TpAura bypass

[skbeh]

Complete output of the ncp version command (please prefer text here)

§c§l»Version information«§7
§6§lServer:§7
§7git-PandaSpigot ~MC: 1.8.8~
§7§eDetected: §71.8.8
§6§lNoCheatPlus:§7
§7§ePlugin: §73.17.1-SNAPSHOT-Updated
§7§eMCAccess: §71.5-1.12.2|? / CB-Reflect
§6§lFeatures:
§7§eblocks§7: BlocksMC1_4§f, §7BlocksMC1_5§f, §7BlocksMC1_6_1§f, §7BlocksMC1_7_2§f, §7BlocksMC1_8§f, §7MCAccessCBReflect
§7§echecks§7: FastConsume§f, §7Gutenberg§f, §7AttackFrequency§f, §7FlyingFrequency§f, §7KeepAliveFrequency
§7§edefaults§7: pvpKnockBackVelocity
§7§epacket-listeners§7: UseEntityAdapter§f, §7MovingFlying§f, §7OutgoingPosition§f, §7KeepAliveAdapter§f, §7Fight
§6§lHooks:
§7ViolationFrequency~NCP~ 1.0
§c§l»Related Plugins«§7
§7ProtocolLib v5.1.1-SNAPSHOT§f, §7ViaVersion v4.9.2

Short description of the issue and how to reproduce (is it random / always happens / side conditions ?)

When a player sends a specific packet sequence, he will be able to attack others from far away, like the so-called TpAura.

Assume the target player is T. The sequence is PacketPlayInPosition to teleport to T (packet A), PacketPlayInUseEntity to attack T, and another PacketPlayInPosition to teleport to the origin location (before packet A was sent). The same goal can be achieved by utilizing "Blink".

Have you made any (noteworthy) changes to the default configuration of NCP?

The issue can be reproduced on the default configuration.

Do you run any other special plugins that affect game mechanics next to NC+ (skills, machines, adding/changing blocks, other anti-cheating)?

No.

Provide additional information: for bypasses, vulnerabilities and reproducible issues, we request a debug log.

The packet log captured by EventsLogger:

[19:11:29] [PacketsLogger] Play.Client.FLYING[class=PacketPlayInFlying, id=254]
[19:11:29]   Player: CraftPlayer[name=player]
[19:11:29]   Fields:
[19:11:29]     x=0.0
[19:11:29]     y=0.0
[19:11:29]     z=0.0
[19:11:29]     yaw=0.0
[19:11:29]     pitch=0.0
[19:11:29]     f=false
[19:11:29]     hasPos=false
[19:11:29]     hasLook=false
[19:11:29]  
[19:11:29] [PacketsLogger] Play.Client.POSITION[class=PacketPlayInPosition, id=22]
[19:11:29]   Player: CraftPlayer[name=player]
[19:11:29]   Fields:
[19:11:29]     x=-2.9090383551410013
[19:11:29]     y=43.0
[19:11:29]     z=-3.6326836319666502
[19:11:29]     yaw=0.0
[19:11:29]     pitch=0.0
[19:11:29]     f=false
[19:11:29]     hasPos=true
[19:11:29]     hasLook=false
[19:11:29]  
[19:11:29] [PacketsLogger] Play.Client.USE_ENTITY[class=PacketPlayInUseEntity, id=18]
[19:11:29]   Player: CraftPlayer[name=player]
[19:11:29]   Fields:
[19:11:29]     a=996
[19:11:29]     action=ATTACK
[19:11:29]     c=<null>
[19:11:29]  
[19:11:29] [PacketsLogger] Play.Client.FLYING[class=PacketPlayInFlying, id=254]
[19:11:29]   Player: CraftPlayer[name=player]
[19:11:29]   Fields:
[19:11:29]     x=0.0
[19:11:29]     y=0.0
[19:11:29]     z=0.0
[19:11:29]     yaw=0.0
[19:11:29]     pitch=0.0
[19:11:29]     f=false
[19:11:29]     hasPos=false
[19:11:29]     hasLook=false
[19:11:29]  
[19:11:29] [PacketsLogger] Play.Client.FLYING[class=PacketPlayInFlying, id=254]
[19:11:29]   Player: CraftPlayer[name=player]
[19:11:29]   Fields:
[19:11:29]     x=0.0
[19:11:29]     y=0.0
[19:11:29]     z=0.0
[19:11:29]     yaw=0.0
[19:11:29]     pitch=0.0
[19:11:29]     f=false
[19:11:29]     hasPos=false
[19:11:29]     hasLook=false
[19:11:29]  
[19:11:29] [PacketsLogger] Play.Client.POSITION[class=PacketPlayInPosition, id=22]
[19:11:29]   Player: CraftPlayer[name=player]
[19:11:29]   Fields:
[19:11:29]     x=-12.826706300537984
[19:11:29]     y=43.0
[19:11:29]     z=-6.765628032153675
[19:11:29]     yaw=0.0
[19:11:29]     pitch=0.0
[19:11:29]     f=false
[19:11:29]     hasPos=true
[19:11:29]     hasLook=false
[19:11:29]  
[19:11:29] [PacketsLogger] Play.Client.FLYING[class=PacketPlayInFlying, id=254]
[19:11:29]   Player: CraftPlayer[name=player]
[19:11:29]   Fields:
[19:11:29]     x=0.0
[19:11:29]     y=0.0
[19:11:29]     z=0.0
[19:11:29]     yaw=0.0
[19:11:29]     pitch=0.0
[19:11:29]     f=false
[19:11:29]     hasPos=false
[19:11:29]     hasLook=false
[19:11:29]  
[19:11:29] [PacketsLogger] Play.Client.FLYING[class=PacketPlayInFlying, id=254]
[19:11:29]   Player: CraftPlayer[name=player]
[19:11:29]   Fields:
[19:11:29]     x=0.0
[19:11:29]     y=0.0
[19:11:29]     z=0.0
[19:11:29]     yaw=0.0
[19:11:29]     pitch=0.0
[19:11:29]     f=false
[19:11:29]     hasPos=false
[19:11:29]     hasLook=false
[19:11:29]  
[19:11:29] [PacketsLogger] Play.Client.FLYING[class=PacketPlayInFlying, id=254]
[19:11:29]   Player: CraftPlayer[name=player]
[19:11:29]   Fields:
[19:11:29]     x=0.0
[19:11:29]     y=0.0
[19:11:29]     z=0.0
[19:11:29]     yaw=0.0
[19:11:29]     pitch=0.0
[19:11:29]     f=false
[19:11:29]     hasPos=false
[19:11:29]     hasLook=false
[19:11:29]  
[19:11:29] [PacketsLogger] Play.Client.FLYING[class=PacketPlayInFlying, id=254]
[19:11:29]   Player: CraftPlayer[name=player]
[19:11:29]   Fields:
[19:11:29]     x=0.0
[19:11:29]     y=0.0
[19:11:29]     z=0.0
[19:11:29]     yaw=0.0
[19:11:29]     pitch=0.0
[19:11:29]     f=false
[19:11:29]     hasPos=false
[19:11:29]     hasLook=false
[19:11:29]  
[19:11:29] [PacketsLogger] Play.Client.FLYING[class=PacketPlayInFlying, id=254]
[19:11:29]   Player: CraftPlayer[name=player]
[19:11:29]   Fields:
[19:11:29]     x=0.0
[19:11:29]     y=0.0
[19:11:29]     z=0.0
[19:11:29]     yaw=0.0
[19:11:29]     pitch=0.0
[19:11:29]     f=false
[19:11:29]     hasPos=false
[19:11:29]     hasLook=false
[19:11:29]  
[19:11:29] [PacketsLogger] Play.Client.FLYING[class=PacketPlayInFlying, id=254]
[19:11:29]   Player: CraftPlayer[name=player]
[19:11:29]   Fields:
[19:11:29]     x=0.0
[19:11:29]     y=0.0
[19:11:29]     z=0.0
[19:11:29]     yaw=0.0
[19:11:29]     pitch=0.0
[19:11:29]     f=false
[19:11:29]     hasPos=false
[19:11:29]     hasLook=false

[Regomy]

up