Avicus Archive

Myth Busting: Hackers by Xvius August 10, 2014 at 4:08 AM UTC

So as the thread title says, we are going to be doing a bit of "myth-busting" regarding hacked clients. To any educated human being, things like this *should* be apparent, but anyway I shall continue on.

Background

This is just some background as to why I'm doing this. People in chat all the time say "Omg he 1 hit me, he hacks" or "He has diamond armor as a recruit, he haxs." Now, i know, this is just a young one who doesn't know much about what is and is not possible on a Minecraft Multiplayer Bukkit Server. It is just quite sickening, getting the same thing over and over in chat, its like a broken record and quiet honestly ruins the fun on a server when that's all you read.

What is a hacked client?

A Minecraft "hacking" client as they are called, are used to gain a Variety of advantages over other players, through the use of malicious mods, that most call "hacks". Such hacks include BUT are not limited to

Kill-Aura - Better known from the hacked client Nodus as Force-field. This is an auto-attacking hack, being able to hit out of range of normal distance, and at speeds not possible.

Nuker - Basically an auto-block breaker, but breaks blocks at a faster rate.

Sprint -  While not all people who sprint hack, if they stand still, or constantly sprint (as in stop-go motions) this is apparent. This sprint while not technically game breaking, can be used for laziness and also to gain a speed boost (in Nodus their is a sprint mode for fast, which makes your run slightly faster than normally possible)

Criticals - This hack is quite hard to detect at most times, but is apparent if the user always deals Critical hits while barely jumping or even not jumping at all. Nodus never had this feature, so it was nothing they never needed to worry about.

NoKnockback - If you cant guess what this is, the user does not take any knockback damage when hit. Pretty obvious.

Fullbright - Makes it so their is no darkness

Xray - Renders only ores user wants to see, mainly used for finding diamonds or chests.

Tracers/ESP - Draws a line from user to a player from the middle of the users curser. and ESP just highlights a box around other players.

NameTags - Makes name tags bigger for the user to find players easier.

Teleport hack -  Teleports user to a specific area that was designated ***PATCHED BY BUKKIT AROUND 1.3***

Godmode - ERMERGERD WUT? Not what your thinking, with godmode, once toggled, your player is frozen in place, and just sends keepAlive packets to the server and denys hit packets. Luckily, NoCheatPlus caught up and patched this hack, so even toggleing this, the user will be frozen, and will take hits every few seconds if continuously hit.

Regen - This hack practically makes someone invulnerable. It acts as a fast-heal and heals the player when not hit. NC+ has affectively blocked this hack, but at one point it was possible.Mainly Private clients had this, and was not a big feature in Nodus or any Public client until up and around 1.5.2, at which point, the hack was blocked.

NoSlowDown - This hack is not actually a Sprint hack and what your seeing is Nodus Sprint hack (as I've explained Nodus keeps you running). NoSlowdown is Bassicly not slowing down for Cobwebs, in water, or on soul sand. This hack is indeed nerfed, so even using it, you throw checks by NC+. The Sprint and hit is also blocked by NC+ under the "Improbable: player has failed the improbable more than expected" check.
***Thanks Source_Of_Storms for this hack inclusion!***

VClip - The short name for Vertical clipping, is bassicly like a NoClip but only on the Y axis. This worked for quiet some time on bukkit servers without NC+ but is since patched by both NC+ and the Bukkit server itself, setting an alert off that a player made an illegal movement. This hack used to be used to clip into peoples bases, steal their items, and leave.

Freecam - This acts as an "out of body experience" allowing the player to fly/wander around within their render distance without actually moving or being known that they are their. Sadly this is unpatchable as it is all client sided. This in conjunction to cavefinder helps hackers find bases.

Step - This hack allows players to hop up one high blocks without clicking the space bar. This hack was patched within the Nodus client, but other clients that have it have a somewhat bypass to it. Though slightly useless this hack allows players to gain a slight upperhand while climbing long hills.

Waypoints - This hack allows the hacker to pinpoint an area and have a client sided tracer (sometimes designated with a specific color) added while this hack is enabled, allowing them to easily find where they are going.

Fastplace and Speedmine - Im going to kill two birds with one stone on this one. These two hacks do exactly what they say, enable the player to fastly placed blocks (somewhat checked by NoCheatPlus!) and SpeedMine, which allows players to break blocks slightly faster than the normal. Vanilla has blocked the ability to speedmine to an extent, and in conjunction with NoCheatPlus, makes speedmine pretty much patched (hackers are still able to break blocks faster, depending on their minespeed they set, but eventually is caught by how NoCheatPlus handles the check, which is check minespeed over X ammount of blocks and comparing it to what should normally happen.)
Sneak- This hack allows the player to be sneaking, but move at normal speed. NC+ has patched this version of sneak, and the only other sneak makes it like your holding sneak, sort of like the Better Sprint Mod, but with sneak. The "bypassed" version is unpatchable as its simple just making you hold shift when your not, while the other NC+ blocks because of the fact you move faster then you should be, falling under their speedhack check.

STP  - This hack is a new one, that is quite interesting to say the least. The Initials stand for "SpawnTeleport" and does such. I'm not sure about the inner workings of this one, but at the moment, when a player types that in as ".stp" in a client, it will kick the player for the message "Nope!" and spawn them back at the spawn point. This doesn't seem like such a big deal, except it bypasses PvP logging plugins and makes the timer for teleportation useless.

BowAimbot - This hack takes advanced calculations into effect, importing the equation the vanilla minecraft gives for Projectiles, and makes it so you lock on to an entity, then aim just the right amount above them to beable to hit them (in Nodus it was silent, so it just kind of did its own thing). This hack is one of the more useless ones suprisingly, because moving around completely breaks this, along with the fact that the Aimbot included in such hacks, aim for the middle of an entity, so hidding partially behind a block breaks this hack also.

Derp/Retard Mode - This hack is one that makes your player go all well... retarded. It sends random hit/look packets to make your player "spaz out" (on everyone elses screen) but on your screen it looks normal. There are versions of this hack that are specific, Such as: turning your head inside out, Stare (Ingame you will be looking one way, but on your screen your not) and ones that just make you "spaz out" for lack of a better term. This hack really is not game breaking, and is more of a "why not" kind of hack, and can be easily replicated without the use of Nodus or any other client that has a retard mode in it.
*** Thanks to DystopianCupcake for this hack inclusion!***

Enderport - This hack I personally have only seen in one client, and it made it so when you got hit (or were about to get hit, something along those lines) you would be teleported behind said player. This hack is mainly a PvP hack, and i would assume NoCheatPlus blocks this hack, because of the teleportation part of the hack.

LSD - This hack is client-sided and makes your screen go all crazy, whether its just making the screen flash different colors, to zooming in randomly/crazily, to actually changing the colors of blocks themselves randomly. This hack is pure uesless and is mainly added because developers of clients get bored and want to add something stupid in.

Radar - This hack allows players to know where other players are (assuming said player is within Render Distance of the user!) and know exactly how far away they are. This hack would be sort of game-breaking because of the fact if your hiding, they would know where you are, and how to locate say a base of some sort. There is no practical way to patch this, as its just getting entitys within the renderdistance and getting the location of said players

Nametags - This hack (mainly seen within Nodus, but can be seen in other clients) allows the user to know where other players are by increasing nametag size, so you can see their nametag outside of Vanilla range. Most Nametags have a built in option that shows if the player is sneaking (by changing their nametag to say red (or something along those lines). This, like radar, is practically unpatchable because it is client sided and theres not much you can do about that.

Creative Control - Imagine this as bassicly automated destruction. What this does is allow people to select two areas to create a region, and makes the player automatically destroy everything in that area until that area becomes air. This hack doesn't bypass NC+ in the one client that it is in at the moment so their is no reason to fear it.

Invsee - Normally a moderation tool, lately clients have been able to tweak the system and gain access to what players have in there hand and what they area wearing ( so instead of seeing someone in enchanted diamond, and he says he has full IV and a sharp V sword) said player can .invsee him and see what his sword, and his armor really hold. The thing about this, is that it does not allow people to see what is in the rest of the inventory, only what the server sends to the client (so in laymans terms, what they are holding, and their armor)

Autosoup - With the addition of your KitPvP server, i thought this would be a great thing to add, so people know what to watch for, though if im incorrect, you guys had the plugin the entire time. Anyway, this hack allows players to bassicly do nothing and beable to fight as the client soups for them, making them have a HUGE advantage over normal players. This hack is pretty easy to detect as if a moderator /invsee's you it will show your soup being used from your inventory. This hack allows players on a KitPvP server with soup to become practically unkillable, and is normally combined with Killaura and an Autosword/Autotool to become a killing machine. its quite easy to notice because if you go up and hit someone and they instantly soup, you can assume they are using the hack.

Teleportation V2: Recently through the hacking community people have found a simple way to bypass the way Bukkit/NoCheat patched teleportation. Needless to say NoCheat blocked this method (as thy do) but its still out there. They did this by placing a boat and sending the teleportation packet then instantly breaking the boat they were in. Recommended update of NC+ to newest version ASAP.

Trigger Bot - This hack is pretty much a "legit" kill aura. It will only attack players your crosshair is looking at, unlike the most killauras, it will not attack surrounding players.

Exploits

Faction Finding Exploit: Yes, there is one, and yes, it is opperational. I actually know quite a bit about this exploit, but I won't be going over much of the specifics other than this exploit allows for quick teleportation to around the map while using the /f map function of factions to be able to map out factions VERY quickly.



---What Hacked Clients Cannot Do---

Given certain circumstances are true, yes a hacked client can spawn items in (if the player is OP'ed and so on and so forth, but for this example, we will be using Recruits or the Default rank of a server)

*Force-Op - No, their is no such thing as a force-op hack, but with the assistance of a poisoned plug-in (a plug-in that was coded and designed to read chat messages, so for example if i had a plugin that reads chat for #opme and i say that, the plugin will run the command, but other than that, you cannot just force op your name on that) Notch made sure of that.

*Spawn items in hack - While there are mods like TMI, NEI, CJB and all those good things, that allow for a quick select of blocks to be spawned in, each one requires Operator status on a minecraft server, because they are simply macros for the command /give (insert player name) (insert id that was clicked on) (insert amount) *default 64 stack*

*Enchantment Hack - This one is a bit rough. Yes, there are actually enchantment hacks out there, but they all require Creative mode to use, mainly because of the way Creative works you can do whatever you want to an item, however you want. In Vanilla/Bukkit Survival Multiplayer no, its not possible to use an enchantment hack. Sorry fellas :c

*One Hit hack - Ah the infamous 1 hit hack. No, such thing is not possible, as damage is dealt server-side or as MyPictures (one othe the developers of NoCheatPlus) has called it, The "safe" side. The server will deny any attempt to deal more damage than possible, though there is an exploit roaming around about forcing and enchant through, alas, you need creative to be able to do that, as stated above in the enchantment hack portion of this sub-section

*Reach Hack - This one is Iffy. Yes, a client can take advantage that the fact Bukkit only checks if the player is within about 6 blocks of an entity before hitting/interacting. but NC+ has knocked that range down to about 4.25 blocks (this is due to accounting for lag) while the vanilla fight distance i believe is at 3.5 blocks. While it is an advantage, heres the question, would you rather be whacked at 6 blocks, or 4.25 where you still have a chance. I know i would choose the latter option...

---Hack Detection (by the player)---

Most players accuse other players of hacking for doing something out of the normal, fair enough... But what can really prove a player hacking? I have seen multiple screen-shots on this website with Screenshots, saying the user is using Aim bot/FF. Now, hold up now! a Screenshot wouldn't be enough to prove that, a video would be more appropriate.



---Evidence---

Screenshots - While screenshots of Fly hacks and of Sprint hacks would be easy to point out, pictures of Kill Aura/Aimbot (as i said above) are pretty pointless because its just a player hitting you, and even if said player is out of range, who;s to say they didn't swing their arm, and you got hit from the back?

The Skype Method - Aka Screen share me. Everybody thinks by that looking on someones screen, and looking for that one button that says "Disable Nodus" can prove people as hackers. Their are plenty of other clients out there (Weepcraft, Kinky/Xenon, Huzuni) that are run off of chat based commands (like saying .friend add in chat would not pop up in chat, but would return client sided for that one player and he would be able to use the hacked client that way. Now your thinking, OK so he screen shares me and i have him type .help or something... *WRONG*. While this may catch some un-thinking hackers, such as the 12 year old's that use clients, some clients change command prefix's when you enter .legit mode, making it that much harder to be able to detect, and let alone that, .legit mode practically deletes any trace of there ever being a hacked client by simply looking on the screen.

While your attempt at weeding out the hacker that way would be successful for two clients (Weepcraft and Nodus) the only sure fire way to check, would be (while they are connected to the server at the time of questioning) make sure they do not disconnect, and have them show you there .bin folder for any sort of folder labeled differently than you would normally see.
This folder will be called the clients name, so if a user has used Nodus, Weepcraft, Proximity, Cobalt and Huzuni there will be folders in there called "Nodus" "WeepCraft" "Proximity" "Cobalt" and "Huzuni"

---Hack Prevention---

Ah, what stops these hacked clients from running around and terrorizing us on the server D: . Well my good fellow readers if you made it to this point, Hack Prevention on Vanilla Minecraft was implemented (poorly, but was still implemented) and even Bukkit does not patch minor hacks as they quote on quote "don't want to become the anti-cheat solution." Fear not though! NoCheatPlus, AntiCheat, and a private plug-in called KNoHaxs are out there to stop hackers in their track! While not perfect, they act as filters by the packets (how clients interact with the server) for malicious content. So by using these packets, they can basically say "hey this user was 7 blocks away and trying to hit that entity (entity being a mob, a player, etc...) and will stop that. While Cheating will always have the advantage on these anti-cheat plugins, they can defiantly tone them down a bit, making hacking alot less "successful" in its endeavor to ruin a regular players game.

and all of the Skydoesminecraft Servers do run NoCheatPlus, what i consider the lead in Hack Prevention. A basic List of what NoCheatPlus blocks.

*Fly hacking (there is a loophole to this, but i will not say in this review, @MyPictures said they will not be checking for a certain kind of slow fall because of the ridiculous effort on NC+ (NoCheatPlus) side just to be able to patch this one thing. but you still take fall damage, so that;s why he does considers this one useless
*Kill aura Reach
*Improbable check (seeing if the user is sprinting while hitting an entity)
*Forced Criticals (while on the ground, dealing damage)
*Speed/Timer Hacks
*NoFall
*Jesus/Dolphin (Basically Water-Walking Hacks)
*And much more!

NoCheatPlus is used to "fight the various flaws and exploits in Minecraft" and they do it quite well.

A link to NoCheatPlus' dev.bukkit page, incase you want to go check it out yourself and read up on all the things that it blocks!
http://dev.bukkit.org/bukkit-plugins/nocheatplus/


---Conclusion---

While yes, Minecraft hacked clients are a menace, Minecraft hacked clients cannot do what some people believe are possible in game, such as enchanting, hacking accounts, force oping themselves, and all that. Nodus was a big problem because it was famous, and as of 1.6.2 is discontinued, but some people believed that it was the deadliest tool in Minecraft, being able to do things that, quiet frankly, are ridiculously impossible. Client sided hacks, are not able to be stopped by things such as Xray,ESP,tracers and all of those hacks, but the minute the client needs to send packets to the server, you can begin to fight said client in the ways it acts.

While some hacks are possible, such as those of Killaura/Forcefield, Mini-Jump Criticals, flight, Nuker, Tracers/ESP, Sprint, and all of those ones i listed, it is NOT possible for the things i have listed under unable to be possible to be done, without the assistance from the server itself (which requires OP status on a server, or a poisoned plugin, as mentioned)


-Thanks for reading, hope you actually learned something :)

Xvius August 10, 2014 at 4:08 AM UTC

Actually, can someone move this heap of words into another discussion section. Thanks

BOSS_Turtle98 August 10, 2014 at 4:08 AM UTC

Wow, that's quite the wall of text there. Too bad just about all of the players that need this guide will never read it. :c

Xvius August 10, 2014 at 4:08 AM UTC

Ok

Netuxx August 10, 2014 at 5:08 AM UTC

I read almost all and wow. It's perfect.
The format is quite poor but keeps being really awesome and seems like you take your time for it. You should make a Guide at the top of the page =)

ImJeezus August 10, 2014 at 5:08 AM UTC

You missed Click Aimbot, BreadCrumb, Spider, and Glide.
Edit: Also FastConsume

Numberz_ August 10, 2014 at 6:08 AM UTC

You missed Click Aimbot, BreadCrumb, Spider, and Glide.
Edit: Also FastConsume
What is BreadCrumb?

Porkyyy August 10, 2014 at 6:08 AM UTC

What is BreadCrumb?
It makes a trail after you wherever you go, so that you never get lost, and always find your way back to where you want to be.

Puffhand August 10, 2014 at 6:08 AM UTC

You decided to write an essay.

HereIwas August 10, 2014 at 6:08 AM UTC

I am not reading this,,. please i am not a good reader...
why, indeed yes.

Kels August 10, 2014 at 6:08 AM UTC

A popular hacked client is a kronos, a hacked client that includes crit hacks.

Riskayyy August 10, 2014 at 6:08 AM UTC

Do I have permission to make the OP readable in terms of layout?

Xvius August 10, 2014 at 9:08 AM UTC

Sorry guys, I forgot to put the main words into bold. It maybe hard to read for some of people. Thanks.

Xvius August 10, 2014 at 9:08 AM UTC

jozzmccozz yes

Buster_U August 10, 2014 at 12:08 PM UTC

This just got Busted ;o Soz I had to say that.

Xvius August 10, 2014 at 2:08 PM UTC

Ikr, it's like biohazard. Wtf? I don't even know. I'm busted.

_Phyre August 10, 2014 at 2:08 PM UTC

Idk why they have full bright... if they are 5 year olds who dont know Gamma in your MC settings, then yes........ But u can turn gamma on...

Popular hacked clients:
1.Nodus (Forgoten)
2.Huzuni
3.Kronos
4.SIGMA
5. Yodus (Better than Nodus)

WordlessGeek August 10, 2014 at 3:08 PM UTC

No such thing as teleportation hacking.

Netuxx August 10, 2014 at 4:08 PM UTC

I forget to say there is a hack called RapidFire that shots instantly arrows with higher velocity. I have seen this like 3 times.

resepignev August 10, 2014 at 6:08 PM UTC

There is an new hacked client :O It's called "Flare". It's like Nodus but better (I don't use this, I only saw the GUI.)

BoldAndBrash August 10, 2014 at 6:08 PM UTC

I forget to say there is a hack called RapidFire that shots instantly arrows with higher velocity. I have seen this like 3 times.
Mineverse  has 80 people using that every day in op pvp....

puffytrn5751 August 10, 2014 at 6:08 PM UTC

took a while to read, but was very useful(:

resepignev August 10, 2014 at 6:08 PM UTC

I forget to say there is a hack called RapidFire that shots instantly arrows with higher velocity. I have seen this like 3 times.
I saw someone using this on Avicus. I reported him, the reason was "looks like he is using a machine gun" :D It was quite funny. Killerbye was coming and asked me a machine gun? I showed him the player and banned him for "machine gun hacks" :D

Xvius August 11, 2014 at 12:08 PM UTC

LOL

Sphrynax August 11, 2014 at 12:08 PM UTC

ermagerd, wat did I just read.

0_0


Bootiful.

KalinD August 11, 2014 at 1:08 PM UTC

Nice work m8!

_Phyre August 11, 2014 at 1:08 PM UTC

Ahem.... Reach hacks are not a thing.............
And the only reach you can assign is Kill aura of the distance you want the kill aura to hit... Other than that they dont exist

FileDotZip August 12, 2014 at 3:08 AM UTC

Well well well, now it seems we have some players who know quite alot about different hacks. Care to explain? xD jk

Emmaye August 12, 2014 at 4:08 AM UTC

Kronos, Weepcraft, Xenon, Nodus, Resilence, Hunzi are all clients.
EDIT- you should include AutoJoin

resepignev August 12, 2014 at 4:08 AM UTC

Kronos, Weepcraft, Xenon, Nodus, Resilence, Hunzi are all clients.
EDIT- you should include AutoJoin
(This is not advertising I think. If yes remove it pls) Look at mchacks, sooo much hacked clients :( I typed in google "minecraft hacks 1.7.9" such a shame, why does somebody something.. I mean coding hacked clients?

Emmaye August 12, 2014 at 6:08 AM UTC

(This is not advertising I think. If yes remove it pls) Look at mchacks, sooo much hacked clients :( I typed in google "minecraft hacks 1.7.9" such a shame, why does somebody something.. I mean coding hacked clients?
ikr +1

Blackjack_MC August 14, 2014 at 12:08 AM UTC

lol here's a hacker: https://www.youtube.com/watch?v=Eli5x6gtgUU&feature=youtu.be

DonaldMyTrump August 14, 2014 at 12:08 AM UTC

Post that in the Player Reports section of the forums

Blackjack_MC August 14, 2014 at 12:08 AM UTC

I tried. It was locked.

Blackjack_MC August 14, 2014 at 12:08 AM UTC

I needed to do it quickly... I apologize for not doing it correctly... Hopefully the player still gets dealt with...

Xvius August 14, 2014 at 7:08 AM UTC

Ok guys, Soz. I am new to this forum. I don't realy know which place I'd have to post. I'll try to be more careful.