Wurst.Wiki

The Official Wurst Client Wiki

User Tools

Site Tools


sign_translation_vulnerability

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
sign_translation_vulnerability [2024/07/11 20:24] alexander01998sign_translation_vulnerability [2026/04/03 07:13] (current) – [Sign Translation Vulnerability] nikoverflow
Line 1: Line 1:
 ====== Sign Translation Vulnerability ====== ====== Sign Translation Vulnerability ======
  
-The sign translation exploit ([[https://bugs.mojang.com/browse/MC-265322|MC-265322]], no CVE assigned) is a vulnerability affecting Minecraft [[mc>Java Edition 1.20]] ([[mc>23w14a]]) and later versions that allows malicious servers to obtain private information about players, such as their language, keybindsand installed client-side mods.+The sign translation exploit ([[https://bugs.mojang.com/browse/MC-265322|MC-265322]], no CVE assigned) is a vulnerability affecting Minecraft [[mc>Java Edition 1.20]] and later versions that allows malicious servers to obtain private information about players, such as their keybinds and installed client-side mods.
  
 This vulnerability has been exploited in the wild, causing real harm to real players.((https://github.com/JustAlittleWolf/ModDetectionPreventer/issues/6#issuecomment-2079826463)) No official patch is available from Mojang. This vulnerability has been exploited in the wild, causing real harm to real players.((https://github.com/JustAlittleWolf/ModDetectionPreventer/issues/6#issuecomment-2079826463)) No official patch is available from Mojang.
Line 32: Line 32:
  
 With an up-to-date Wurst Client installation in Minecraft 1.21 (which is still vulnerable), the sign should say the following: With an up-to-date Wurst Client installation in Minecraft 1.21 (which is still vulnerable), the sign should say the following:
-> key.wurst.zoom +<WRAP round box 200px> 
-key.wurst.zoom +<code> 
-Walk Forward +  key.wurst.zoom 
-W+  key.wurst.zoom 
 +   Walk Forward 
 +        W 
 +</code> 
 +</WRAP> 
  
 If Mojang properly fixes the vulnerability in a future Minecraft update, the sign should instead say the following: If Mojang properly fixes the vulnerability in a future Minecraft update, the sign should instead say the following:
-> key.wurst.zoom +<WRAP round box 200px> 
-key.wurst.zoom +<code> 
-key.forward +  key.wurst.zoom 
-key.forward+  key.wurst.zoom 
 +    key.forward 
 +    key.forward 
 +</code> 
 +</WRAP>
  
 And if used with an older, unpatched version of Wurst, the sign will say the following: And if used with an older, unpatched version of Wurst, the sign will say the following:
-Zoom +<WRAP round box 200px
-> V +<code> 
-Walk Forward +       Zoom 
-W+        
 +   Walk Forward 
 +        W 
 +</code> 
 +</WRAP>
  
 ===== See Also ===== ===== See Also =====
Line 54: Line 67:
   * [[https://wurstforum.net/d/447-wurst-7411-security-fix|WurstForum thread for Wurst 7.41.1]], with more explanations about how the exploit works   * [[https://wurstforum.net/d/447-wurst-7411-security-fix|WurstForum thread for Wurst 7.41.1]], with more explanations about how the exploit works
   * [[https://github.com/JustAlittleWolf/ModDetectionPreventer|Mod Detection Preventer]] - discontinued, but the repo contains other technical details about the exploit   * [[https://github.com/JustAlittleWolf/ModDetectionPreventer|Mod Detection Preventer]] - discontinued, but the repo contains other technical details about the exploit
 +  * [[https://github.com/NikOverflow/ExploitPreventer|ExploitPreventer]] - A fabric mod that prevents this and other client-side exploits
  
-{{tag>security}}+{{tag>security stealth}}
 ---- struct data ---- ---- struct data ----
 +hack.name            : 
 +hack.image           : 
 +hack.category        : 
 +hack.in-game description : 
 +hack.default keybind : 
 +hack.source code     : 
 ---- ----
  
sign_translation_vulnerability.1720729450.txt.gz · Last modified: by alexander01998