Open TT702 opened 4 years ago
Recently some of the Minecraft Server has found that the player using a modified mod to send the modified (unexpected) packet as 'ProjectRed' mod's packet to get any item they want without any permission.
https://github.com/MrTJP/MrTJPCore/blob/18c033f361f15e07c8470e94e75513d9a0456390/src/mrtjp/core/handler/packethandlers.scala#L62
For Example: "The player could send the modified packet with any item they want inside to the server, at the server-side will directly set the contains item of the block without any check (e.g Barrel Block in ProjectRed - Exploration)." https://github.com/MrTJP/ProjectRed/blob/dd27e1e3f194d3bef80e33b3f9372ce66891e715/src/mrtjp/projectred/exploration/TileBarrel.scala#L79
Please have looked to see if there's any method to solve this problem due to it will cause unauthorized code execution. Thank you!
Recently some of the Minecraft Server has found that the player using a modified mod to send the modified (unexpected) packet as 'ProjectRed' mod's packet to get any item they want without any permission.
https://github.com/MrTJP/MrTJPCore/blob/18c033f361f15e07c8470e94e75513d9a0456390/src/mrtjp/core/handler/packethandlers.scala#L62
For Example: "The player could send the modified packet with any item they want inside to the server, at the server-side will directly set the contains item of the block without any check (e.g Barrel Block in ProjectRed - Exploration)." https://github.com/MrTJP/ProjectRed/blob/dd27e1e3f194d3bef80e33b3f9372ce66891e715/src/mrtjp/projectred/exploration/TileBarrel.scala#L79
Please have looked to see if there's any method to solve this problem due to it will cause unauthorized code execution. Thank you!