Players can exploit the bank in the residence to generate money

Zrips / Residence

Residence Bukkit Plugin

135 stars 85 forks source link

Players can exploit the bank in the residence to generate money #1140

Closed konsheng closed 8 months ago

konsheng commented 9 months ago

Using "/res bank deposit "residence_name" -9999" allows for a deposit of 9999 into the territory bank.

This is a glitch, as using a negative number enables the deposit.

lRENyaaa commented 9 months ago

This looks like a big exploit, but I wasn't able to reproduce successfully My versions: Purpur 1.20.4, CMILib 1.4.4.9, Residence 5.1.2.2 Economy: Vault 1.7.3-b131, EssentialsX 2.21.0-dev+25-fbfd7e9 I checked the source code and it seems to be related to the economy system. What economy system are you using?

看起来是个大漏洞，但我没复现成功我版本: Purpur 1.20.4, CMILib 1.4.4.9, Residence 5.1.2.2 经济系统: Vault 1.7.3-b131, EssentialsX 2.21.0-dev+25-fbfd7e9 我检查了源码,这似乎和经济系统有关问下你用的什么经济系统

lRENyaaa commented 9 months ago

This looks like a big exploit, but I wasn't able to reproduce successfully My versions: Purpur 1.20.4, CMILib 1.4.4.9, Residence 5.1.2.2 Economy: Vault 1.7.3-b131, EssentialsX 2.21.0-dev+25-fbfd7e9 I checked the source code and it seems to be related to the economy system. What economy system are you using?

看起来是个大漏洞，但我没复现成功我版本: Purpur 1.20.4, CMILib 1.4.4.9, Residence 5.1.2.2 经济系统: Vault 1.7.3-b131, EssentialsX 2.21.0-dev+25-fbfd7e9 我检查了源码,这似乎和经济系统有关问下你用的什么经济系统

UPDATE: I replaced the economy system and it was successfully reproduced on the CMI 9.6.10.0

更新: 我更换了经济系统，在CMI 9.6.10.0 上成功复现

xiantiao233 commented 9 months ago

This looks like a big exploit, but I wasn't able to reproduce successfully My versions: Purpur 1.20.4, CMILib 1.4.4.9, Residence 5.1.2.2 Economy: Vault 1.7.3-b131, EssentialsX 2.21.0-dev+25-fbfd7e9 I checked the source code and it seems to be related to the economy system. What economy system are you using?

看起来是个大漏洞，但我没复现成功我版本: Purpur 1.20.4, CMILib 1.4.4.9, Residence 5.1.2.2 经济系统: Vault 1.7.3-b131, EssentialsX 2.21.0-dev+25-fbfd7e9 我检查了源码,这似乎和经济系统有关问下你用的什么经济系统

来自 IRENyaaa的图片 a1bfe1b590e945d216615fb6cd390f12

NuoNuoYES commented 9 months ago

I did not reproduce it successfully. I used the economic plugins Vault and Xconomy, and the res version was 5.1.1.1 2024-02-02-6.log minecraft server viasion is 1.8.8 sipgot I have not tested the CMI plugin before The logs I sent were tested using the aforementioned plugin and did not generate any issues related to this report

NuoNuoYES commented 9 months ago

This is a video about my testing experience 2024-02-02 20-10-38.zip

konsheng commented 9 months ago

Reproducible when using CMI Economy and Xconomy, but not reproducible with Ess

konsheng commented 9 months ago

@Zrips