Bypass: Horizontal fly

[Alexre]

Short description of the issue.

I'm seeing many players using horizontal fly without being blocked or detected by ncp

Complete output of the ncp version command (please prefer text here).

18:10:53 INFO]: ---- Version information ---- 18:10:53 INFO: #### Server #### 18:10:53 INFO: git-TacoSpigot-"27784328" ~MC: 1.8.8~ 18:10:53 INFO: detected: 1.8.8 18:10:53 INFO: #### NoCheatPlus #### 18:10:53 INFO: Plugin: 3.16.0-RC-sMD5NET-b1134 18:10:53 INFO: MCAccess: 1.8.4-1.8.8 / Spigot-CB-1.8_R3

18:10:53 INFO: blocks: BlocksMC1_4 | BlocksMC1_5 | BlocksMC1_6_1 | BlocksMC1_7_2 | BlocksMC1_8 18:10:53 INFO: checks: FastConsume | Gutenberg | AttackFrequency | FlyingFrequency | KeepAliveFrequency 18:10:53 INFO: defaults: pvpKnockBackVelocity 18:10:53 INFO: packet-listeners: UseEntityAdapter | MovingFlying | OutgoingPosition | KeepAliveAdapter | SoundDistance 18:10:53 INFO: Hooks: AllViolations~NCP~ 1.0 18:10:53 INFO: #### Related Plugins #### 18:10:53 INFO: ProtocolLib v4.3.0 | ViaVersion v1.3.0

How to reproduce the issue (is it random / always happens / side conditions)?

Have you made any (noteworthy) changes to the default configuration of NCP?

Using https://www.spigotmc.org/threads/nocheatplus-config-optimized-and-free.158041/

Do you run any other special plugins that affect game mechanics next to NC+ (adding skills, machines, adding/changing blocks, other anti cheating)?

no

Provide additional information, such as error/debug/violation logs. (For reproducible issues with moving consider: https://github.com/NoCheatPlus/Docs/wiki/Debugging#on-the-fly-debug-output-for-individual-players) Use GitHub gists or http://pastebin.com/ or similar for huge logs, or attach a (zip-) file here. For image uploads, please prefer a site that allows viewing without JavaScript, you can upload file attachments for issues right here.

I don't know what clients can do that, but I have a lot of video reports of players flying. https://www.youtube.com/watch?v=iNUWAir50-w https://www.youtube.com/watch?v=dvJT-pReu9g

[asofold]

After downloading the zip file, it appears that there are three configurations inside and a file with suggestions... which of the configurations are you using?

Checking the kick-only config for surivivalfly actions, i see something like:

actions: vl>45 cancel ...

This means all violations below 45 are not cancelled - the problem is that NCP allows decrease of the violation level with legitimate moves, thus it's very likely that at least horizontal fly is possible with "actions: vl>45 ...".

I'll attempt to mitigate this by not allowing vl to decrease (at least in-air, +-cooldown) after a violation is not cancelled. Unfortunately it'll still take roughly until the weekend, as i have a large batch of changes that need to be completed first.

[Alexre]

https://hastebin.com/iyutupesam.swift Here is the config i use

[0-x-2-2]

this is most likely something todo with your custom ncp config or they could be abusing a exploit with one of your plugins.

[0-x-2-2]

After testing with you're config indeed it is the config and it only pulls back after 50 blocks or so of flying at slow speeds. I believe the config has it there to prevent false positives because it autobans.

[asofold]

It clearly is due to the survivalfly actions "actions: vl>45 ...". As you can see, there is no cancel entry before vl>45, which in effect means people can abuse the vl-relaxation mechanics to get closer to vl 0, thus they can repeat violations.

So the immediate fix is to add a cancel entry: "actions: cancel vl>45 ...", however that removes some of the leniency.

[asofold]

I'll attempt to make stuff more strict for cases like "actions: vl>45", it'll also make the default config more strict though.

Build 1143 or later.

[CaptainObvious0]

The SurvivalFly cancel VL was set higher after some testing I did years ago. From my current testing it would allow some horizontal flying of short distances but after some time it would eventually block it. From the videos provided we’re like it was relatively short distances that they flew. As asofold suggested you can try decreasing that value for now.

I’ll be making some adjustments to the config and roll out an update soon. Since this is an issue related to the config, don’t hesitate to message me on the spigot forums. I apologize for the late response as I only saw this until now.

[asofold]

@CaptainObvious0 Some of the recent changes address the issue with the changed configuration (inair stuff with vl freeze), however i still need feedback/fix on some other issue, even before a beta release.

The idea of the changes is to prevent relaxing the current vl with valid moves, while in-air. However this has a potential for impact on all moving, as the vl wouldn't get reduced in-air for bunny-hopping either. So i'll need to somehow improve the bunny-hopping model more or less next-ish.