Server getting lagged by a player using some type of exploit
A player joins every once in a while(using multiple accounts/ip) and starts to insult others and lags the server with an unknown method to me(log attached, I am assuming it is some type of hack client/exploit)
It is not a server side bug because he claims to be doing so and bypasses the ban and comes back
From my understanding it is related to forcing the server to generate chunks that are millions of blocks away? What exploit is this and how can I prevent?
Solution:Jump to solution
yes!, its a funny exploit, basically asking the server the bee count requires the server to load it
62 Replies
he did not run any commands (at least from what I see in logs)
can you not ban the user?
you should be able to ban the username
they bypass it as i have stated above
using alts and other ip(probably vpn)
also i hope i can fix the exploit if possible
as that would permanently solve the issue
wow I have never seen something like that
my only solution would be keep banning his alts until he runs out
i don't know if there's a way to prevent a user from loading in chunks
the issue is it is not from properly loading chunks
as they are loading chunks millions of blocks away
while they are still at spawn, and there is a border too
right, thats what I'm saying is I don't know theres a way to stop that
hmmmm but how are they doing it though
if its a known exploit
there should be some patch somewhere around
no clue, some kind of client mod i'm sure loading the chunks in
Im not sure how hes doing it, but you could potentially get a chunk loading plugin and just load a bunch of chunks in and kinda beat him to it
its million of blocks away
but the loaded chunks are outside of the boarder as well
i cant load an entire 2 mill * 2 mill map lets say
and he can probably go further
so there would be no point loading all of those chunks in, it would be a waste of space
I hope your server is online mode? And this user just somehow has a lot of alts?
he probably has alts from these cheap alts minecraft sites
its probably not going to be infinity and i have no clue why he is targeting a really small server but even though its just every once in a while its still really bad for player experiences
but you are using online mode, riiiight?
ye
good
Reddit
From the admincraft community on Reddit
Explore this post and more from the admincraft community
any chance its this? just found it
could be
sounds like what you're experiencing
do you use an anticheat?
ye
what are you using
vulcan
and that doesn't help? weird
it says "survivalfly" from NCP is able to maybe block it from the post
A quick google search makes it look like Grim could be useful
"Some people have suggested that a possible solution is to use your favorite anticheat like Vulcan or GrimAC alongside NCP with survivalfly checks enabled. This might reduce the impact of the exploit, but itโs not a guarantee."
it doesnt really give a solution ๐ญ
You could try grim alongside vulcan, from a reddit post looks like you would want to "turn off Vulcan movement checks and grim combat checks"
but give that a try and see
can u send the link of the post
ty
here is what I referenced off of https://www.reddit.com/r/admincraft/comments/1cetcfv/what_anticheat_for_a_paper_server/?rdt=50457
Reddit
From the admincraft community on Reddit
Explore this post and more from the admincraft community
Not sure if lpx can cover this, buy maybe if it doesn't you can ask more about it in their community
Whatโs lpx?
An anticrasher
BuiltByBit
LPX AntiPacketExploit
#1 BuiltByBit Plugin ~ Protects your server from crash packet exploits ~ Folia Support
Ask first in their discord if this is something they can fix/investigate
Solution
yes!, its a funny exploit, basically asking the server the bee count requires the server to load it
it just doesnt
check
if its actually near the player
cant remember if theres a fix for that version
Just noticed it's 1.20, you think lpx covers this?
Wait thatโs actually so funny XD
yeah its used to load chunks far away, and a LOT of em
like its a chunk load per packet sent
and paper lets 400 packets a second iirc through
Ic
by default
Ty Iโll try
Because it's a basic ass exploit that wont work on any server w decent devs
cus people are petty against servers and owners they dont like so they will abuse whatever they can to fuck with them
Or its just some script kiddie who bought a $50 "crash client", wants to test it out and this is the only server where the more than public exploits work
try lightning grim too, i have heard good stuff about it (fork of grim + improvements)
does ur server run behind a proxy or anything
ye
velocity perchance?
yep velocity
works well for me
topaz does run behind a networking service, so all u need to do is make an account and setup the free plan for the token to put into config
proxycheck.io | official website
Proxy & VPN Detection API | proxycheck.io
proxycheck.io is a premium Proxy detection API with a full featured free plan. Try us today!
kk ill try
once u have all this installed and the same guy joins back, and if u have essentialsx on ur backend paper server, just run a simple
/banip <user>
bans the ip, uuid, and ur goodIs this any better than kaurivpn
sounds like what nocom did a while back
Never even heard of kauri
But topaz blocks literally everything from what I've seen, even blocked me at one point bc I didn't have bypass perm
GitHub
Fix bee count payload lag/crash exploit and make it configurable. b...
Just a quick fix. This is generally a questionable feature, nothing about it is documented and it validates nearly nothing. Players can spam custom payload packets targeting locations anywhere in t...
Will check out topaz then
try v4guard
#1 provider rn