How to patch the uuid exploit ? [HACK]

Discussion in 'Spigot Help' started by WorldOfPvP, May 5, 2017.

  1. WorldOfPvP

    WorldOfPvP

    #1 WorldOfPvP, May 5, 2017
  3. ysl3000

    ysl3000

    No support for 1.8 -> Update to the latest build 1.11.2.

    There is nothing to see. No login request.
     
    #2 ysl3000, May 5, 2017
  5. CustomEnchants

    CustomEnchants

    its called not firewalling your server
     
    #3 CustomEnchants, May 5, 2017
  7. MrDienns

    MrDienns

    Interesting. Could you tell us a little more about it? What about new versions? It says 1.8 in the title, are any versions beyond it patched? What exactly happens here? It's russian, fairly hard to see what exactly is going on.

    Are they bypassing BungeeCord (fairly sure) and directly connecting to the spigot slaves?
     
    #4 MrDienns, May 5, 2017
  9. WorldOfPvP

    WorldOfPvP

    [04/04/2017] AverFight 800 ON
    [05/04/2017] HardFight 100 ON
    [06/04/2017] Voltera 300 ON
    [06/04/2017] PikaNetwork 1.4k ON
    [07/04/2017] GamesMadeInPola 2.6k ON
    [10/04/2017] CheatCraft 200 ON
    [11/04/2017] SkillPvP 1k ON
    [12/04/2017] FoxyGame 900 ON
    [14/04/2017] Badlion 3.2k ON
    [16/04/2017] JasMC 1.8k ON
    [17/04/2017] RinaOrc 500 ON
    [22/04/2017] AmpleMine 120 ON
    [25/04/2017] BlazeNetwork 150 ON
    [27/04/2017] CandyCraft 700 ON
    [29/04/2017] ForeverPlay 100 ON
    [29/04/2017] JourneyGaming 350 ON
    [29/04/2017] HorizonMC 200 ON
    [30/04/2017] ComuGamers 1.3k ON
    [30/04/2017] VeltPvP 800 ON
    [30/04/2017] MLegacy 500 ON
    [30/04/2017] ThunderNetwork 350 ON
    [1/05/2017] MineCub 900 ON
    [1/05/2017] ArenaCraft 500 ON
    [3/05/2017] SuperEasy 110 ON
    [3/05/2017] CloudEscape 200 ON
     
    #5 WorldOfPvP, May 5, 2017
    • Useful Useful x 1
  11. WorldOfPvP

    WorldOfPvP

    All the versions I think, they connect directly to the admins account and bypass security..
     
    #6 WorldOfPvP, May 5, 2017
  13. black_

    black_

    The way this works is simple:
    bunjee servers (this does not refer to the main one) are on offline mode, so if ports are left open on the non-central server, players can connect there with a cracked account.
    How to prevent:
    download nmap, scan your server ports 25500-29999, and if any ports beside 25565 are open, close them.
     
    #7 black_, May 5, 2017
  15. MrDienns

    MrDienns

    Oh so it's just another simple direct connect around BungeeCord again. This has existed since the beginning of BungeeCord. Doesn't Spigot take care of that automaticly nowadays? If not, a simple plugin or firewall could block it.
     
    #8 MrDienns, May 5, 2017
  17. ysl3000

    ysl3000

    You only need to close the ports where the mc servers are running on. Let Bungee be open.
     
    #9 ysl3000, May 5, 2017
  19. WorldOfPvP

    WorldOfPvP

    This method ?

    download nmap, scan your server ports 25500-29999, and if any ports beside 25565 are open, close them.
     
    #10 WorldOfPvP, May 5, 2017
  21. Gaxan

    Gaxan
    Supporter

    #11 Gaxan, May 5, 2017
  23. WorldOfPvP

    WorldOfPvP

    Any guys can help me for money?
     
    #12 WorldOfPvP, May 5, 2017
  25. WAS

    WAS

    What does that have to do with Spigot? Spigot/Bungee are only listening in on one port.
    What is wrong with the provided plugin?
     
    #13 WAS, May 5, 2017
    • Agree Agree x 2
  27. BrettPlayMC

    BrettPlayMC

    #14 BrettPlayMC, May 5, 2017
    • Friendly Friendly x 1
  29. kolja1998

    kolja1998

    If you have all Spigot servers on one (vds/dedicated) server, just set this ip 127.0.0.1 and in bungeecord config too. Or simple close ports on Spigot servers.
     
    #15 kolja1998, May 6, 2017
  31. i_ii_zx_D3s_i_x

    i_ii_zx_D3s_i_x

    #16 i_ii_zx_D3s_i_x, May 6, 2017
  33. kolja1998

    kolja1998

    #17 kolja1998, May 6, 2017
  35. Janmm14

    Janmm14

    #18 Janmm14, May 6, 2017
    • Agree Agree x 1
(You must log in or sign up to post here.)