Raycoms
commented
2 months ago So this is only boats and minecarts with chests (entities essentially) ? Or are shulkerboxes also still a problem?
Open LinkTheLinker opened 2 months ago
Raycoms
commented
2 months ago So this is only boats and minecarts with chests (entities essentially) ? Or are shulkerboxes also still a problem?
LinkTheLinker
commented
2 months ago This is essentially with entities, as with the previous bug I reported, but shulker boxes allow a similar exploit when in inventories scanned in Minecolonies.
Raycoms
commented
2 months ago From the description I'm not entirely sure. Is it necessary to have the items in the shulkerbox in another inventory. Or does any item in an entity inventory work?
LinkTheLinker
commented
2 months ago It is necessary to have the items in the shulker box to work. The previous iteration of the exploit never required them.
LinkTheLinker
commented
2 months ago This is the older iteration of the bug I am referring to: https://github.com/ldtteam/Structurize/issues/641
Is there an existing issue for this?
Are you using the latest MineColonies Version?
Did you check on the Wiki? or ask on Discord?
What were you playing at the time? Were you able to reproduce it in both settings?
Minecraft Version
1.20
MineColonies Version
1.1.653-1.20.1-snapshot-universal
Structurize Version
1.20.1-1.0.755-beta
Related Mods and their Versions
Current Behavior
Link to Video: https://drive.google.com/file/d/1-FzQSmRp0suy__M3MGYC60IAB3WQz2D4/view?usp=sharing
The video shows that the items in the Minecart with Hopper bug that I had previously reported has a 2nd iteration, where it doesn't process shulker box inventories correctly. While Bedrock is used in the video, creative items or items with Custom NBT data can be "smuggled" into multiplayer servers. I have tested this on an actual server running an earlier version of Minecolonies with great success. Furthermore, this can also be executed via Minecart with Chest and Boats with Chests.
Expected Behavior
What should happen is when making the scan of the Minecart with Hopper is it should show the resources needed for the items that are contained in the inventory (including the shulker box). Furthermore, the scan should not allow the smuggling of illegal items onto servers.
Reproduction Steps
Boot up a modpack that purely has the Minecolonies mod with the other mods required to boot up Minecolonies or even a modpack with Minecolonies like ATM 9.
Start a new world with Creative mode and Allow Cheats set to ON.
Get a town hall block, builder's hut block, build tool, scan tool, 64 rails, a Minecart with Hopper and the desired item(s) you want to "smuggle" onto a server.
Place the rail, Minecart with Hopper and put the shulker box with the desired item(s) into the Hopper. Then, create a scan with the Scan tool.
Build the town hall with the build tool, and press "assign to builder".
Build the builder's hut with the build tool, and press "assign to builder".
Once a citizen is assigned a builder, build the scan created in step 4 and press "assign to builder".
Give the builder a stack of rails, a Minecart with Hopper, and an empty Shulker Box.
The builder will build the Minecart with Hopper and you will find the shulker with the items you put into into it in the build.
Logs
https://gist.github.com/LinkTheLinker/ca8688ccdb76d234f98ba7f7143bfd3e
Anything else?
Note: This also works in the release versions of Minecolonies as well.
Footer
Viewers