Vanilla /fill exploit ruining your world

Discussion in 'Spigot Help' started by niels1189, Jun 12, 2015.

  1. So yesterday evening someone by the name of 'Tacospeed' joined the server, uuid: '5c945281-0819-4125-b5b6-12c3b9544165'
    We found out it was him responsible or at least related to the incident.

    One way or another he managed to get everyone to execute the command /fill with air in a radius causing the following in the logs.

    http://pastebin.com/bMue7702


    My question here is, what happened, why did this happen and how did they do this?
    My only idea is a commandblock, which they can't place if they aren't OP.

    Damage caused at spawn: http://gyazo.com/12cb0781527ad42931efa694efbdea93.png
    This kind of damage is on the ENTIRE world. Please tell me anything you know
     
  2. Notes:

    this happened during peak hours
    It happened on my server Builder Oasis
    1 staff member was on at the time and although I do suspect him, I don't think he did it, nor do I have proof

    Logs, location etc don't show anything
    we have a rollback plugin but that doesn't log /fill. Only worldedit, chat, commands and placements etc.
     
  3. joehot200

    Supporter

    Why have you allowed members to use the /fill command?
     
  4. I have not. Either an exploit or something, or it's enabled by default. It's not something I gave them access to