Minecraft Hacking for Beginners

and gentlemen the final presentation of the morning it's uh Zan balage who many of you will recognize he's a regular speaker and contributor and always comes up with something new and something interesting Zan so hello everyone um my name is Zan bage and this is exactly oh

and uh can someone help me maybe sorry yeah yeah yeah what's going what should I do live debug mode or I do the presentation without I do it this way and maybe this works okay so again my name is B Zan and this is not what I do at Kujo AI so if you think that if you go to our company and you can hack Minecraft this is not what we do anyway um if you think about uh MC uh my idea about MC was midnight Commander because I'm that old but there is a new generation of people for who MC stands for Minecraft so uh if you don't know Minecraft was released 12 years ago by

Mojang Studios and actually based on Wikipedia it is the best selling video game of all time originally it was written in Java and Microsoft bought it for some amount of money a long time ago and uh I think one of the worst things they did with Minecraft is that they migrated all Mojang accounts to Xbox and there was a lot of lot of issues with that so I started playing Minecraft last year and so far I think I played like 15 hours with it uh as a regular player and not hacking it so I'm a total noob in Minecraft so if you have uh any questions regarding Minecraft I don't know the answer and if I do or say any

stupid things in Minecraft please don't blame me I'm not a regular Minecraft user and uh yeah I probably spent a lot more time trying to figure out the hacks and how this whole Minecraft hacking industry Works uh most of the things uh I showed during this presentation is not mine I stole it from live overflow uh if you don't know who he is or you don't follow him you should um this is the playlist for his Minecraft hacking series uh last time I checked it was a total 7 hours and8 28 minutes uh of playlist for Minecraft hacking only so if you have some free time I highly recommend watching those if you want to decompile the the

Minecraft uh Java code you have to know that it's partially protected uh there are different uh theories why it is protected uh actually it's protected by a program called progard and uh you can call it a shrinker or Optimizer or auscor so maybe it's only for performance reasons that uh it's not in its original form but uh luckily there are many many many people who love Minecraft and uh recent years uh they created awesome lot of tools uh which can help you decompiling the Java source code so if you check out this GitHub project uh intermediary and yarn and uh you follow this uh YouTube guide uh you can practically have a proper version uh

proper the compiled version of Minecraft on your laptop with uh all the function names and variable names reverse engineered but let me show this to you so for example by default if you decompile the Java class you will see things like file a file B file C and all these very dumb variable names clearly because this is Java the Compilation All the strings will be nicely still here but it's not the best if you really want to understand how this stuff works but uh if you do run this intermediary and yarn project you will get something like this where all the class names and all the variable names everything is very nicely resolved so you have to know that this

is all reverse engineered knowledge uh and at some point in time uh Mojang also released the original source code so now you can check how they Nam stuff and how the reverse Engineers name stuff uh I have heard that some cases the reverse engineering variable names make more sense than the original developer uh varable is but I think that's

okay so uh if you know Minecraft you know that you can run your own server uh if you don't know Minecraft maybe you don't know that but it's practically very easy you just find a proper uh server jar version online you downloaded it uh probably the hardest part would be to install Java on your machine uh there are some uh properties files you have to fill out but it's really really easy and after that you just run your server and there it is and for the next demos uh I actually have to start my server so let me do it sometimes it can take some time because it's Java yeah and um some fair warning

regarding the demo Gods so I'm not doing live demos for uh many many years because something always goes wrong and even in the very rare cases when I do run live demos I always have video backups so what I'm doing right now is that I don't have video backups and I'm running live demos so we will see how that works but uh I checked Google Images search uh for sacrificing sheeps for the demo gods and this is what it came came up so I hope that's enough for the demo gods for today so um for our next demo we are going to use a network proxy uh in Python there is this very awesome framework called twisted and you

can even use it in penetration testing because it's a very nice uh proxy module which you can use for uh like f client application hacking and stuff and uh there is this uh module called Quarry which is built on top of Twisted and uh they impl mented practically the Minecraft protocol as a network proxy so uh python code I'm going to show you is stolen from live overflow and uh for some of his stuff he was using the wiki. VG website where you can find all the interesting details of how Minecraft protocol really works so um if you think about uh doing a Network proxy which sits between the Minecraft client and Minecraft server and let's

say that we want to implement teleport functionality clearly there is no button in Minecraft client to say hi I want to teleport to some new position so how do you do that you create this network proxy and whenever there's this magic command usually people use the chat window for that and when this Network proxy sees this special command then it can send the new coordinates to the server that's the basic idea how you can implement this but the question is uh what can possibly go wrong if you send the updated packets to the server and that's that's it that's what you do what the issue with this approach anyone so in this case the server will

will have the new position the client will have the old position so the client UI will not update at all and if you move then you will send the new pockets to the server so practically you teleported virtually on the server but nothing happened so it's very important to also send the new coordinates to the client as well otherwise it will not work properly so here is this uh teleport xxy already running and uh meanwhile let me start Minecraft and we can also quickly have a look at the source of this teleport proxy so as you can see it's using the twisted and the Quarry modules and they have and the live overflow implemented this packet Upstream chat message and if

it sees the command Port then it will figure out the new positions and send it uh to the downstream the client and it's Java so it's slow um there are the other parts of this code is mostly like logging and stuff so it's not that interesting yeah live demo this should start like this worked 10 minutes ago uh also what's fun uh regarding this live demo is that uh two weeks ago this whole demo only worked when uh WiFi was uh turned off and yesterday when I tested this particular uh hack it only worked when Wi-Fi was on so this is the fun with these things so let me quick kill this process and hopefully it will work

again if Minecraft doesn't start that's fun because all my deos involve starting Minecraft but anyway um maybe I can go with the slides and uh let's see if this starts or not yes um so uh live overflow created a Minecraft server and back in the days uh when I wanted to play with it there were some online tutorials how you can find this server and those tutorials were incorrect because live overflow already changed how you can find his server so I spent an awful lot of time trying to figure out what's going on so uh if you want to find his and play on it then first uh you should have a very good U server in the cloud don't

do this from home uh actually nowadays you can get a free server from Oracle and then you do a mass scan on all of the IP addresses of the hner internet service provider you can find their ASM number there and um yeah you should scan all the Minecraft ports with M scan and grab the banners from it yeah this is not going to work so this is fun um what else can I do here let's kill this one first and let's open Minecraft again is there any Java running ah not that much let's kill them all can I kill all yes hopefully this helps so anyway um the original instructions uh were about um this

subnet and uh I thought that uh live overflow will only move his server in between the subnet so I tried to find it here don't make this mistake because it's not there anymore if you are lazy and you want don't want to do a full MTH scan then on Discord some nice people already uh published their list about all the Minecraft servers in the hner IP address so you can practically use this one and you don't have to do the mcam and um yeah then uh you can use uh specific uh Minecraft specific scanner scripts which will grab or all the information uh from the Minecraft servers um there is this guy Yuan voler uh stuff I did not steal from live

overflow from this presentation I stole from him um so he already implemented uh this uh Minecraft server scanning uh client and it worked really well for my use cases so uh once you have uh this uh list you should filter for paper 1.9.2 servers because that's the server version of the live overflow servers you should filter for maximum players of 50 and uh now is there is this very interesting thing which really confused me in the beginning is that uh there is the LI real live overflow server but um because live overflow he did not do any uh um like uh moderation on the servers there were a lot an awful lot of uh people who were not behaving

nicely on the server and uh because he was the server admin but didn't do anything with it uh some other people took action and what they did is that uh they filled the live overflow server with Bots and they created uh rust based uh proxy and uh whenever you connect to this Ros based proxy they do a check of your IP that hey we know you and yes you are a good behaving Citizen and uh once you pass this check then they all of you into the server by both proxying the connection and removing the bot they have there and this was not properly documented anywhere so I had no idea what I'm doing and what I'm looking for so so it was a

bit odd but

anyway so this is not working is it as you can see it and yeah never happened like I have used it all the time no idea and I'm not going to reboot my uh MacBook right now anyway no live demos for today you can learn from this experience anyway uh once you find uh the IP address for the live overflow Minecraft server you can also use uh the Discord and they have Bots and if you uh use the proper command to check the IP address it will let you know that yeah you found the proper IP address um so by default as you might know uh you can only communicate uh with the Minecraft server version if you have the

same client version uh luckily there are hacks around this and I'm going to discuss those as well but by default if you uh don't want to play with those things just use the same client version as the server version also please don't use uh illegal clients uh something like T launcher because uh this is a proper server and it will check with the Microsoft authentication system that you bought your Minecraft client client properly and uh what was also confusing for me that I did install a bunch of plugins into my Minecraft client and uh it had these proxy buttons and proxy lists and whatever and I got confused with this uh previously shown uh proxy

so yeah it was a very confusing for me because I had no idea what I'm doing if you are able to connect to the live overflow server uh you will be greeted with this uh Kick message that uh error human detected uh you are not moving as any bot would move and uh this is uh part of The Challenge from live overflow and clearly what you have to do right now is to hack the client or make a proxy which will uh round your position uh in a way that uh your positions uh XY Z are always uh round numbers um it's not easy to do that like uh I'm not very good at Java and mixing

and stuff so I could not do that um but what's really nice uh in this whole uh Minecraft world um that uh there there are multiple modding tool chains which you can use uh one of the best is the fabric uh tool chain and uh all you have to do is to download uh jar file uh install it uh it will install the basic fabric uh stuff into your Minecraft environment and um most of the plugins or mods you can use they will also need the fabric appy so you also have to download that and add it to your mods directory yeah here you can see that uh I have the fabric API for example here

and uh that's all you need and after that um you have to figure out what mixings are um so with mixings uh you can uh modify existing code in the base Minecraft game and you can do it for injecting any custom logic or removing any mechanics or modifying values stuff like that if you're interested in the deeper details of how these mixings Works uh this is uh one of the best explanations for you so uh as I mentioned uh Yan volier already published uh his uh fabric uh mode uh to play on the live overflow server so if you are going to the easy mode and you are not interested in learning uh Java coding and how the whole Minecraft

stuff works then you can just download these mods and uh run it uh on your uh client and uh yeah here you can see the release version actually it was released 5 days ago so yesterday I had to um update all my Minecraft systems and Minecraft plugins and they worked back in the times but anyway and um yeah here you can see uh how the mixings work that uh Whenever there is this Player move client to server packet then uh they are capturing uh the positions and orientations and stuff and um here is practically uh implemented uh the this rounding stuff that all of your C coordinates will be rounded and that's sent to the server

and this is how you can bypass the human detection uh what's actually really funny that uh 5 days ago uh yoran uh published his um part two uh of his blog post and he already covers a lot of stuff what I covered in in my previous slides but uh I think that's okay that's how life works so um yeah I did show that um because Minecraft did start okay this is odd but it will not work because it says it's offline Jesus Christ let's let's check this uh I'm pretty sure it will not work but let's check it um so as I mentioned the Minecraft hacking Community is pretty rich and uh here you can see one uh client called

the met client and these are all the different functionalities uh you can uh turn on or or turn off uh in your client like anti- levitation Auto jump Auto walk high jump I have no idea what Jesus is but there you have it so it has an awful lot of uh features which you might use uh in your Hacked Client so um what's going on anyway um there is this fun story uh and I think uh this exploit really shows uh how much time people are willing to spend in hacking uh Minecraft so there is this uh guide called fitmc and if you are into Minecraft hacking uh I recommend you to follow him and uh there is the his video

Thea of Minecraft's 2b2 tob2 is one of the old Minecraft servers and uh what a hacker team did is that uh they found a crash uh in the Minecraft logic and uh it they uh triggered this crash by forcing the server to load an awful lot of uh chunks and then they convinced the developers that hey you guys should fix this crash because uh you can crash Minecraft servers with it and uh after that because this uh fix was implemented now uh this fix actually uh implemented a vulnerability in the Minecraft server uh because now there was an info leak uh in the Minecraft world uh where you could know whether very very far away chunk is already loaded or not and

uh they spent um some months and and at least three or four people was full-time working on this exploit but they have used uh machine learning and probably the association to link users with coordinates and uh they did everything just that they can track users where they can find their bases on the map so after that they can grief those uh bases and stuff so they implemented an Adaptive tracking system some um they also recreated the 2b2 world uh in their uh own environment because they already knew the seed which was used to generate uh the 2b2 server and they were able to test uh all the changes uh in their own developer environment and these guys

were also really really good with uh social engineering so whenever people were complaining that hey uh someone should someone possibly has an exploit and they are tracking people then they were on the forums all the time trying to convince people that nothing fishy is going on so yeah they did a really great job and I think it went for years so they are really really talented hackers okay maybe something will work today let's see so let me quickly show you you the local proxy stuff what do you think will it work no no clearly it won't I have no idea what's going on I blame the Wi-Fi on it but anyway um another fun story was the log

for Shell vulnerability uh log forj is a critical component of the Java word because everyone uses it for logging and uh turned out that uh there was a very nasty vulnerability inside Lo forch and as far as I know the first mon exploitation of this Java vulnerability was in uh owning Minecraft servers so that's fun that uh if you have uh the exploit where you can own the whole world what do you do yeah you clearly hack Minecraft servers because what else um so practically what happened that uh if you sent something like this uh in the chat then uh the log 4J component ran this command and interpreted it uh so yeah this was really really bad

because uh you could also connect to other servers with this uh adop stuff or what's even worse that for example if you are talking about uh Amazon uh servers running uh Minecraft then you could also steal the AVS secret access keys with this method and uh the remaining part how this vulnerability was fixed was also pretty bad because uh there were practically blacklists uh around how people started to block these attacks but yeah the issue with Blacklist is that you can come up something with something like that and it will completely bypass the full Blacklist and then people started to do filtering like you are only allowed to Local Host but uh still this is a valid URL and it

will not connect to Local Host but evil host but the filter F it's good because it has the Local Host inside it yeah so it was really really bad and yeah at the end it was not just the Minecraft servers but some Enterprises were also on with ransomware with this vulnerability but we are not interested in that one right now yes so but it's live Okay okay something is going on we will see uh let me add some music maybe that helps anyway uh one of the best uh modes I really like in Minecraft are the X-ray mods where you can uh filter out from the UI uh stuff like ground and hills and you can only see

the precious metal for example and this is how it looks like so whenever you are looking for gold or diamond or whatever you can use these x-ray mods to find this stuff and uh when it comes to building uh with Minecraft people can get uh really crazy and I like that uh for example this was like a wave synthesizers uh where with the it only used Minecraft logic but uh these uh colorful blocks uh were doing this wave movement it was really nice uh if you are into graving uh bases then you can build this uh bomber which will uh send a lot of TNT uh to the ground so it's really really effective if you want to build a

calculator with uh Minecraft then clearly you can do that it will take some time but uh you can figure this out or if you have all the time in the world you can also create a quad core computer uh I tried to understand how this works and uh I have to admit that I have learned more from this than at the University because at the University no one told me how computers work but this stuff this was really really good and uh I understood a lot of things from it yeah no life Dem moves can we maybe try this I'm sure it will not work anyway uh my only problem with Minecraft is that uh now there is an

entire New Generation who believes that downloading and running jar files from random servers is okay it is not so please do not do that uh but uh I think uh Minecraft hacking is uh one of the best ways to teach kids on how you can hack stuff and uh things do not work always as the developers intended so if you have kids and you want to teach them hacking I think Minecraft hacking is the way to go and uh sorry no live demos for you but uh that's all all I wanted to share with you and um maybe you have some questions thank

you Minecraft questions anybody yep

so you mentioned that there are uh mappings uh for the ofos skate in the Minecraft files uh and uh if I remember this correctly the community community also has uh mapping files as well uh are these uh intercompatibility [Music]

uses this mapping like uh that's the def facto everyone started building on this everyone understand this so people are using just this one as far as I know okay thanks anything else at this time no it would appear not thank you very much thank you as always thank you