├── Bypassing ├── Account Ipwh bypass .md ├── Authme Bypass.md ├── Commands exploitable ├── OnlyProxyJoin Bypass └── Uuid Spoff.md ├── Discovering ├── Ip Range.md ├── Ip resolving.md ├── Port Scanning.md ├── Shodan.md └── Subdomain Scan.md ├── Exploiting ├── Brute Force Login.md ├── Bungee Cord Hacking.md └── Rcon Brute Force.md ├── README.md ├── Resources ├── Clients │ └── SkillClient.md ├── Databases │ └── Provanas.txt └── Scanners │ └── Subdomain_scanner.md └── Social Engineering ├── Fake Login.md ├── Keylogger.md └── Plugin Poisoning /Bypassing/Account Ipwh bypass .md: -------------------------------------------------------------------------------- 1 | # Ip White List Bypass 2 | To perfom this attack, you need to infect the victims pc, get a reverse proxy of the victim, and then whit her ip connect to the server. 3 | This "attack" is called also as Reverse Proxy, and is really common to see it on RAT`s 4 | 5 | You can check the Quasar Rat to get the code of this payload, so you can get an idea on how its works 6 | https://github.com/quasar/Quasar 7 | -------------------------------------------------------------------------------- /Bypassing/Authme Bypass.md: -------------------------------------------------------------------------------- 1 | # Authme Bypass 2 | The authme bypass is really easy to do. 3 | 4 | Only works in old versions: 5 | 6 | Command exploit: /pswadminchange 7 | -------------------------------------------------------------------------------- /Bypassing/Commands exploitable: -------------------------------------------------------------------------------- 1 | This are some commands that can by used to get info about the server: 2 | /glist to list all members of the network 3 | / + tab to list al commands possible tu use 4 | /plugin to list all plugins in the server 5 | -------------------------------------------------------------------------------- /Bypassing/OnlyProxyJoin Bypass: -------------------------------------------------------------------------------- 1 | This is a old method, that only works to outdated versions 2 | In your client, change your ip to 127.0.0.1:22 for ex. 3 | And changing this you can bypass the only proxy join 4 | -------------------------------------------------------------------------------- /Bypassing/Uuid Spoff.md: -------------------------------------------------------------------------------- 1 | # Uuid Spoffing 2 | The UUID spoffing consists on spoof the uuid of the player when its join in a server. 3 | This exploit only works on logins systems that use the uuid to register/login the user. 4 | This was really used in the past, a few years ago, I am not sure if you will find servers that still having this vuln 5 | For more tehnical explication, you can check this link: 6 | https://github.com/wodxgod/Griefing-Methods/blob/master/Exploitation/UUID%20Spoofing.md 7 | -------------------------------------------------------------------------------- /Discovering/Ip Range.md: -------------------------------------------------------------------------------- 1 | ### Ip range scanning 2 | If you didnt read the e file, you might take a look it. 3 | Scanning just an ip, probably will not get any port. This is because the network have a dedicated ip for the servers. 4 | Most users buys a dedicated ip for each server for more protection. 5 | Lets put an eg: 6 | 7 | 192.1.2.3 -> 25565 service: Minecraft version: "Welcome to rinkcraft network" 8 | 9 | 192.1.2.4 -> 25569 service: Minecraft version: "Survival rinkcraft network" 10 | 11 | As you can see, the survival server of the network, have other ip and port. 12 | So, scanning an ip range, we will try to find the hidden modality. 13 | Eg of a ip range scan: 14 | 15 | nmap 192.1.2.* --open -p 25565 16 | 17 | In this case I am using nmap, but you can use other tools. 18 | What I am saying in the scan, is that to scan all the range of ips, and give me it the ips that have the 25565 port open. 19 | And then, you can manually check the ports to find the server of the modality. 20 | Now, doing this, you might find other servers/network that dont belong the network target, with 0 players, with other version, that you probabyly you are not interested. 21 | Here come Qubo scan to help, Qubo scan acts like a scanner and checker at the same time. Thats why I dont recommend you to use nmap. 22 | As I sayed, with qubo you can add arguments like min of players, version of the server, to clean the junk server. 23 | This with nmap, masscan, angry ip or other tools you cant. 24 | Other people, use the nmap to get ips with a specific port(s), and then, with her own checker, get the servers. 25 | This I will talk it on the future. 26 | ### Advanced ip range scan 27 | As I told you before, you can perfom a ip range, but you can expand the ip range for better results. 28 | Instead of using 192.1.2.* you can try with 192.1. *. * 29 | Expanding the range, you will get much more servers, instead using just a range. 30 | 31 | The bad of this types of scanning, is that will take a lot of time to perfom it. We are talking about 1 hour to scan that type of range. 32 | And having your pc on so much, idk that is a good idea. 33 | So, I will explain you, how to do it more easy and practical 34 | 35 | ### Using a vps to scanning 36 | Getting a vps is really easy. You can get a really cheap one for 2 3 $. 37 | If you dont wanna pay for one, you can try hacking some SSH server to acces them and build your scanners there. 38 | Your vps should be a linux system, to be more faster. 39 | Once you have the vps, you can now start to perfom the scan with the qubo scanner. 40 | Remember to save the procces in second plan, so when you close the ssh connection, the task doesn`t kill 41 | 42 | 43 | 44 | -------------------------------------------------------------------------------- /Discovering/Ip resolving.md: -------------------------------------------------------------------------------- 1 | # Ip resolve 2 | 3 | First of all, you need to get the ip of the network/server before you perfom a scan. 4 | For that, you can use this command on linux/windows: 5 | 6 | `ping hypixel.net` 7 | 8 | In this case, I am trying to get the hypixel ip. 9 | But remember, avoid scanning the following types of ip`s, because they are protected: 10 | 11 | - 104.* (Cloudfare) 12 | - 81.* (tcp shield) 13 | -------------------------------------------------------------------------------- /Discovering/Port Scanning.md: -------------------------------------------------------------------------------- 1 | # Port scanning 2 | 3 | The port scanning, is the most used when we are talking about of server grieffing. 4 | 5 | If you wanna start scanning ports on a ip or differents ip ranges, you shouldnt use the nmap. There are better tools to scan. 6 | ### Qubo Scanner 7 | Qubo scanner, is propably the most used scanner to scan minecraft ports. 8 | Qubo scanner have 2 types of the scanner, a gui, and one throught terminal. 9 | This is because you have better arguments when you wanna scan. With qubo scan, you can add some arguments when you are scanning like: 10 | 11 | `Players online` 12 | 13 | `Version of the server` 14 | 15 | And much more details... 16 | 17 | As you can see, qubo scan is a better option than the classic nmap. 18 | So, if you wanna try it, you can downlad it from here: 19 | Now, if you are scanning just an ip, you can use your pc, but if you wanna scan an ip range with a big range of ports, you should use a vps. 20 | Here a will explain more: 21 | 22 | ### Resources 23 | - [Qubo Scanner](https://github.com/replydev/Quboscanner) 24 | - [Nmap](https://nmap.org/download) 25 | -------------------------------------------------------------------------------- /Discovering/Shodan.md: -------------------------------------------------------------------------------- 1 | # Shodan discovering 2 | [Shodan](https://www.shodan.io/dashboard) is a really usefull tool to discover private servers. 3 | You can get a big list of minecraft servers around the world. 4 | Some shodan dorks to find minecraft servers: 5 | ` "Minecraft Server" ` 6 | ` "BungeeCord" ` 7 | ` port:25565 country:DE ` 8 | 9 | You can also use shodan to get some ip ranges, and then, scan them. 10 | -------------------------------------------------------------------------------- /Discovering/Subdomain Scan.md: -------------------------------------------------------------------------------- 1 | # Subdomain Scan 2 | Big networks use subdomains for the servers 3 | Some subdomains can be: survival. uhc. staff. 4 | If you hadnt luck by scanning ip ranges of a networt, you have this option. This attack is really good if the network has ip proteccion, by subdomain scanning you can get the real ip of the servers and open ports 5 | -------------------------------------------------------------------------------- /Exploiting/Brute Force Login.md: -------------------------------------------------------------------------------- 1 | # Brute Force Login 2 | This type of attack consists on brute force the password login to get it. 3 | Most of the logins systems had patched this types of attacks, but in plugins like Authme still working. 4 | To perfom this attack you can download the wurst client. 5 | This client have a option to brute force the login putting a command & diccionary. 6 | 7 | [Wurst client](https://www.wurstclient.net/download/) 8 | 9 | -------------------------------------------------------------------------------- /Exploiting/Bungee Cord Hacking.md: -------------------------------------------------------------------------------- 1 | # Bungee Cord Exploiting 2 | If you are wondering to use the bungee cord protocol to your network, that its a really bad idea. 3 | In this file, I will cover the most exploits that you can use to break this protocol. 4 | Let`s start. 5 | 6 | - How bungee hack actually works 7 | - md_5 nickname exploit 8 | - Low security agains´t port scanning 9 | - Login bypass 10 | 11 | ### How bungee hack works? 12 | 13 | ### md_5 nickname exploit 14 | With this nickname, you can get some commands, that a normal user doesn`t have. 15 | Such as: 16 | - /alert 17 | - /stop 18 | - /server 19 | 20 | ### Low security against port scanning 21 | Most of the servers that use bungee cord are realy weak against port scanning. 22 | They are better alternatives out there than can block some scanners. 23 | 24 | ### Login Bypass 25 | This only works on bungee cord servers with a bad login configuration. 26 | You need to connect with the owner account, and you will use the /server to jump into another server without being logged- 27 | And bum! Login bypassed 28 | 29 | -------------------------------------------------------------------------------- /Exploiting/Rcon Brute Force.md: -------------------------------------------------------------------------------- 1 | # Rcon Brute Forcing 2 | You can brute force this protocol using MCP tool 3 | 4 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Minecraft Griefing & Hacking Methods 2 | ### This is a documentation to explain how the networks get griefed and how to protect against them. 3 | 4 | 5 | ### List of the content 6 | - Discovering 7 | - Ip Resolve 8 | - Ip scanning 9 | - Ports Scanning 10 | - Ip Range scanning 11 | - Checker 12 | - Shodan 13 | 14 | - Exploiting 15 | - Log4shell 16 | - Login brute forcing 17 | - BungeeCord hack 18 | - Rcon Brute Forcing 19 | 20 | - Bypassing 21 | - Authme bypass 22 | - OnlyProxyJoin bypass 23 | - UUID Spoffing 24 | - Account Ipwh Bypass 25 | - Commands exploitable 26 | - Ip white List bypass 27 | 28 | - Social Engineering 29 | - Plugin poisoning 30 | - Fake login 31 | - Keylogger 32 | 33 | - Resources 34 | - Databases 35 | - Clients 36 | - Scanners 37 | -------------------------------------------------------------------------------- /Resources/Clients/SkillClient.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b3pwn3d/Minecraft-Griefing-Methods/436eb2070312d78ba8e6837ef610619e3038cd8e/Resources/Clients/SkillClient.md -------------------------------------------------------------------------------- /Resources/Scanners/Subdomain_scanner.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b3pwn3d/Minecraft-Griefing-Methods/436eb2070312d78ba8e6837ef610619e3038cd8e/Resources/Scanners/Subdomain_scanner.md -------------------------------------------------------------------------------- /Social Engineering/Fake Login.md: -------------------------------------------------------------------------------- 1 | # Fake Login 2 | Many users use the same password when get registered on a sever, so with this method, we can steal the password of the login. 3 | How it works? 4 | We need to make a fake server, and then put a login plugin that save the passwords in plain text. 5 | If you didnt found one, (because most of the login plugins puts the password on a hash), you can add a keylogger plugin, so you can get all comannds logs like /register /login ! 6 | When you have done the server, you need to use the social engineering to make the victim to register on your server. 7 | And pum! You got the password. 8 | This methods takes time, but is really effective, I got so many passwords from staff`s with this shit xD 9 | -------------------------------------------------------------------------------- /Social Engineering/Keylogger.md: -------------------------------------------------------------------------------- 1 | # Keylogger 2 | The keylogger is a very usefull malware to get minecraft passwords. This is because most of the time, the users use /login when join`s in a server. 3 | You can use Social Engineering to infect your victim, and then get the passwords. Obviosly, this is only works to cracked accounts. 4 | -------------------------------------------------------------------------------- /Social Engineering/Plugin Poisoning: -------------------------------------------------------------------------------- 1 | 2 | --------------------------------------------------------------------------------