Malicious mods on Xanadu?

Post Reply
gaf99
New member
Posts: 7
Joined: Sun Nov 22, 2015 17:53

Malicious mods on Xanadu?

by gaf99 » Post

I was playing on Xanandu server when another player dropped several books. When I opened the book https://i.imgur.com/oPJtgS3.jpg it contained 11 pages of what appeared to be java code. The other players and I began to lag, so I logged out, ran a virus scan, check firewall log ect.. found nothing. I contacted the sever admin TenPlus1 and expressed my concern and gave him/her the location of the book, no response other than finding my account banned the next day. I was unable to get any answer from mods or the server admin in reference to the suspicious book. My question and concern is if it's possible for a skiddie to add their code to minecraft items and use as a exploit, do devs audit the code of mods? I'm not a programmer or very tech savvy, but the entire situation seems very odd to me. I run the 0.4.13 version ,no mods added by me on client side, and have had no other glitches other than when I opened this book. Thanks

User avatar
TenPlus1
Member
Posts: 3715
Joined: Mon Jul 29, 2013 13:38
In-game: TenPlus1
Contact:

Re: Malicious mods on Xanadu?

by TenPlus1 » Post

These are just hoax books made to worry players on server, they cannot harm either the server or the players machine since text is read only and does nothing else.

User avatar
kaadmy
Member
Posts: 706
Joined: Thu Aug 27, 2015 23:07
GitHub: kaadmy
IRC: KaadmY
In-game: KaadmY kaadmy NeD

Re: Malicious mods on Xanadu?

by kaadmy » Post

gaf99 wrote:what appeared to be java code.
Minetest is written in C++ and Lua, no Java here.
gaf99 wrote:add their code to minecraft items and use as a exploit
This isn't Minecr**t, it's Minetest.
gaf99 wrote:do devs audit the code of mods?
Nope, that's the problem of the server owner.
gaf99 wrote:no mods added by me on client side
Minetest has no client-side mods yet, mods are run completely server-side.
Never paint white stripes on roads near Zebra crossings.

Pixture

User avatar
maikerumine
Member
Posts: 1420
Joined: Mon Aug 04, 2014 14:27
GitHub: maikerumine
In-game: maikerumine

Re: Malicious mods on Xanadu?

by maikerumine » Post

gaf99 wrote:I was playing on Xanandu server when another player dropped several books. When I opened the book https://i.imgur.com/oPJtgS3.jpg it contained 11 pages of what appeared to be java code. The other players and I began to lag, so I logged out, ran a virus scan, check firewall log ect.. found nothing. I contacted the sever admin TenPlus1 and expressed my concern and gave him/her the location of the book, no response other than finding my account banned the next day. I was unable to get any answer from mods or the server admin in reference to the suspicious book. My question and concern is if it's possible for a skiddie to add their code to minecraft items and use as a exploit, do devs audit the code of mods? I'm not a programmer or very tech savvy, but the entire situation seems very odd to me. I run the 0.4.13 version ,no mods added by me on client side, and have had no other glitches other than when I opened this book. Thanks
That is not code.
That is not book.
You are trolling and starting drama on a great server.
Return 0
Talamh Survival Minetest-->viewtopic.php?f=10&t=12959

User avatar
rubenwardy
Moderator
Posts: 6972
Joined: Tue Jun 12, 2012 18:11
GitHub: rubenwardy
IRC: rubenwardy
In-game: rubenwardy
Location: Bristol, United Kingdom
Contact:

Re: Malicious mods on Xanadu?

by rubenwardy » Post

1. Java and Javascript are different.
2. This is not MCPE
3. That is not code, it's an error backtrace.

Java:

Image

Javascript:

Image
Renewed Tab (my browser add-on) | Donate | Mods | Minetest Modding Book

Hello profile reader

gaf99
New member
Posts: 7
Joined: Sun Nov 22, 2015 17:53

Re: Malicious mods on Xanadu?

by gaf99 » Post

That is not code.
That is not book.
You are trolling and starting drama on a great server.
Return 0
No, this is a concern of security and privacy with me, and I would like to stay within the context of this post rather than defend against childish accusations of being a dramaqueen, thanks. The image I provided is indeed that of a "book" I cropped to hide names of other players visable in the full size.

User avatar
TenPlus1
Member
Posts: 3715
Joined: Mon Jul 29, 2013 13:38
In-game: TenPlus1
Contact:

Re: Malicious mods on Xanadu?

by TenPlus1 » Post

OK, let's put this scare tactic to rest... I audit every mod that is run on Xanadu server and a simple book containing text of any kind, language or program will do NOTHING to the game/system it's viewed on.

User avatar
kaadmy
Member
Posts: 706
Joined: Thu Aug 27, 2015 23:07
GitHub: kaadmy
IRC: KaadmY
In-game: KaadmY kaadmy NeD

Re: Malicious mods on Xanadu?

by kaadmy » Post

TenPlus1 wrote:[...] will do NOTHING to the game/system it's viewed on.
AFAIK, the server can't force the client to break anything.
Never paint white stripes on roads near Zebra crossings.

Pixture

User avatar
Hybrid Dog
Member
Posts: 2828
Joined: Thu Nov 01, 2012 12:46
GitHub: HybridDog

Re: Malicious mods on Xanadu?

by Hybrid Dog » Post

kaadmy wrote:
TenPlus1 wrote:[...] will do NOTHING to the game/system it's viewed on.
AFAIK, the server can't force the client to break anything.
Once on the VaE vanilla server there was a sign.
When you looked at it, which usually makes the infotext become shown, your minetest crashed.
If you joined again on the server, your position, yaw and pitch were saved, you crashed again.
Thus you can't longer play on this server with your playername.

And recently there was a change that server owners can't longer find out passwords of players of their servers l think.

‮‪‮
‮‪‮
‮‪‮
‮‪‮
‮‪‮
‮‪‮
‮‪‮
‮‪‮
‮‪

User avatar
kaadmy
Member
Posts: 706
Joined: Thu Aug 27, 2015 23:07
GitHub: kaadmy
IRC: KaadmY
In-game: KaadmY kaadmy NeD

Re: Malicious mods on Xanadu?

by kaadmy » Post

Hybrid Dog wrote:
kaadmy wrote:[...]
AFAIK, the server can't force the client to break anything.
When you looked at it, which usually makes the infotext become shown, your minetest crashed.
Hmm, that sound like a rather annoying bug, and I've never seen it before. Wonder how he figured out how to crash it via text in the sign.
Never paint white stripes on roads near Zebra crossings.

Pixture

gaf99
New member
Posts: 7
Joined: Sun Nov 22, 2015 17:53

Re: Malicious mods on Xanadu?

by gaf99 » Post

TenPlus1, Please don't take this personal, with all due respect, I don't know or trust you. Coming here and seeing that you have a talent for developing mods, coupled with the communication failure between us on the server ( book related), I became more suspicious. I simply mailed you the location of the book with a brief description of what happened. Without dragging out the issue, and following advice from a moderator to wait and talk to you or another admin , I found my account banned. I made a new account and was told by a mod "something about virus book drama" and to speak with you or another admin. When I finally reached you on the server I was banned again within seconds of asking about the book. This action seemed defensive and made me even more suspicious. I don't think it's unreasonable for me to seek advice about a item that has nothing to do with normal function of the game. I'm not here to debate my ban, or make friends. I simply want to shed some light where there is none, and possibly prevent a skiddie rampage from harming anyone else. Note that the book was 11 pages, and the average user can't copy paste from desktop to app, so "nothing to worry about" didn't do it for me. Sorry if I'm just some idiot, but it freaked me out, and I went through a lot of trouble. So there it is, I'll leave it to the pros. Thanks

User avatar
Don
Member
Posts: 1643
Joined: Sat May 17, 2014 18:40
GitHub: DonBatman
IRC: Batman
In-game: Batman

Re: Malicious mods on Xanadu?

by Don » Post

I can not speak to the book incident but I would like to add my thoughts. I have had dealings with TenPlus1 a number of times. I have read a lot of the forum. From what I have seen, TenPlus1 is one of the most trustworthy people on here. He has added a lot to minetest and is more then willing to help people out. I have seen no actions that would show that TenPlus1 would do anything malicious.

As for code in the book, do not under estimate people. Some people have plenty of time and a bad attitude. They are willing to go to extremes to mess with others. It would not surprise me if someone wrote 11 pages of stuff. They may have found a way to add text to the book using shortcut keys or a script on their computer.

I can not see any way for that code to do anything to a computer. After around 2 years of being involved in Minetest I have not seen anything that would mess up my computer. When people post mods to the forum they are quite often reviewed by other developers. I personally have had developers reply to my mods with comments about my code. They had reviewed it and let me know of problems. I have reviewed peoples code. We help each other out all the time. The chances of a mod being malicious is very unlikely on the forum. If someone tried to it would most likely be seen within a few hours and be called out for it right away. I have not seen this happen yet. Not sure if anyone else has seen a malicious mod posted here.

To sum up what I said, you have little to worry about and I believe TenPlus1 is someone that can be trusted.
Many of my mods are now a part of Minetest-mods. A place where you know they are maintained!

A list of my mods can be found here

User avatar
IceAgeComing
Member
Posts: 123
Joined: Sat May 17, 2014 21:19

Re: Malicious mods on Xanadu?

by IceAgeComing » Post

I am rather interested to know
who wrote the book? Do you happen to have screenshot of it?

User avatar
Don
Member
Posts: 1643
Joined: Sat May 17, 2014 18:40
GitHub: DonBatman
IRC: Batman
In-game: Batman

Re: Malicious mods on Xanadu?

by Don » Post

Screenshot is in the first post
Many of my mods are now a part of Minetest-mods. A place where you know they are maintained!

A list of my mods can be found here

User avatar
IceAgeComing
Member
Posts: 123
Joined: Sat May 17, 2014 21:19

Re: Malicious mods on Xanadu?

by IceAgeComing » Post

Don wrote:Screenshot is in the first post
The screenshot in the first post is not showing who wrote the book. (at least i am not seeing it)
Every written book in Xanadu server shows wrote wrote it...so i am very curious to know who was the one trying to stir up the trouble.

User avatar
rubenwardy
Moderator
Posts: 6972
Joined: Tue Jun 12, 2012 18:11
GitHub: rubenwardy
IRC: rubenwardy
In-game: rubenwardy
Location: Bristol, United Kingdom
Contact:

Re: Malicious mods on Xanadu?

by rubenwardy » Post

Once again, the text isn't even code, it's an error traceback. It obviously faked, it talks about Javascript and then about Java. It also mentions MCPE.

On Linux, there is a bug where you can't copy and paste. On Windows you can.
rubenwardy wrote:1. Java and Javascript are different.
2. This is not MCPE
3. That is not code, it's an error backtrace.

Java:

Image

Javascript:

Image
Renewed Tab (my browser add-on) | Donate | Mods | Minetest Modding Book

Hello profile reader

Dragonop
Member
Posts: 1233
Joined: Tue Oct 23, 2012 12:59
GitHub: Dragonop
IRC: Dragonop
In-game: Dragonop
Location: Argentina

Re: Malicious mods on Xanadu?

by Dragonop » Post

Btw, you can copy-paste stuff, just select with shift+arrows, and then ctrl+c and ctrl+x, and you know the rest.

I don't know about coding myself, but I'm able to read code and undestand most of it, and that screenshot you took looks like an error message.

As Don said, TenPlus1 is a nice guy, and I can't think about he being some sort of baddie.

If you ran a virus scan, and stuff, if it detected nothing, not even a false-positive, there is nothing to worry about.
You also mentioned Minecraft, Java, client-side mods (those affect the multiplayer in Minecraft), this is starting to look kinda suspicious...

My last word is that somebody saw some kind of code that might break MCPE, and pasted in in a book; what an ingnorant "troll"...

gaf99
New member
Posts: 7
Joined: Sun Nov 22, 2015 17:53

Re: Malicious mods on Xanadu?

by gaf99 » Post

Dragonop wrote:starting to look kinda suspicious...
I've been playing minetest 1 month, "craft" was a simple typo. You're probably right about the crash for mineCRAFT attempt on the wrong game. My search results showed the error relates to a MCPE .apk file.
IceAgeComing, right, the book and it's title does show the user name. I viewed the list of players from this sites server list, he/she was logged in at least twice yesterday.

Post Reply

Who is online

Users browsing this forum: Semrush [Bot] and 9 guests