search

PaperMC / Waterfall

BungeeCord fork that aims to improve performance and stability.
https://papermc.io
MIT License
741 stars 302 forks source link

Possible Exploit #833

Closed Volcan4436 closed 1 year ago

Volcan4436 commented 1 year ago

I am an admin for a server and someone joined and somehow got op I have added part of the log here of him starting the grief


[21:41:14] [Server thread/INFO]: ezzz issued server command: /send
[21:41:24] [User Authenticator #0/INFO]: UUID of player Start is a357ec76-ab2a-374b-b6d7-773fb9317dc4
[21:41:24] [Server thread/INFO]: Start[/1.2.3.4:50903] logged in with entity id 1364 at ([world]0.4625520508900409, 64.0, 0.4611875864721061)
[21:41:25] [Server thread/INFO]: ezzz issued server command: /gmc
[21:41:25] [Async Chat Thread - #1/INFO]: [Not Secure] <Start> a
[21:41:26] [Server thread/INFO]: ezzz issued server command: /lp
[21:41:29] [Async Chat Thread - #1/INFO]: [Not Secure] <ezzz> where
[21:41:33] [Async Chat Thread - #0/INFO]: [Not Secure] <ezzz> im
[21:41:35] [Async Chat Thread - #0/INFO]: [Not Secure] <ezzz> thedigmc
[21:41:36] [Server thread/INFO]: ezzz issued server command: /lp
[21:41:37] [Server thread/INFO]: ezzz issued server command: /gmc
[21:41:39] [Server thread/INFO]: ezzz issued server command: /op
[21:41:40] [Server thread/INFO]: Start lost connection: Disconnected
[21:41:46] [User Authenticator #0/INFO]: UUID of player HaoSMP is c0d3724b-7d04-3bee-bb6f-9a62397787e3
[21:41:46] [Server thread/INFO]: HaoSMP[/1.2.3.4:64175] logged in with entity id 2106 at ([world]0.4625520508900409, 64.0, 0.4611875864721061)
[21:41:48] [Server thread/INFO]: HaoSMP issued server command: /lp
[21:41:49] [Server thread/INFO]: HaoSMP issued server command: /gamemode
[21:41:50] [Async Chat Thread - #1/INFO]: [Not Secure] <HaoSMP> a
[21:41:50] [Server thread/INFO]: HaoSMP lost connection: Disconnected
[21:41:57] [Server thread/INFO]: com.mojang.authlib.GameProfile@675adcb3[id=c0d3724b-7d04-3bee-bb6f-9a62397787e3,name=HaoSMP,properties={},legacy=false] (/1.2.3.4:64156) lost connection: Internal Exception: java.lang.IllegalArgumentException: Invalid UUID string: null
[21:41:57] [User Authenticator #0/INFO]: UUID of player HaoSMP is c0d3724b-7d04-3bee-bb6f-9a62397787e3
[21:42:00] [Server thread/INFO]: com.mojang.authlib.GameProfile@69520709[id=c0d3724b-7d04-3bee-bb6f-9a62397787e3,name=HaoSMP,properties={},legacy=false] (/1.2.3.4:64130) lost connection: Internal Exception: java.lang.IllegalArgumentException: Invalid UUID string: null
[21:42:00] [User Authenticator #0/INFO]: UUID of player HaoSMP is c0d3724b-7d04-3bee-bb6f-9a62397787e3
[21:42:10] [Server thread/INFO]: ezzz lost connection: Timed out```

We have setup protection for joining the servers directly.
Janmm14 commented 1 year ago

Its your problem of not properly securing your backend servers. Use BungeeGuard plugin on all your minecraft servers and set it up correctly with Waterfall.

electronicboy commented 1 year ago

Bungees forwarding mechanism offers 0 form of security, you need to add that yourself, looking towards a firewall or ideally bungeeguard as said.