FOSS gamedev and creative worlds

FOSS gamedev and creative worlds
https://forums.minetest.org/

malicious hackers on the server

https://forums.minetest.org/viewtopic.php?f=6&t=7190

Page 1 of 1

malicious hackers on the server

PostPosted: Thu Sep 12, 2013 19:38
by BrunoMine
I saw a player get into my server and fly. Even without the privileges. Checked twice but he could fly, run and do everything.
That worried me a lot.
They told me minetest could not be hacked.

PostPosted: Thu Sep 12, 2013 19:51
by Menche
Some players have modified the client to disable client side collision detection, allowing flying and noclip without privs. Setting 'disable_anticheat = false' may help.

PostPosted: Thu Sep 12, 2013 20:09
by BrandonReese
Get their IP address and ban them at the computer's firewall, that's what I do :-) I potentially ban thousands of other people (that most likely aren't playing Minetest) but it hasn't caused a problem yet.

PostPosted: Fri Sep 13, 2013 05:15
by sfan5
Menche wrote:There's a cracked client going around

There is?

PostPosted: Fri Sep 13, 2013 07:53
by Menche
sfan5 wrote:
Menche wrote:There's a cracked client going around

There is?

lol, I worded that horribly. edited.

PostPosted: Fri Sep 13, 2013 10:09
by rubenwardy
It is hardly difficult to hack the client, any cpp programmer could work it out, and it can not be counted as "malicious": it does no harm. It is not really hacking.

To fly and no-clip without privileges, all you need to do is remove the privilege check on the client that checks for fly privileges and no-clip privileges. The reason this is possible is because the player movement is handled by the client, and not the server. Dont worry, they can not give them self give, ban, admin, etc privs without hacking the server (which is very hard for the average MT player)

disable_anticheat = false will not help at all.

To prevent this, you need a mod or code that:
  • detects where the player is (ie: are they 5m away from any blocks)
  • not are moving correctly (ie: falling)
  • and have no fly privs

if these are true, then ban the player.

Malicious is stuff like DDoS'ing the server, or blocking/banning other players, or griefing, or stealling, etc. NOT FLYING

PostPosted: Fri Sep 13, 2013 13:28
by sfan5
Hybrid Dog wrote:
sfan5 wrote:
Menche wrote:There's a cracked client going around

There is?
more than one

Really? Where?

PostPosted: Fri Sep 13, 2013 13:29
by jojoa1997
sfan5 wrote:
Hybrid Dog wrote:
sfan5 wrote:There is?
more than one

Really? Where?
rarkenin made me one. 0.4.4 I think but all it did was bugly make everything light out.

PostPosted: Fri Sep 13, 2013 13:57
by rubenwardy
jojoa1997 wrote:
sfan5 wrote:
Hybrid Dog wrote:more than one

Really? Where?
rarkenin made me one. 0.4.4 I think but all it did was bugly make everything light out.


As I said, It is really easy to crack since it is open source.

PostPosted: Fri Sep 13, 2013 15:04
by BrunoMine
So I think this can disturb me much. In my server players can not fly. What do I do? disable no_clip?
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/