Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Minecraft Mod, Follow up, and Java Reflection

published on 2019-05-14 19:17:00 UTC by cktricky
Content:
After yesterday's post, I received a ton of interesting and creative responses regarding how to get around the mod's restrictions which is what I love about our community. Mubix was the first person to reach out and suggest hijacking calls to Pastebin using /etc/hosts (which I did try but was having some wonky behavior with OSX) and there were other suggestions as well with regards to hijacking DNS and pretending to be the site (Pastebin).

However, my FAVORITE suggestion came from a co-worker of mine (and all around super cool/talented hacker) Matt Langlois. He had an idea for a better workaround. One that didn't require proxying web traffic or for you to even be connected to the internet. He decided to override the code that checks the list of allowed users and inject our UUID into that list. It works beautifully but rather than try to explain the details in this blog post, I suggest you visit his blog post to check out the details.

The gist is that Java reflection allows you to override methods in memory and this is exactly what Matt did. So - go check out the blog post!
Article: Minecraft Mod, Follow up, and Java Reflection - published over 5 years ago.

https://blog.carnal0wnage.com/2019/05/minecraft-mod-follow-up-and-java.html   
Published: 2019 05 14 19:17:00
Received: 2021 06 06 09:05:30
Feed: Carnal0wnage and Attack Research Blog
Source: Carnal0wnage and Attack Research Blog
Category: News
Topic: Hacking
Views: 2

Custom HTML Block

Click to Open Code Editor