7

Force-Op? A Myth Right? Not Anymore! And Your Server Could Be At Risk!

7 diamonds

Get Embed Code

Forum:
HTML:
Link:
avatar Kjordo711
Level 39 : Artisan Modder
Posted 05/23/12 10:43:33 am , last updated: 06/09/12 12:46:34 pm
05/23/12

Force-OP? It's only a Myth? A Rumor? Right?!


Not Anymore-
And Your Own Server Could Be At Risk

"How?" So many of you are asking yourselves, well, there is a new program out called Session Stealer.

Lets Cut Right to The Chase: 

0. Table of Contents of this Blog:

I. What Is It?
  • Goes over What Session Stealer is
  • Goes over how you can be affected
  • Goes over how you "Session Can Be Stolen"
II. How do I defend Myself?
  • Goes over how you can defend yourself from Session Stealer
  • Introduces Plugin, NoCheat+
III. What Happens If You Fell For The Trick?
  • Goes Over how to potentially save your server
  • Goes Through the steps to calmly and easily take care of the mess you made by falling for the trick and not listening to this blog... :D
IV. Known Users
  • Everyone reported to me for attempting to use Session Stealer will be listed in this section
V. Test
  • I test out people's knowledge of the protection of their server and survey what they do

I. What is it?
Session Stealer is a program that creates a fake server. If you are the owner of your server you are a top target. Players have been known to try to lure you into their "server". They will tell you an ip, when you join it, you will get some type of error message, and boom, your session has just been stolen A.K.A Boom Goes The Dynamite

II. How Do I Defend Myself From This?
There are two methods. One, the easier, and safer, is to use a new plugin called NoCheat+, Or NoCheatPlus, not only will this plugin make it so people cannot do many other hacking features on your server, but it includes a feature to make it so players can only be op'ed from the console, thus making it impossible for people to be op'ed on your server through Session Stealer, although, NoCheat+ does not stop people being able to add other commands to their name in the permissions file, it only blocks the ForceOp. There is to block from that though, however it is not very easy. This brings us to our next part. The other way to prevent Session Stealer from attacking your server is to use common sense. If a player on your server says that you should check something out on theirs, don't do it. There are many messages people will use to try to lure you into their server. These can be seen in the later part of this blog "Common Excuses"

III. What Do I Do If I fell For The Trick?
If you join the "server" and get the message "Disconnected From Server" and then "Kicked From Server" or any other type of disconnect message, you must react quickly! Do the following steps to potentially save your server:
1. Go to the server console
2. Ban the player that told you about his "Server"
3. Undo any commands that he did

Common Excuses
Someone Stole Your Map
Can You Check Something On My Server?
(I will add more as I notice more being used)

IV. Known Users (People who tried to use it on you, please add their name in the comments with some sort of proof, then I will add their name here)(Also, just because their name is on here does not mean to completely ban them from every server, just keep in mind that they are lying about their server)

V. Test:
I am going to different servers and trying to see if they will join my "server." I have not set up session stealer and I do not plan to, I am merely seeing if they are educated about it and I am seeing what they will do about it. 

I have tested 3 Servers:

1 Server(s) Banned Me For "Session Stealing"
2 Server(s) Tried to Join My Fake Server

33% Acceptance Rate
(Thats Not Good!)


If this helped you please diamond, favorite, like, retweet, and/or share this page so everyone can know how to defnd against this new program. 

People to thank:
Mr_Blue_Sky: He told me about the NoCheat+ Features

Additional Details

Tags:Article, Server, Forecop, Pmc, Xpblog, Help, Banned, Hack, Session, Stealer, Risk, Owner

Update #5 : 06/09/2012 12:46:34 pm6/09/12

Updated Test Section

Update #4 : 06/06/2012 6:50:43 pm6/06/12

Updated Test Section; I tested More Servers

Big Update! : 06/02/2012 9:33:04 pm6/02/12

Added Table of Contents, And I Added The Test Section

Update #2 : 05/24/2012 6:18:43 pm5/24/12

Gramatical Corrections

Update #1 : 05/23/2012 6:15:01 pm5/23/12

Just Some Small Gramatical Corrections, I will be adding a picture soon

Join us to post comments.

Comments : 15

1 - 15 of 15

Edit
 Reply
 Delete

leon0804
Level 17
Journeyman Dragonborn
July 20, 2012, 1:08 pm

Its OK i have seen a force op in work and believe me this is a lot of help and i think that you will get very far with this type of information keep up the work
Edit
 Reply
 Delete

Kjordo711
Level 39
Artisan Modder
July 20, 2012, 1:09 pm

Thanks :D
Edit
 Reply
 Delete

leon0804
Level 17
Journeyman Dragonborn
July 20, 2012, 12:36 pm

Wow I Have To Say WELL DONE! this is very informative
Edit
 Reply
 Delete

Kjordo711
Level 39
Artisan Modder
July 20, 2012, 1:04 pm

thank You!
Edit
 Reply
 Delete

robbyteeuwen
Level 1
New Miner
July 17, 2012, 4:43 am

Hey, what will happen if they DO crack your server? Do they only have your save, or do they "own" your IP-Adress and can't you put the server online anymore. What can('t) they do with the server and IP and what can('t) you do (anymore)? Thx :D

Edit
 Reply
 Delete

Kjordo711
Level 39
Artisan Modder
July 20, 2012, 1:04 pm

You will have to completely restart on your server, you IP will be fine and all that, but they will most likely grief your map completely. 
Edit
 Reply
 Delete

Minionsman
Level 19
Journeyman Miner
June 13, 2012, 2:49 pm

Great Blog Friend!
Edit
 Reply
 Delete

Kovren
Level 6
Apprentice Mage
June 10, 2012, 11:54 am

I liked it, just way... too... big!
Edit
 Reply
 Delete

Kjordo711
Level 39
Artisan Modder
June 10, 2012, 11:56 am

Thanks for your feedback, I fixed it :D
Edit
 Reply
 Delete

jesbuscus
Level 21
Expert Pixel Painter
June 6, 2012, 5:18 pm

this happened to the server i play the guys name was xxxdeath he completely destroyed the map i could only watch as an admin as this happened he was op so i didnt have the perms to ban or de-op i could only watch him while spawn was destroyed :'( dam him and his force op....
Edit
 Reply
 Delete

_dogtaco_
Level 16
Journeyman Taco
June 6, 2012, 2:57 pm

xauth can also help stop this :P
Edit
 Reply
 Delete

Kjordo711
Level 39
Artisan Modder
June 6, 2012, 3:17 pm

The Bot bypasses it completely
Edit
 Reply
 Delete

Leetingz
Level 37
Artisan Taco
June 5, 2012, 10:12 pm

I actually had two people, working together, completely wreck my serevr with worldedit.
I remember them giving me a server ip, and saying :
 Look, my server has 4000 slots and 3500 people!
-
So to see if this was true, I logged out of my server, and added the new server.
Fair enough, it did have 3500 ( Apparant ) people on it, so i attempted to join.
It then told me : This server is out of date.
So I decided to go back on my server. I had been banned.
They had griefed my whole map, with air.
-
SPREAD THIS

Knight
Edit
 Reply
 Delete

Player863
Level 1
New Miner
June 2, 2012, 7:11 pm

I have a bit of something I find interesting.


Now consider this an idea for a plugin. See, the server would keep track of a username for the root of the server (let's say me, Player863), if anyone tries to connect with that name using a different IP from that of the server, they would be kicked.


Say my IP is 123.456.789 (I know it's not proper, just roll with me here). The user "Player863" then logs onto my server with the IP 456.789.123. That "Player863" with the 456.x.x IP would instantly be kicked.


Think this is a good idea? I certainly think so :P
Oh, and a list of whitelisted IPs, in case you have multiple PCs with different IPs.
Edit
 Reply
 Delete

Kjordo711
Level 39
Artisan Modder
June 3, 2012, 4:25 am

I'll look into making it

1 - 15 of 15