1
Server Owners/Admins beware...
If a player has a link written in a book do not click it! There is a new hack where it changes the the link in to some command such as the /OP command.
Create an account or sign in to comment.
66
OMG never heard about this exploit. Glad i saw this so i can avoid it.
[deleted]
Thank you, just coded a patch for my server
Lol, PlanetMinecraft late to the show, this has been known for almost a month now in the Spigot forums http://www.spigotmc.org/threads/psa-jso ... nds.59950/
Azrel
That's not how mods work. It can't change the base code of minecraft as it would be a violation of the EULA.
The funny thing is Bukkit, Forge and all of the main mod-loading software do have to edit the Minecraft code for hooking. The EULA is there if they need to act on it, but they have turned a blind eye to that.
Yeah I got plenty of this on my server (once ) I'm so glad I'm a fast typer.
Azrelmcrocks999-[C4]-THIS IS TRUE.
THERE IS A PLUGIN THAT FIXES THIS CALLED SOMETHING LIKE BOOKEXPLOIT.
IT IS EXTREMELY DANGEROUS.
It's not that dangerous if you're not stupid.
And it's a mod.
That's not how mods work. It can't change the base code of minecraft as it would be a violation of the EULA.
Oh, you mean that EULA that said stuff about server owners selling ranks and gameplay features that tons of servers don't follow?
Searchndstroy
Nope, please do not spread information you know nothing about.
Couldn't find anything to exploit this further. But I'm sure that a server can use this in formatting text as a nice feature (the client cannot format text, which is what I was looking for earlier).
Apologies, who are you referring too?
Lex The GalladeThe cheeky...
I was just complaining on the Wizardhax video on what they are doing is wrong.
This was their reply:Thank you for the feedback, Lex. Glad you saw this video so you can protect your server. Taco!
Completely ignoring my argument entirely.
Don't expect to reason with these people, they get enjoyment out of causing grief for others. I believe I already made a microwavable hamster joke in this thread so I won't do it again.
Azrelmcrocks999-[C4]-THIS IS TRUE.
THERE IS A PLUGIN THAT FIXES THIS CALLED SOMETHING LIKE BOOKEXPLOIT.
IT IS EXTREMELY DANGEROUS.
It's not that dangerous if you're not stupid.
And it's a mod.
That's not how mods work. It can't change the base code of minecraft as it would be a violation of the EULA.
Nope, please do not spread information you know nothing about.
Couldn't find anything to exploit this further. But I'm sure that a server can use this in formatting text as a nice feature (the client cannot format text, which is what I was looking for earlier).
Its a onclick even that ops the given name, easy to recognise since it contains /OP USERNAME in it.
I just banned a user for trying this.
I just banned a user for trying this.
CalopteryxIf a player has a link written in a book do not click it! There is a new hack where it changes the the link in to some command such as the /OP command.
Hey ive heard of it its the WURST program/hacked client i seen it happen y friend got himself oped on a server he then griefed it and well lets say a hacker did it to me
Lex The GalladeThe cheeky...
I was just complaining on the Wizardhax video on what they are doing is wrong.
This was their reply:Thank you for the feedback, Lex. Glad you saw this video so you can protect your server. Taco!
Completely ignoring my argument entirely.
lolololololololol. xD
wow.
Although i have not seen this yet i will make sure to be aware.
The cheeky...
I was just complaining on the Wizardhax video on what they are doing is wrong.
This was their reply:
Completely ignoring my argument entirely.
I was just complaining on the Wizardhax video on what they are doing is wrong.
This was their reply:
Thank you for the feedback, Lex. Glad you saw this video so you can protect your server. Taco!
Completely ignoring my argument entirely.
mcrocks999-[C4]-THIS IS TRUE.
THERE IS A PLUGIN THAT FIXES THIS CALLED SOMETHING LIKE BOOKEXPLOIT.
IT IS EXTREMELY DANGEROUS.
It's not that dangerous if you're not stupid.
And it's a mod.
That's not how mods work. It can't change the base code of minecraft as it would be a violation of the EULA.
It doesn't work specifically because Minecraft doesn't handle external links.
Had this happen on my server about a week ago. Not sure why everyone is calling it "extremely dangerous". Just ban them and deop them. They cant really do much when you have active staff that see a notification right when they get op. Server owners should always keep server backups anyway!
d6d2d6just displays a message
d6d2d6{"action":"run_command","value":"/minecraft:op green1700"}
What?
Also,
PrototypeThetaQuietCoastThis is easily solved by setting your config files to only OP through console
That works too.
Doesn't this exploit run the command through the console?
This is easily solved by setting your config files to only OP through console
Does that stop it? The server I Admin on has this setup, not sure whether I should show the owner this or not.
That works too.
This is from the book I got:
Not a force op exploit, just displays a message
{"clickEvent":{"action":"run_command","value":"/minecraft:op green1700"},"text":"im telling this to you via book so your the only person who will read this... someone posted the server on mc forum and i wanted staff to see the post... link click: http://minecraftforum.net/user/jjninja/post/game.synotrek.pw"}
Not a force op exploit, just displays a message
Thank you! I'm going to run a few tests using this and see if this can be exploited further. I'll post a comment if I have found something.
Some cheeky little scrublord tried this on me, what he didn't know is I'd set up a secondary system requiring me to personally assign them to an undisclosed group and manually assign perms. Laughed my ass off.
Kid promptly ragequit, probably went to microwave his hamster or something.
Kid promptly ragequit, probably went to microwave his hamster or something.
Lel, get rekt m8y. Probably was Croc from Croc vs. Banhammer.
I had to ban a guy. He gave himself admin. -_-
Lol that Dingo guy tried it on my server, but funny thing is he failed and did it wrong, he didn't put in proper capitalization, so the server wouldn't op him. Next time i recommend trying harder
-[C4]-THIS IS TRUE.
THERE IS A PLUGIN THAT FIXES THIS CALLED SOMETHING LIKE BOOKEXPLOIT.
IT IS EXTREMELY DANGEROUS.
It's not that dangerous if you're not stupid.
And it's a mod.
THIS IS TRUE.
THERE IS A PLUGIN THAT FIXES THIS CALLED SOMETHING LIKE BOOKEXPLOIT. http://www.spigotmc.org/resources/bookexploitfix.5897/
IT IS EXTREMELY DANGEROUS.
THERE IS A PLUGIN THAT FIXES THIS CALLED SOMETHING LIKE BOOKEXPLOIT. http://www.spigotmc.org/resources/bookexploitfix.5897/
IT IS EXTREMELY DANGEROUS.
CalopteryxIf a player has a link written in a book do not click it! There is a new hack where it changes the the link in to some command such as the /OP command.
saved my server
I think this is already solved which is posted on spigotmc.org, Updating your jar should fix this!
If there'd be a book with the text like written in the video, I wouldn't click anyways, that's just spam and stupid
he clicked it cause I said I was making a portfolio and I needed help xD
[yt]hKjcRkUc_0M[/yt]
lol
lol
I'd like to see the NBT for books written with this new(?) "hack".
Lol! I just destroyed a server using this xD
Sorry. I couldn't help it xD
But I didn't DESTROY anything... I just crashed it xD
Sorry. I couldn't help it xD
But I didn't DESTROY anything... I just crashed it xD
Well then xD
lol.
Finally, now I know how to do it.
Now to use it >:) lol
Now to use it >:) lol
Makes me wonder on who ;-;
obvs not AnimeHub :p
view more replies ( 10 )