Any there any plugins that provide protection against coordinate exploits?
I’ve got an SMP. I believe I’m having some issues with a coordinate exploiter. With it being a new server, it’s relatively easy to do things like “chunk tracing.”
I’m looking for an ideas to provide at least some protection against coordinate exploits. Thanks.
I’m running the latest stable version (1.21.3) of PaperMC.
20 Replies
Thanks for asking your question!
Make sure to provide as much helpful information as possible such as logs/what you tried and what your exact issue is
Make sure to mark solved when issue is solved!!!
/close
!close
!solved
!answered
Requested by quanto_#0
Any ideas what coordinate exploits are they using?
Best guess is what I call “chunk tracing.” This is where they identify already-loaded chunks to find people who go far out.
is this similar to an old 2b2t technique where bots would click in far out chunks and would identify loaded chunks if it returned a success
That’s not a coordinate exploit exactly
Not just similar, it seems to be basically exactly that.
You're thinking of the NoCom exploit.
yep
And I’m not sure those can be mitigated
Usually those are “patched” when a new version comes out and changes the protocol, but they develop a new one
I was sure that was patched ages ago
(nocom)
It was, yes.
If there's a NoCom2.0 then we have another method by which they can return active chunks.
Tbh, more than nocom, the issue the op mentions sounds more to regular chunk trailing
there was one in purpur where you could send a custom packet related to bees, not sure if it was ever patched/doable in paper tho (not sure it gave loaded chunks status, or if it just loaded em)
could also be used as crash exploit
For the issue they’re describing and the version they’re in, probably the user is using palette to chunk trail
I think that exploit worked differently
Are there any effective countermeasures?
None than I'm aware of
That's the kind of thing you should manage via server rules
Like "not allowed to chunk trail using hacked clients"
People do similar stuff in semi-anarchy servers when they prohibit the use of pie-ray, there's also no way to counter that, so it's just on the server rules
Alright. It’s just one of those things that’s hard to prove.
You can install the meteor client to render the chunk trail, you stay in vanish and if the player follows the trail exactly, it is very likely they're using it
It is available for the TrouserStreak addon, exactly for the version your server has
Only useful if they're just following a chunk trail like you suspect
If they're using an actual coordinate exploit like the already patched nocom, then this will not work for you
no
chunks trails still exist, as in, you can detect if a player has previously loaded that chunk and moved in that direction
nocom is entirely different
you need to be at that location to figure that out, though