Wurst.Wiki

The Official Wurst Client Wiki

User Tools

Site Tools

Trace:
sign_translation_vulnerability

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
sign_translation_vulnerability [2024/07/11 19:40] – created alexander01998sign_translation_vulnerability [2024/07/30 07:30] (current) alexander01998
Line 4: Line 4:
  
 This vulnerability has been exploited in the wild, causing real harm to real players.((https://github.com/JustAlittleWolf/ModDetectionPreventer/issues/6#issuecomment-2079826463)) No official patch is available from Mojang. This vulnerability has been exploited in the wild, causing real harm to real players.((https://github.com/JustAlittleWolf/ModDetectionPreventer/issues/6#issuecomment-2079826463)) No official patch is available from Mojang.
 +
 +<WRAP center round important>
 +The sign translation exploit is //not// limited to detecting client-side mods like Wurst. It leaks tons of information about vanilla Minecraft players as well, such as their language and keybinds. It is in everyone's best interest for Mojang to patch this vulnerability as soon as possible.
 +</WRAP>
  
 ===== How It Works ===== ===== How It Works =====
Line 28: Line 32:
  
 With an up-to-date Wurst Client installation in Minecraft 1.21 (which is still vulnerable), the sign should say the following: With an up-to-date Wurst Client installation in Minecraft 1.21 (which is still vulnerable), the sign should say the following:
-> key.wurst.zoom +<WRAP round box 200px> 
-key.wurst.zoom +<code> 
-Walk Forward +  key.wurst.zoom 
-W+  key.wurst.zoom 
 +   Walk Forward 
 +        W 
 +</code> 
 +</WRAP> 
  
 If Mojang properly fixes the vulnerability in a future Minecraft update, the sign should instead say the following: If Mojang properly fixes the vulnerability in a future Minecraft update, the sign should instead say the following:
-> key.wurst.zoom +<WRAP round box 200px> 
-key.wurst.zoom +<code> 
-key.forward +  key.wurst.zoom 
-key.forward+  key.wurst.zoom 
 +    key.forward 
 +    key.forward 
 +</code> 
 +</WRAP>
  
 And if used with an older, unpatched version of Wurst, the sign will say the following: And if used with an older, unpatched version of Wurst, the sign will say the following:
-Zoom +<WRAP round box 200px
-> V +<code> 
-Walk Forward +       Zoom 
-W+        
 +   Walk Forward 
 +        W 
 +</code> 
 +</WRAP>
  
 ===== See Also ===== ===== See Also =====
Line 51: Line 68:
   * [[https://github.com/JustAlittleWolf/ModDetectionPreventer|Mod Detection Preventer]] - discontinued, but the repo contains other technical details about the exploit   * [[https://github.com/JustAlittleWolf/ModDetectionPreventer|Mod Detection Preventer]] - discontinued, but the repo contains other technical details about the exploit
  
-{{tag>security}}+{{tag>security stealth}}
 ---- struct data ---- ---- struct data ----
 +hack.name            : 
 +hack.image           : 
 +hack.category        : 
 +hack.in-game description : 
 +hack.default keybind : 
 +hack.source code     : 
 ---- ----
  
sign_translation_vulnerability.1720726817.txt.gz · Last modified: 2024/07/11 19:40 by alexander01998