| ▲ | Tiberium 6 hours ago | |||||||
2B2T really has an extremely interesting and long history, and some of the most interesting exploits/security vulnerabilities found just for it, for example https://2b2t.miraheze.org/wiki/Nocom where the attackers had a blunt server DoS and through it influenced the server owner to report it to PaperMC, and the fix for the DoS gave them ability to track other players just as they had hoped. > In July 2018, 0x22 and Babbaj created a coordinate exploit, using the groundwork laid out in the lag exploit. The two theorized that, if the server didn't return a response for unloaded chunks, but returned a response for loaded chunks, the rough location of players in 2b2t could be approximated. However, prplz's patch returned a response regardless of whether a chunk was loaded or unloaded, requiring a second patch to Paper that would only return a response if the chunk was loaded. > Knowing that the issue would be resolved if Hausemaster reported it to Paper, likely through the method they laid out, 0x22 and Babbaj began intentionally, repeatedly, and blatantly sending CPacketPlayerDigging packets, causing the Paper watchdog process to output a stack trace, which included the line added by prplz. | ||||||||
| ▲ | DefineOutside 5 hours ago | parent | next [-] | |||||||
People have also tried to create merge requests into my plugin to reintroduce the issue into 2B2T. | ||||||||
| ||||||||
| ▲ | sterlind 4 hours ago | parent | prev [-] | |||||||
and then once they had the primitive, they used a compressed sensing algorithm or HMM of some kind to create a live player map. truly APT-level tradecraft. | ||||||||