How to patch the uuid exploit ? [HACK]

Discussion in 'Spigot Help' started by WorldOfPvP, May 5, 2017.

  1. No support for 1.8 -> Update to the latest build 1.11.2.

    There is nothing to see. No login request.
     
  2. its called not firewalling your server
     
  3. Interesting. Could you tell us a little more about it? What about new versions? It says 1.8 in the title, are any versions beyond it patched? What exactly happens here? It's russian, fairly hard to see what exactly is going on.

    Are they bypassing BungeeCord (fairly sure) and directly connecting to the spigot slaves?
     
  4. [04/04/2017] AverFight 800 ON
    [05/04/2017] HardFight 100 ON
    [06/04/2017] Voltera 300 ON
    [06/04/2017] PikaNetwork 1.4k ON
    [07/04/2017] GamesMadeInPola 2.6k ON
    [10/04/2017] CheatCraft 200 ON
    [11/04/2017] SkillPvP 1k ON
    [12/04/2017] FoxyGame 900 ON
    [14/04/2017] Badlion 3.2k ON
    [16/04/2017] JasMC 1.8k ON
    [17/04/2017] RinaOrc 500 ON
    [22/04/2017] AmpleMine 120 ON
    [25/04/2017] BlazeNetwork 150 ON
    [27/04/2017] CandyCraft 700 ON
    [29/04/2017] ForeverPlay 100 ON
    [29/04/2017] JourneyGaming 350 ON
    [29/04/2017] HorizonMC 200 ON
    [30/04/2017] ComuGamers 1.3k ON
    [30/04/2017] VeltPvP 800 ON
    [30/04/2017] MLegacy 500 ON
    [30/04/2017] ThunderNetwork 350 ON
    [1/05/2017] MineCub 900 ON
    [1/05/2017] ArenaCraft 500 ON
    [3/05/2017] SuperEasy 110 ON
    [3/05/2017] CloudEscape 200 ON
     
    • Useful Useful x 1
  5. All the versions I think, they connect directly to the admins account and bypass security..
     
  6. The way this works is simple:
    bunjee servers (this does not refer to the main one) are on offline mode, so if ports are left open on the non-central server, players can connect there with a cracked account.
    How to prevent:
    download nmap, scan your server ports 25500-29999, and if any ports beside 25565 are open, close them.
     
  7. Oh so it's just another simple direct connect around BungeeCord again. This has existed since the beginning of BungeeCord. Doesn't Spigot take care of that automaticly nowadays? If not, a simple plugin or firewall could block it.
     
  8. You only need to close the ports where the mc servers are running on. Let Bungee be open.
     
  9. This method ?

    download nmap, scan your server ports 25500-29999, and if any ports beside 25565 are open, close them.
     
  10. Any guys can help me for money?
     
  11. WAS

    WAS

    What does that have to do with Spigot? Spigot/Bungee are only listening in on one port.
    What is wrong with the provided plugin?
     
    • Agree Agree x 2
    • Friendly Friendly x 1
  12. If you have all Spigot servers on one (vds/dedicated) server, just set this ip 127.0.0.1 and in bungeecord config too. Or simple close ports on Spigot servers.
     
    • Agree Agree x 1