Security Craft

Security Craft

53M Downloads

Critical bug !!

WelsyMC opened this issue ยท 6 comments

commented

Hi, sorry by advance for the english, i'm french ^^

Hello,

Recently, i found an exploit on Security Craft in all versions of the mods (1.7 - 1.12).
You have a packet called "PacketSetBlock", with another forge mod, we can use your network and send the Packet with our coordinates (like 232, 64, 230) and a custom id like diamond_block.
This exploit has been used on little servers but you might fix it because it can destroy spawns and bypass protections (if you need i can send you a video so you can understand).

Add me on Discord i'll accept you in a few hours
WelsyMC#1557

Wish you the best,
Welsy.

commented

Gg Welsy

commented

Le bug est pach!

commented

J'allais le faire mais bon ๐Ÿ˜…

commented

Hi! Thank you for reporting this to us. I'll be sure to fix it for the next version of the mod, however due to the fact that we are no longer supporting Minecraft versions below 1.12.2, it will only be fixed in 1.12.2.
I actually already fixed that exploit during the update to 1.13 (so any version above that does not have the exploit. There, we use a packet where the client simply tells the server that the player has toggled the camera's power), but I apparently did not think of fixing it in older versions, too.

commented

Hey, it's patch for 1.7.10 ?

commented

No. We no longer update the mod for 1.7.10.