search

PaperMC / Waterfall

BungeeCord fork that aims to improve performance and stability.
https://papermc.io
MIT License
743 stars 298 forks source link

Possible Exploit #833

Closed Volcan4436 closed 10 months ago

Volcan4436 commented 10 months ago

I am an admin for a server and someone joined and somehow got op I have added part of the log here of him starting the grief


[21:41:14] [Server thread/INFO]: ezzz issued server command: /send
[21:41:24] [User Authenticator #0/INFO]: UUID of player Start is a357ec76-ab2a-374b-b6d7-773fb9317dc4
[21:41:24] [Server thread/INFO]: Start[/1.2.3.4:50903] logged in with entity id 1364 at ([world]0.4625520508900409, 64.0, 0.4611875864721061)
[21:41:25] [Server thread/INFO]: ezzz issued server command: /gmc
[21:41:25] [Async Chat Thread - #1/INFO]: [Not Secure] <Start> a
[21:41:26] [Server thread/INFO]: ezzz issued server command: /lp
[21:41:29] [Async Chat Thread - #1/INFO]: [Not Secure] <ezzz> where
[21:41:33] [Async Chat Thread - #0/INFO]: [Not Secure] <ezzz> im
[21:41:35] [Async Chat Thread - #0/INFO]: [Not Secure] <ezzz> thedigmc
[21:41:36] [Server thread/INFO]: ezzz issued server command: /lp
[21:41:37] [Server thread/INFO]: ezzz issued server command: /gmc
[21:41:39] [Server thread/INFO]: ezzz issued server command: /op
[21:41:40] [Server thread/INFO]: Start lost connection: Disconnected
[21:41:46] [User Authenticator #0/INFO]: UUID of player HaoSMP is c0d3724b-7d04-3bee-bb6f-9a62397787e3
[21:41:46] [Server thread/INFO]: HaoSMP[/1.2.3.4:64175] logged in with entity id 2106 at ([world]0.4625520508900409, 64.0, 0.4611875864721061)
[21:41:48] [Server thread/INFO]: HaoSMP issued server command: /lp
[21:41:49] [Server thread/INFO]: HaoSMP issued server command: /gamemode
[21:41:50] [Async Chat Thread - #1/INFO]: [Not Secure] <HaoSMP> a
[21:41:50] [Server thread/INFO]: HaoSMP lost connection: Disconnected
[21:41:57] [Server thread/INFO]: com.mojang.authlib.GameProfile@675adcb3[id=c0d3724b-7d04-3bee-bb6f-9a62397787e3,name=HaoSMP,properties={},legacy=false] (/1.2.3.4:64156) lost connection: Internal Exception: java.lang.IllegalArgumentException: Invalid UUID string: null
[21:41:57] [User Authenticator #0/INFO]: UUID of player HaoSMP is c0d3724b-7d04-3bee-bb6f-9a62397787e3
[21:42:00] [Server thread/INFO]: com.mojang.authlib.GameProfile@69520709[id=c0d3724b-7d04-3bee-bb6f-9a62397787e3,name=HaoSMP,properties={},legacy=false] (/1.2.3.4:64130) lost connection: Internal Exception: java.lang.IllegalArgumentException: Invalid UUID string: null
[21:42:00] [User Authenticator #0/INFO]: UUID of player HaoSMP is c0d3724b-7d04-3bee-bb6f-9a62397787e3
[21:42:10] [Server thread/INFO]: ezzz lost connection: Timed out```

We have setup protection for joining the servers directly.
Janmm14 commented 10 months ago

Its your problem of not properly securing your backend servers. Use BungeeGuard plugin on all your minecraft servers and set it up correctly with Waterfall.

electronicboy commented 10 months ago

Bungees forwarding mechanism offers 0 form of security, you need to add that yourself, looking towards a firewall or ideally bungeeguard as said.