Upgrade xray detection

[Elikill58]

It's about :

• [x] New detection

Explain the feature that you want Upgrade xray detection (and minerate too) specially by checking diamond mined in X mins or add few fakes blocks around.

[RisedSky]

Why not using the default paper / spigot anti x-ray ? They works fine for me (unless new cheats fixed them?) Or maybe enable them on the config of the server if it can support it

[Elikill58]

Not everyone has paper, such as people on:

• spigot
• sponge
• all spigot fork (and not paper one)

[RisedSky]

Not everyone has paper, such as people on:

• spigot
• sponge
• all spigot fork (and not paper one)

I agree, but maybe you can add this until you find a stable prototype

[Elikill58]

An ore obfuscator is very difficult to make. So we will see if we made it. Before, we will try to check minerate and other things like that, such as tell in main post

[FunkyNico]

I don't know if can be an integration with Mirage on Sponge.

[Elikill58]

I don't know if can be an integration with Mirage on Sponge.

I don't know what I can do with this plugin. Do you have ideas ?

[FunkyNico]

I don't know if can be an integration with Mirage on Sponge.

I don't know what I can do with this plugin. Do you have ideas ?

Maybe adding a modifier that hook with the hide obvious modifier through his api you can detect x ray users. Like the hide_obvious and the negativity modifier talk to each other, so this can serve for a check. I don't know, just an idea.

[dave9123]

What about checking the player's head as baritone moves the player's head becomes weird

[dave9123]

Why not using the default paper / spigot anti x-ray ? They works fine for me (unless new cheats fixed them?) Or maybe enable them on the config of the server if it can support it

Paper's anti x-ray isn't the best.

[Elikill58]

What about checking the player's head as baritone moves the player's head becomes weird

Yes, it's a good idea, and I have to take the time to do it.

Why not using the default paper / spigot anti x-ray ? They works fine for me (unless new cheats fixed them?) Or maybe enable them on the config of the server if it can support it

Paper's anti x-ray isn't the best.

Oh, it's sad. But an ore obfuscator is very difficult to make and take lot of perf, so idk if I will make one and include it into Negativity

[dave9123]

Imprex-Development/Orebfuscator is a Orefuscator but some people made an issue about the server's usage rising

[dave9123]

Oh, it's sad. But an ore obfuscator is very difficult to make and take lot of perf, so idk if I will make one and include it into Negativity X-Ray can be detected by Nuker, InventoryMove and Head movement hacks (as I know)

[Elikill58]

Imprex-Development/Orebfuscator is a Orefuscator but some people made an issue about the server's usage rising

Yes, but maybe you can just use this plugin with my own ? I will not directly include it into Negativity, and I don't know what I can alert with an obfuscator.

X-Ray can be detected by Nuker, InventoryMove and Head movement hacks (as I know)

Head movement yes, but Nuker is mostly when you want to break lot of blocs, which is not heere what they want. InventoryMove too, but the detection isn't very good

[dave9123]

But obfuscator only can obfusecate it, not alert to console(s)

[dave9123]

Probably on minerate and head movement as both are quite safe.

[MaximoTG98]

I believe Negativity shouldn't try to make it's own obfuscator, it's a lot of work and maybe the the plugin can evolve in new ways of detecting Xray...

I'll copy-paste what I said on the discord just to have it as a record:

1. Classical way of doing it like on a texture pack, all blocks are transparent except of the ores. I fixed this kind of xray by using paper's orebfuscator. But this is just a way to visually stop players from getting the damn ores...
2. Abusing CPS, so basically there are some xray's which technique is punch blocks in a radius to check wether they are ores or not... (I'm not sure of how they click thru blocks but they actually do it). I fixed this by using Negativity since the CPS would be crazy high.
3. Making a simulation of the seed. If the players is able to get the seed then they can easily simulate ores with a mod and have a "projection" on their client. By doing this the first option is rendered useless since the true ores are now exposed. I fixed this by using purpur's seed generation capabilities, so basically the ore seed is different from the world generator. This fixes that clay-diamond thingy and also stops this kind of xray, and If you are asking how they get the seed... Surprise! There's actually a mod to find a seed of a world by taking the pattern of some structures (amazed)
4. Using some kind of mod that does not use any of these three methods... And that could be fixed if I can get warned when a player is using mods or a different client than minecraft vanilla launcher!

In that message I typed all the different forms of xray that I know, so they are all about passive defenses. If we want to summarize all of that it would be: 1. Obfuscate everything 2. Monitor player's CPS and all related exploits that enables a player to get information around them 3. Simulating the position of ores with a seed 4. Check for any additional mod that is not in the mods folder or check if the player is using a client that is not simply vanilla(this can be spoofed by the hackers until there's a way to either have some other form of checking the client without asking for the name or checking if the name was changed idk)

Those are my ideas about how to approach a hack passively. But. We could also try to actively check a hacker if the % of the player being a hacker is high enough, the ways I think would work are:

1. Target a hacker and start placing some ores outside their FOV and wait to see if they end up baiting. To make this even better than what some plugins do I believe the staff should get a message with two clickable options, which is to "launch" the bait and to teleport to the player(but in some kind of vanish...? (and some sort of /back command after the tp would be the cherry on top))
2. Check their movement patterns, so usually, players mine in lines and do not go too far below making worm-like holes. And I believe that it's quite hard to have a detector know if the player is mining down because there was an ore or if the player is using xray and is going down to find the goods... So, I have two ideas, one is actually quite simple and it consists of checking how many time per X amount of time (5 minutes for instance) a player goes too many levels in the Y axis (how much is too many might be found by see how ores generate, for example I don't recall mining an ore vein that was more than 3-4 blocks high). And the second way but probably more expensive for the server is to check what blocks are near the player if he's below Y coordinates (to not cause lag) and then wait until a player tries to go down without having ores in sight or something like that....
3. Check the percentage of stone mined per ore mined. Usually xray abusers go directly to the ores and do not waste time mining stone too much. So the profile of xray players would be drastically different from the usual common player right?
4. Checking how much do they move the head around! Since xray needs the player to visually search the ore maybe if you detect way too much head movement you can start a timer and wait how fast do they get ores after, and if it's repeated a few times then you know he's probably hacking

[Elikill58]

@MaximoTG98 thanks for your comment.

1. This is a good idea, and that's a way for the new verif system. Because I have a command (/n verif) and after 2 changes, I don't know what to do...
2. This is already partially implemented into v2. But it's very low flagging mostly because it's very difficult to be sure it's cheat and not only luck. Because at the base, always mine in direction of diamond is possible.
3. Yes, maybe I should differenciate more minerate than only coal/iron/etc. Also, this is difficult because of block placed then re-mined which can be counted. Do you think I should add more items in the list or only stone ?
4. Yes and no. With an enough large FOV, you can see lot of things, and so don't move so much the head. But, for the head movement, there is some check that are based on this for baritone (which is an auto-mine software). Also, there isn't any xray that let you turn to ores. (cheat that turn your head are only like KillAura or some Scaffold)

[MaximoTG98]

reply to @Elikill58 about the ideas I had:

1. What do you mean by 2 changes? Do you mean you have already tried to implement that active detector in two ways but you are not too sure? Which are the differences? Why don't you like them?
2. i think the second thought I gave might be a good idea, basically checking the blocks around the player once he has been targeted as suspicious by another xray detector. Once the active detector is activated, it would check the surrounding blocks of the player. The anticheat then checks if he has any ore's in sight. If he does not, but proceeds to break a stone because ore's behind were found by xray, then a point is added to a counter. If he ends up doing that multiple times then the % should increase and staff should get alerted
3. I'm not sure how many block types are generated in the underground, but we can split them into 3: Ores, Natural blocks(All kinds of stone, dirt, gravel, deepstone, amathyst blocks even. So basically everything that can be generated underground), Non-Natural so everything else which is not on the list right?. Then the detector should blacklist the checks on the non-natural, and compare the percentage of natural blocks mined per ore found or their percentages?
4. You don't have a xray that moves your head, but you as a hacker do move your head a lot to find the ores that you want. So basically a player might go in one direction, then scan the nearby ores by turning the head around to find new ores to mine(where there's nothing, and by nothing I mean pure stone, dirt and all that I said in point 3. ).

New idea:

5. Players usually do strip-mining right? That process consists in mine forward a lot and then change direction or make an U turn. But xrayers don't behave like that exactly: they do mine in a straight line, but when there's nothing around them they change direction as they know they are not around the ores they want. To differenciate this from legal players, a timer can be started once a suspicious player is being targeted by this active measure, then measure how much time do they take to find expensives ores(basically diamond+emerald+ancient debris give more points than the rest of ores). Measuring how many time they end up changing directions per blocks mined is another way of detecting xray. In a nutshell, legal players will mine way more blocks in a straight line than a xrayer, since the last one will change directions more frecuently. I belive that to check directions and that stuff the code needs to detect once a player has started strip-mining, and calculate a unit vector from the last X number of blocks mined, then the player is expected after X amount of time to switch directions. But hackers will change more frecuently so that X amount of time would be different from the one expected. Maybe a little bit of data is needed before having proper "expected" models of where will the player move but it could work I think.