. Stolen accounts are not being traded as much, but new keys can be found for under $5. I'v personally ran into people who have 50+ accounts, personal not stolen, just to themselves for botting/spamming servers. As much as bukkit claims online-mode is the god-gift to end hackers. It's not.

    As for the dupe, its probably related to chestshop. If there's 1 dupe glitch there's bound to be a another.
  12. Offline


    Well I found the bug after a lot of searching. It seems like it was a bug in ChestShop making it possible to dupe any item. Luckily enough, when I had found what was the bug reports were handed in to the dev so hopefully the bug will be completely removed in a future update.

    Until then i recommend ANY OF YOU who happens to have ChestShop on your server, to open the config.yml and disable the option that makes it possible for the users to open the chests by right-clicking the shop-sign. This will completely disable the glitch.

    This bug is extremely critical since it really works.
    afistofirony likes this.
  13. Offline


    Menox Now that you've found the issue, I'd recommend heading to ChestShop's page and filing a ticket there about how the bug is reproduced. :)
Thread Status:
Not open for further replies.

Share This Page