1. Guest, as per the stickied thread, this forum has not been in use since 2014. All bugs and feature requests should be posted to JIRA.

Solved Prevent KeepAlive abuse

Discussion in 'Bugs & Feature Requests' started by MyPictures, Jun 29, 2013.

  1. I'm basically "reopening" my ticket for Spigot that I posted on the Bukkit bug tracker some time ago:

    So basically a client has the possibility to spam KeepAlive which causes undesired behaviour on the server. One of those is a "passive" godmode which makes those abusing clients invincible to damage sources such as lava, mobs, players or other. However they can't move around while spamming this packet but they are able to hit back other entities while abusing this. So my idea was if it would be possible to implement something in Spigot which would pick up this KeepAlive spam and kick players for doing it.

    Possible problems: On high latency its possible that clients send a little more KeepAlive then usually possible. However this abuse requires the hacker to spam it like 12x more than normally handled so the check can be quite coarse but would still catch it.

    Original content:
    CB Version string: This server is running CraftBukkit version git-Bukkit-1.4.7-R0.1 -12-gd9ff553-b2612jnks (MC: 1.4.7) (Implementing API version 1.4.7-R0.2-SNAPSHOT
    Java: Java 7 update 10

    That's how it looks like from the client side, someone just recorded on our server:
    Other example of how it could look:

    asofold tried a way to prevent this without having to access the packets from the server (override NetServerHandler or use ProtocolLib): https://github.com/NoCheatPlus/NoCheatPlus/commit/b00bb9a0146c41701530ca1514fe90af386f04a2

    It kinda works but not super efficiently and also has false positives so I was thinking if the Bukkit team could do something against it. Its a flaw in the Minecraft protocol so its also possible to exploit on MC vanilla servers.

    I also added some logs (recorded with ProtocolLib) to show how they are doing it. Luckily they are not able to move while spamming KeepAlive to the server.
    However the damage event(s) seem to get registered but CraftBukkit cant/wont deal that damage to the player for some reason. I and asofold also checked some other stuff and found out that the "nodamagetick" was always 20 for those players that used this kind of exploit.

    In short:
    Players are able to spam KeepAlive packets which allows them to take less to none damage from entities but they can still hit/kill those entities while spamming KeepAlive to the server.
     

    Attached Files: