Author Topic: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED  (Read 9516 times)

Mariofighter3

  • PokeFan
  • Fighting Koga
  • *
  • Posts: 1495
  • Friendliness: -30
  • It Doesn't Matter.
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #15 on: April 16, 2012, 06:44:11 pm »
WOW. That really opened my eyes! I'm also surprised an AVO tried to attack the server.

Ad...

Paradox

  • Professor
  • Fighting Giovanni
  • *****
  • Posts: 966
  • Friendliness: 39
  • Registered User
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #16 on: April 16, 2012, 09:45:50 pm »
Okay, let me try to explain this if I'm correct. The hacker asks me to join their server. As I join, my account AUTOMATICALLY does some check to make sure my account is legit. The server asks my account for a number, and my accoutn automatically responds with the number. The hacker intecepts the number so he gets it instead of the server. Now the hacker has my unique number, and when he sends THAT number to a server, the server will think "OH! You're number 1123! That's Paradox's number!" and log him as me.

Mariofighter3

  • PokeFan
  • Fighting Koga
  • *
  • Posts: 1495
  • Friendliness: -30
  • It Doesn't Matter.
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #17 on: April 16, 2012, 09:55:11 pm »
That's the basis of it. However, how does one get the number. It also seems if it doesn't sign into your account, but the permissions, right?

1cec0ld

  • Frozen Hearted Admin
  • Professor
  • Fighting Blaine
  • *****
  • Posts: 3084
  • Friendliness: 94
  • Who am I to judge others?
  • Pokemon Team: Typhlosion, Espeon, Aerodactyl, Glalie, Jolteon, Mew the HM Slave
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #18 on: April 16, 2012, 10:10:12 pm »
It signs in as YOU. Your name, Your IGN, and therefore all plugins see you as you, including bukkit and ops.txt

And I'm not a hacker so I have no idea how they intercept the security randomNumber.

Warmonger_2

  • Raiding Silph Co.
  • **
  • Posts: 835
  • Friendliness: 4
  • Registered User
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #19 on: April 17, 2012, 11:12:58 pm »
They can basically use a plugin type program on their server to intercept this number as it goes through their server. It could be very complex or simple but either way it is doable. Hacker nowadays have managed much more complecated and dangerous feats so this surprises me none. Given time Minecraft will be updated to fix this issue
THE builder of Unova!!!

All fear the all powerful WARMONGER CLAN!!!

Le ocean maker.

Paradox

  • Professor
  • Fighting Giovanni
  • *****
  • Posts: 966
  • Friendliness: 39
  • Registered User
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #20 on: April 21, 2012, 01:06:13 pm »
It signs in as YOU. Your name, Your IGN, and therefore all plugins see you as you, including bukkit and ops.txt

And I'm not a hacker so I have no idea how they intercept the security randomNumber.


I'd guess that Minecraft uses hash functions and the such. I recently learned about it in my programming course, it's pretty complicated.

Okieskinny

  • PokeFan
  • Cycling Road
  • *
  • Posts: 1280
  • Friendliness: 16
  • ◕ ‿ ◕ Always Watching
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #21 on: April 21, 2012, 03:05:55 pm »
Listen here hackerz, your days of evil are over, prepare to meet the light! :D

hixhen1

  • Dragon Tamer
  • Fighting Brock
  • *****
  • Posts: 78
  • Friendliness: 3
  • Registered User
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #22 on: April 27, 2012, 08:21:45 am »
Listen here hackerz, your days of evil are over, prepare to meet the light! :D
NOOOOO! also i have one of those just would never use it on the pokemonserver.

Rigby

  • Guest
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #23 on: April 27, 2012, 12:33:49 pm »
I have tons of hack clients in my disposal, use that shit... well.... never actually.

Tenebrae

  • Sinnoh/Unova Head Builder
  • Professor
  • Fighting Agatha
  • *****
  • Posts: 7604
  • Friendliness: 105
  • Monster Hunter 4 Ultimate :D
    • Bandcamp
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #24 on: May 26, 2012, 11:11:02 am »
Did not realise the potency of this kind of attack until just now. Literally fifteen minutes ago, I banned a guy just after i was fooled  :doh:


Don't remember his name, but its a good thing the owner was on at the same time. Good thing I knew what had happened..

Nightroado

  • Underground Passage-Horizontal
  • *****
  • Posts: 612
  • Friendliness: 1015
  • Legendary
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #25 on: May 28, 2012, 10:54:35 pm »
Problem: OP People joining servers that aren't the pokemon server.

Solution: Burn them at the stake for such blasphemous actions.
[url

jassassin11

  • Fighting Misty
  • *
  • Posts: 213
  • Friendliness: -28
  • Registered User
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #26 on: June 10, 2012, 02:06:02 am »
Problem: OP People joining servers that aren't the pokemon server.

Solution: Burn them at the stake for such blasphemous actions.
or just simply permaban them insted
Completely a fan of anvils :3

ImStillDead

  • Turning Bill into a human
  • *****
  • Posts: 146
  • Friendliness: 0
  • Mistakes were made! Spoooooooky
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #27 on: June 25, 2012, 02:53:53 am »
What if the rest of team avo comes to grief?

Tenebrae

  • Sinnoh/Unova Head Builder
  • Professor
  • Fighting Agatha
  • *****
  • Posts: 7604
  • Friendliness: 105
  • Monster Hunter 4 Ultimate :D
    • Bandcamp
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #28 on: June 25, 2012, 03:28:27 am »
Their problem :P

jassassin11

  • Fighting Misty
  • *
  • Posts: 213
  • Friendliness: -28
  • Registered User
Re: NOTE TO ALL SERVER OWNERS: DON'T BE FOOLED
« Reply #29 on: June 25, 2012, 02:15:03 pm »
What if the rest of team avo comes to grief?
i have a freind who has a freind of a guy in avo
Completely a fan of anvils :3