Jump to content

Recommended Posts

Posted

So lately I've been getting a lot of people on my server who are somehow able to login using any username, op their own accounts even though worldguard prevents the in-game op command and spawn in items that should be banned and confiscated when in their inventory. I have searched for many hours trying to find out how this is done so that I can find a way to patch it but haven't found anything useful. The latest thing to happen was someone who was able to spawn in tornado spawners even though they are banned and was able to grief my spawn using them.

If anyone knows how this is done or has a fix for it then please let me know. I would be very grateful. 

My server is running AotBT version 1.0.12a with a mcpc plus server jar.

Posted

My thoughts? This is pure speculation but well someone got a hold of your password (more likely) OR that same exploit that was found in 2013 is back with the Mojang Authentication servers if you migrated your account. Although that was fixed supposedly and If you are running an AoTBT McPC Plus server maybe try finding some secondary authentication plugin?

Posted

I do have an in-game login system for staff because of this but it doesn't seem to have stopped it being possible. And the fact that they could log in using any name (one of the logs said notch as well as others) tells me its something else.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...