Wurst.Wiki

The Official Wurst Client Wiki

User Tools

Site Tools

Trace:
sign_translation_vulnerability

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
sign_translation_vulnerability [2024/07/11 19:40] – created alexander01998sign_translation_vulnerability [2025/11/02 16:11] (current) nikoverflow
Line 4: Line 4:
  
 This vulnerability has been exploited in the wild, causing real harm to real players.((https://github.com/JustAlittleWolf/ModDetectionPreventer/issues/6#issuecomment-2079826463)) No official patch is available from Mojang. This vulnerability has been exploited in the wild, causing real harm to real players.((https://github.com/JustAlittleWolf/ModDetectionPreventer/issues/6#issuecomment-2079826463)) No official patch is available from Mojang.
 +
 +<WRAP center round important>
 +The sign translation exploit is //not// limited to detecting client-side mods like Wurst. It leaks tons of information about vanilla Minecraft players as well, such as their language and keybinds. It is in everyone's best interest for Mojang to patch this vulnerability as soon as possible.
 +</WRAP>
  
 ===== How It Works ===== ===== How It Works =====
Line 28: Line 32:
  
 With an up-to-date Wurst Client installation in Minecraft 1.21 (which is still vulnerable), the sign should say the following: With an up-to-date Wurst Client installation in Minecraft 1.21 (which is still vulnerable), the sign should say the following:
-> key.wurst.zoom +<WRAP round box 200px> 
-key.wurst.zoom +<code> 
-Walk Forward +  key.wurst.zoom 
-W+  key.wurst.zoom 
 +   Walk Forward 
 +        W 
 +</code> 
 +</WRAP> 
  
 If Mojang properly fixes the vulnerability in a future Minecraft update, the sign should instead say the following: If Mojang properly fixes the vulnerability in a future Minecraft update, the sign should instead say the following:
-> key.wurst.zoom +<WRAP round box 200px> 
-key.wurst.zoom +<code> 
-key.forward +  key.wurst.zoom 
-key.forward+  key.wurst.zoom 
 +    key.forward 
 +    key.forward 
 +</code> 
 +</WRAP>
  
 And if used with an older, unpatched version of Wurst, the sign will say the following: And if used with an older, unpatched version of Wurst, the sign will say the following:
-Zoom +<WRAP round box 200px
-> V +<code> 
-Walk Forward +       Zoom 
-W+        
 +   Walk Forward 
 +        W 
 +</code> 
 +</WRAP>
  
 ===== See Also ===== ===== See Also =====
Line 50: Line 67:
   * [[https://wurstforum.net/d/447-wurst-7411-security-fix|WurstForum thread for Wurst 7.41.1]], with more explanations about how the exploit works   * [[https://wurstforum.net/d/447-wurst-7411-security-fix|WurstForum thread for Wurst 7.41.1]], with more explanations about how the exploit works
   * [[https://github.com/JustAlittleWolf/ModDetectionPreventer|Mod Detection Preventer]] - discontinued, but the repo contains other technical details about the exploit   * [[https://github.com/JustAlittleWolf/ModDetectionPreventer|Mod Detection Preventer]] - discontinued, but the repo contains other technical details about the exploit
 +  * [[https://github.com/NikOverflow/ExploitPreventer|ExploitPreventer]] - A fabric mod that prevents this and other client-side exploits
  
-{{tag>security}}+{{tag>security stealth}}
 ---- struct data ---- ---- struct data ----
 +hack.name            : 
 +hack.image           : 
 +hack.category        : 
 +hack.in-game description : 
 +hack.default keybind : 
 +hack.source code     : 
 ---- ----
  
sign_translation_vulnerability.1720726817.txt.gz · Last modified: 2024/07/11 19:40 by alexander01998