Jump to content

[URGENT] Server Got Hacked! Guy's joined with Admin Nicknames and had OP and such...


TheDarkDeuce

Recommended Posts

Sup Guy's

 

We are running a tekkit server wich has 2 Admins, me and my brother.

Tonight 2 people joined on our server first with some username, then they relogged 3x times and then somehow had the username "ADMIN1" and "Admin2" (Example)

They had all rights we have, our inventorys, they gave themself god mode, gamemode and nuked our hole spawn and our own bases.

 

Our server.log
http://pastebin.com/V2J8Q1ja

 

(I changed our nicknames to ADMIN1 and ADMIN2)

How is this possible? How could they fake the usernames and use the same rights as we have?

Link to comment
Share on other sites

  • Discord Moderator

It might just be my ignorance, but I'm not familiar with a MCPC+ #244 build. This is the version I'm using:

mcpc-plus-legacy-1.4.7-R1.1-SNAPSHOT-f534-L70.jar
MD5 Sum: 96ffb259dc6efbcd06c8eb766af1de3a

I believe versions prior to this have a flaw in the way session validation happens which allows someone using a particular hacked client to connect as any user. Every since I updated to that version we never had any more issues of that sort. Even though I believe the flaw to be fixed, I still require any player over the rank of Veteran to use the LoginSecurity Bukkit plugin for a second form of protection.

Link to comment
Share on other sites

It might just be my ignorance, but I'm not familiar with a MCPC+ #244 build. This is the version I'm using:

mcpc-plus-legacy-1.4.7-R1.1-SNAPSHOT-f534-L70.jar
MD5 Sum: 96ffb259dc6efbcd06c8eb766af1de3a

I believe versions prior to this have a flaw in the way session validation happens which allows someone using a particular hacked client to connect as any user. Every since I updated to that version we never had any more issues of that sort. Even though I believe the flaw to be fixed, I still require any player over the rank of Veteran to use the LoginSecurity Bukkit plugin for a second form of protection.

Thats the answer I searched for. Thank you, might wanna share this jar with me?

Link to comment
Share on other sites

maybe the server had a plugin which could be exploited by the players, i believe this happened to a server i played on about a year ago (i can remember most of the details of what happened that day)

 

interestingly enough, there were two players that day, and one was Adolfhitler, who coincidentally nicknamed me "APoorHelplessJew"

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...