NEED force-op command book hack stop

Discussion in 'Spigot Discussion' started by robertforyou, May 4, 2015.

  1. So, on internet an command book started to spread. What it does? It makes links from books into json, and you can add commands to links. Then the user give that book to an admin/another user and he says, wtf man i can't click this link, can you test it? Then, the user/admin click it and actually the command is executed. Someone gave me a book like this and i oped him without wanting... I can provide a link to the hack, need fix urgent please.
     
  2. The best solution is to block /op for your admins ^^
     
  3. They do not have access, only me. But command book can put any command, from say to BAN player. They can even put broadcast...
     
  4. Don't click on books then,
     
  5. This so called book exploit requires command blocks to be enabled IIRC?
     
  6. No, it works with them disabled
     
    • Like Like x 1
    • Useful Useful x 1
  7. NotoriousNemo

    Supporter

  8. Yeah, your best bet is to just not click any links outta books.
     
    1. This glitch and a lot of other similar bugs has been fixed on 1.8.6. make sure you update your server to latest Spigot version.
    2. Disable OP command in WorldGuard. So "/op" can only be used in Console, not in game.
     
  9. How do i do that?

    Oh nvm I figured it out.
     
    #11 ajgeiss0702, Jul 20, 2015
    Last edited: Sep 24, 2015
  10. I suggest you to use something like Anti-forceop: http://dev.bukkit.org/bukkit-plugins/anti-forceop/ . It requires everyone to be on a list in order to be op. If in someway someone else becomes op and is not on this list they will be autobanned.