For the curious: the server provider with vulnerable web console is (in my personal opinion, for legal reasons it could obviously be *anybody*) "GPORTAL". Also, I have quickly glanced at the source code of their website, and the XSS appears to be fixed. The actual server is not hosted by them, and is instead hosted by "Hetzner", which you can tell from the leaked IP and also (kind of) the default color profile they use for their root shells (see 7:49).
In an older version of minecraft (not sure about current versions) you can kill creative players, from what I remember it requires an NBT edited potion with negative health boost and the instant health effect. Effectively it sets your health to zero then updates your health causing you to die.
He's not flying while AFK, so really if they wanted to kill him, they could dig a hole underneath him, destroy the bedrock with the piston glitch and drop him into the void below.
3:20 really cool to see ottomated here, he made a lot of among us mods and also made a remote controlled bot that allowed him to play on the otv modded Minecraft server through computer craft, he also made blackjack and roulette in Minecraft with computer craft, all very cool stuff!
4:05 THIS. This was the reason why I loved Minecraft so many years ago. Back then, I watched a Video "Minecraft Train station [REVAMPED]" that Video was so cool, i tried replicating it and it was alot of fun. Before that i loved tinkering with redstone and pistons. Especially because sticky pistons just got added. This reminds me of a simpler time for me. And i kind of feel sad that i don't enjoy this as much as i used to.
@@anon_y_mousse Often you will suddenly find something of your childhood that will make you feel excited and when you play / try to recreate it you realize that your brain played you
@@beschbekifft So many times. For instance, finally got a game to play in an emulator that I hadn't played in years and it just wasn't fun even though I used to play for hours.
Not only that (the "r" is kinda invalid in a UUID), but the UUID is fairly fake looking as a general. Now that you pointed that out, I can see that this UUID isn't real at all. The real Herobrine's registered account UUID is f84c6a79-0a4e-45e0-879b-cd49ebd4c4e2.
5:47 I remember seeing the same mountain in r/Minecraft where a player was asking what to build there, and someone recommend a base under a waterfall, which is the exact build
I remember a server I used to play on years ago used to have Minecraft chat on the frontpage of their website, and it turned out to vulnerable to XSS. Until I figured it out and helped them fix it, that is. :)
I'm happy RUclips popped this back up in my feed. I've been mostly ignoring this series lately because of they're put out as Premieres, and I'm not a fan of those.
@@Wanavarbel Ilmangos newest video about it is here: ruclips.net/video/6sPS4yqC72I/видео.html, there are other videos going into more detail, but this should be enough as proof of concept.
Neat trick with the RCON attack, but should only in theory work if someone's looking. Also, they need to know the details of the hosting thing. Still another example of why you ALWAYS sanitize your inputs.
Welp, looks like the IP address on the sign at 1:10 doesn't work anymore. But I guess the same player that placed it there als figured out the new IP address for the server, because I found the server with Wurst's Server IP Finder (of course you can find my signs in there), and while I don't know how exactly, the IP address must have been leaked again somehow. Not sure if it was EpicPlayerA10 again, but I swear I saw him online on the server. Although, didn't take screenshot of the tablist. Wurst was the easiest and first go-to hacked client to get out of the bedrock spawn cage. I don't intend to use Wurst anywhere else. But from now on, I will analyze every single frame of the video granted I have time to do so, and possibly run it through OCR software - I'll find some free one. Don't worry, I want to keep track of the server and return for a while periodically. And I've possibly seen some spoilers for another video I guess. :D Jesus hack however is so useful! It still feels weird walking on water, but it's so useful. I guess I'm gonna x-ray next time for ores. And you may ban __Intel_, as he's been on a killing spreee, maybe using killaura and of course fly and speed hacks. I'm not saying it's against the rules or something, but until to that time nobody really killed anyone. So just keep an eye on them. If players start killing each other, I'm afraid they'll turn your server into another 2b2t.
So I downloaded the video to look at it frame by frame where any new IP address would be potentially visible, and I found literally nothing. I don't know how people have figured the new IP address out (which now also doesn't work, so another IP address is probably in circulation, and it seems it wasn't found yet, as Wurst couldn't find it again with IP Finder). Did I miss a video?
Nope, the IP address is still active, I guess it was just temporarily out of service. But still it baffles me. How did you guys find that IP address? I looked through the video frame by frame and couldn't see the IP address anywhere. I saw the old one that doesn't work anymore, that was the one on the sign. Just how? I guess I'll have to export the video to frames and check each frame individually for an IP address. I guess I'll download some sort of free command line OCR scanner that scans an image and outputs found text contents to the page - and then I can use grep to find an IP address. I know the IP address, so I can try to look for the exact IP address.
I noticed your Minecraft web console you made (I assume?) has an interesting bug which I also assume a real service provider would have spotted and fixed, in the process making your simple XSS attack more difficult if not impossible. When chatting, your name is treated like an HTML tag since it is surrounded in angle brackets. Since it isn't a valid tag, it simply doesn't show up on the page. Not being able to see who is sending chat messages is a pretty big flaw so I think a real service provider would have fixed that by at least encoding the < and > characters. Of course the better fix is to only inject user-generated text content into a page using appropriate APIs, NOT HTML APIs directly. If there is a need for users to generate HTML content, it's best to use an existing library designed to sanitize or sandbox the user input somehow. For example reddit allows user to enter content in markdown which is then translated into HTML. A much more complex solution but it ensures the content is processed and no HTML tags other than desired ones make it into the output. Of course, it's still best to be familiar with what the HTML tags you DO allow actually can do. Images can track users, for example.
The thumbnail is the developer console of a website on a browser. This window can be opened be pressing f12. Then going to the console tab to execute commands
Hello Mr! Do you plan to make a video on the new "minecraft chat message validation failure" exploit? It allows to kick players with a simple chat message! Great video btw :)
No it does not. The exploit would only work on select hosting services, that log the chat in your browser in a unsecure way the mainstream hosters do not have this problem
surprised to see Ottomated_ here in this video, he's a pretty notable developer who works with lots of big streamers like Ludwig Great video as always!
3:00 does anyone know what software they used? I have a server that’s idling around most of the time and would like to do that for some channels that are likely to get censored.
If packets could be recorded then all it takes is the recording of a user for a while to steal their identity. so theoretically, this attack could be adapted to steal someone's identity. it would be an even worse exploit than log4shell or uuid stealer combined. Edit: I am referring to the second vulnerability talked about in the video, discovered by vktec Edit2: I made a mistake, it was actually LiveOverflow's discovered vulnerability that could be adapted, although vktec did point out a much more critical vulnerability. in practice, both of these vulnerabilities could be used in conjunction to steal someone's id, impersonate someone, hijack someone's account, or even frame someone using the chat report system.
The fact that web console's don't sanitize any messages is beyond absurd. You would figure they would sanitize everything by default but i guess not. I know for a fact pterodactyl does sanitize all console messages for this not to happen
I was going to say that you leaked the IP again (1:10, 5:58, 7:28) (don't worry, I've got screenshots for the archive), but 12:13 convinced me that it was on purpose. It's a running gag now, I guess.
How to fix? first of all delete the ability to get OP through commands (if thats possible. I think you can just override it like any other command by just creating a new one with the same name with bukkit plugin). Also if one gets OP you could check a database to check if the use really is someone thats allowed to go into OP. If not then simple BAN the user and tell them to get in contact with staff.
5:32 that's a 9x9 :D you need to watch Direwolf20 many tech mod players build these, it's the perfect size of a base and it's kind of a rule that they have to be built out of cobblestone XD
I guess it was his own website of some sort, and I guess that it may not be accessible from the internet, it must be in his own local network. I've tried to search on Wayback Machine, and guess what? Attempts to archive the video failed. That means that Wayback Machine isn't useful to find old and long time lost videos on RUclips. The rest of the age is intact, it even shows all the comments that were made at the time of the snapshot, but video itself is unavailable. Other archiving sites may have the original video with the IP leak uncensored, I'll try to find one.
But there is a chance. One could etract the frame of the video where the original IP leak is (now blurred), and run it through an AI designed to remove the blurring effect, reconstructing the original text underlaying the blurred area. I remember watching this video: ruclips.net/video/_1Az0KwBbXc/видео.html - It isn't exactly what you may be looking for, as it requires two inputs (the pixelated image of the characters and characters sample), and works slightly differently, but I guess there may exist an AI that does this type of job - deblurring/decensoring parts of images, notably text, using neural networks that learned on a training set where the input given was censored image and the original uncensored image (in order for the AI to know how the end result is supposed to look like), and this training set contains like dozens of these images, and there is always test done where the neural network is given set of images to test what the network has learned, end result is taken and directly compared to uncensored originals. Once the match coefficient passes a certain percentile value, the attempt is considered success. I guess there might be such AI to do it. However, easiest way would be to find the original video with the server address uncensored yet, archived somewhere. Or wait and watch every single video closely until you find the IP leak of the server. I most certainly will and I will attemt to join the server at some point.
And guess what? This video could very potentially also contain the server IP leak at 8:50. Well, not this time, LO was careful this time and censored the IP again.
But wait, maybe there is a little hope. I'm not going to spoil it just yet, I'm saving the link, but I might have found an archive somewhere. The archived video just isn't ready for playback yet.
wait, no way the original "other" "Herobrine" admin user with hacks wasn't scripted, LiveOverflow ~himself ... O.O ? (edit: ok, I'm not insane :D) - still, a long time ago, he ~started this whole series by exploiting a .. hosting server web UI ? XD damn. (also, I'm very surprised that's not escaped...)
it's in here 1:08 the same ip was revealed on the previews video ruclips.net/video/gSxcDYCK_lY/видео.html (pause at the exact second and you will see it, on the top right ) and there's another ip that i found from the comment section but i wouldn't trust it, there might aswell be a clone of the server trying to steal other people's ips
Actually, the player did the lavacast to block the entrance with cobblestone. I had to get a creeper to explode on top of it to re open it again...
I saw the lavacast and figured it out quickly
we also made a tnt cannon to completely open the entrance! Although that led to some unfortunate casualties :)
hey kynatosh
someone made a cat test account lmao
@@tuffdufroggins uptime check is such a meme at this point :D
The fact that he brushed off the fact Ottomated join the server so quickly was funny to me.
of course, online mode is disabled, so anyone can be anyone else
@@Napert They all have skins though, when did he say it was not online-mode?
@@NateLevin in one of the first episodes, forgot which one exactly
I guess he didn't know who he was
popstonia is a super cool dude too
I'm so in love with this series! I hope the server remains open as an anarchy server even after the series ends
For the curious: the server provider with vulnerable web console is (in my personal opinion, for legal reasons it could obviously be *anybody*) "GPORTAL". Also, I have quickly glanced at the source code of their website, and the XSS appears to be fixed. The actual server is not hosted by them, and is instead hosted by "Hetzner", which you can tell from the leaked IP and also (kind of) the default color profile they use for their root shells (see 7:49).
It could be anybody !GPORTAL! Nice lol
@Juniper Ai I mean they take user input as HTML code, do you think their services are good?
@Juniper Ai LO is using Hetzner not GPortal. Hetzner does not offer Minecraft servers directly, you have to setup it by yourself.
Seeing Ottomated_ join the server gave me a shock, he’s made a few really good coding videos that I love but now he has not uploaded for a while
he streams on twitch
the server on cracked mode so anyone can spoof their uuids and be whoever they want
In an older version of minecraft (not sure about current versions) you can kill creative players, from what I remember it requires an NBT edited potion with negative health boost and the instant health effect. Effectively it sets your health to zero then updates your health causing you to die.
You still can, pots are op
He's not flying while AFK, so really if they wanted to kill him, they could dig a hole underneath him, destroy the bedrock with the piston glitch and drop him into the void below.
still can, love trolling my less knowledgeable friends. Really rocks their brains lol
3:20 really cool to see ottomated here, he made a lot of among us mods and also made a remote controlled bot that allowed him to play on the otv modded Minecraft server through computer craft, he also made blackjack and roulette in Minecraft with computer craft, all very cool stuff!
yea his computer craft stuff is pretty impressive. he also made pokemon on it.
I thought I recognised their name, that's so cool!
Seeing Ottomated join made me laugh since his "invading server" expertise is quite unique
13:40 You might be interested in LogBlock, a logging plugin storing who changed blocks or why blocks changed (and because of whom)
Coreprotect too
CoreProtect best
cat_test better
lag
imagine not using CoreProtect
4:05 THIS. This was the reason why I loved Minecraft so many years ago. Back then, I watched a Video "Minecraft Train station [REVAMPED]" that Video was so cool, i tried replicating it and it was alot of fun. Before that i loved tinkering with redstone and pistons. Especially because sticky pistons just got added. This reminds me of a simpler time for me. And i kind of feel sad that i don't enjoy this as much as i used to.
Part of life getting older
I feel that so much these days. I enjoy very little of what I enjoyed even just 5 years ago.
@@anon_y_mousse Often you will suddenly find something of your childhood that will make you feel excited and when you play / try to recreate it you realize that your brain played you
@@beschbekifft So many times. For instance, finally got a game to play in an emulator that I hadn't played in years and it just wasn't fun even though I used to play for hours.
I am absolutely loving this series
lmao the fact that “Herobrines” UUID has F00 BAR in it 😂😂
Not only that (the "r" is kinda invalid in a UUID), but the UUID is fairly fake looking as a general. Now that you pointed that out, I can see that this UUID isn't real at all. The real Herobrine's registered account UUID is f84c6a79-0a4e-45e0-879b-cd49ebd4c4e2.
@@CZghost isn't joining an online server with a fake uuid impossible
@@generallyunimportant yes. its spoofed server side. probably.
@@oscarchampion5842 Pretty sure the server has cracked mode on, so that he could spoof the Herobrine account.
6:20 little did he know we can do that in 1.12 at least, I now have command blocks, end portal frames,...
I think I saw a scicraft video about that!
Yeah he also missed the popbob reference at 2:38 soooo yeah he is still innocent to anarchy servers..
The roller coaster made me a bit emotional. Makes me remember how I discovered Minecraft...
5:47 I remember seeing the same mountain in r/Minecraft where a player was asking what to build there, and someone recommend a base under a waterfall, which is the exact build
oh mah gahd liveoverflow is herobrine confirmed
I love how you teach hacking with minecraft. Great to get people into it
lol
You didn’t understand a word that come out of his mouth did you?
@@JusTryNc why?
ottomated cameo!!!
I remember a server I used to play on years ago used to have Minecraft chat on the frontpage of their website, and it turned out to vulnerable to XSS. Until I figured it out and helped them fix it, that is. :)
Now that is some real Professional Dev Ops / Cybersecurity situation. As an it student i admire your knowledge.
I'm happy RUclips popped this back up in my feed. I've been mostly ignoring this series lately because of they're put out as Premieres, and I'm not a fan of those.
5:31 NIce to see the almighty 9 by 9 appearing in this server.
damn I was actually on the edge of my seat thinking someone pulled that xss off
I liked using a story like Herobrine to explain the vulnerability
6:40 there is a bug in (atleast older versions) to obtain arbitrary block.
Falling block khe khe.
proofs?
Indeed, ilmango has a couple video explaining it on his channel uploaded pretty recently
@@Wanavarbel Ilmangos newest video about it is here: ruclips.net/video/6sPS4yqC72I/видео.html, there are other videos going into more detail, but this should be enough as proof of concept.
i dont trust ilmango
Good to see some fellow Czechs on your server. :D
Ty jsi cz 😊?
casually "Ottomated_" joined the game
Neat trick with the RCON attack, but should only in theory work if someone's looking. Also, they need to know the details of the hosting thing.
Still another example of why you ALWAYS sanitize your inputs.
Heh good timing. Replay attacks are about to become very relevant.
I LOVE the Clubmate mod! : D
Awesome, great job, super well explained, thanks a lot
Welp, looks like the IP address on the sign at 1:10 doesn't work anymore. But I guess the same player that placed it there als figured out the new IP address for the server, because I found the server with Wurst's Server IP Finder (of course you can find my signs in there), and while I don't know how exactly, the IP address must have been leaked again somehow. Not sure if it was EpicPlayerA10 again, but I swear I saw him online on the server. Although, didn't take screenshot of the tablist. Wurst was the easiest and first go-to hacked client to get out of the bedrock spawn cage. I don't intend to use Wurst anywhere else. But from now on, I will analyze every single frame of the video granted I have time to do so, and possibly run it through OCR software - I'll find some free one. Don't worry, I want to keep track of the server and return for a while periodically. And I've possibly seen some spoilers for another video I guess. :D Jesus hack however is so useful! It still feels weird walking on water, but it's so useful. I guess I'm gonna x-ray next time for ores. And you may ban __Intel_, as he's been on a killing spreee, maybe using killaura and of course fly and speed hacks. I'm not saying it's against the rules or something, but until to that time nobody really killed anyone. So just keep an eye on them. If players start killing each other, I'm afraid they'll turn your server into another 2b2t.
So I downloaded the video to look at it frame by frame where any new IP address would be potentially visible, and I found literally nothing. I don't know how people have figured the new IP address out (which now also doesn't work, so another IP address is probably in circulation, and it seems it wasn't found yet, as Wurst couldn't find it again with IP Finder). Did I miss a video?
Nope, the IP address is still active, I guess it was just temporarily out of service. But still it baffles me. How did you guys find that IP address? I looked through the video frame by frame and couldn't see the IP address anywhere. I saw the old one that doesn't work anymore, that was the one on the sign. Just how? I guess I'll have to export the video to frames and check each frame individually for an IP address. I guess I'll download some sort of free command line OCR scanner that scans an image and outputs found text contents to the page - and then I can use grep to find an IP address. I know the IP address, so I can try to look for the exact IP address.
@@CZghost If I may ask, does the IP you have still work? I could send you my public key if you don't want to share it openly
@@CZghost theres a way to track people on what server there in im pretty sure fitmc did a video on how 2b2t players greifed jeb
10:44 that "WTF!?" comment lmao
I feel that guy
Oldest anarchy server 2b2t....wait it's not the usual Minecraft videos I watch
I noticed your Minecraft web console you made (I assume?) has an interesting bug which I also assume a real service provider would have spotted and fixed, in the process making your simple XSS attack more difficult if not impossible.
When chatting, your name is treated like an HTML tag since it is surrounded in angle brackets. Since it isn't a valid tag, it simply doesn't show up on the page. Not being able to see who is sending chat messages is a pretty big flaw so I think a real service provider would have fixed that by at least encoding the < and > characters.
Of course the better fix is to only inject user-generated text content into a page using appropriate APIs, NOT HTML APIs directly. If there is a need for users to generate HTML content, it's best to use an existing library designed to sanitize or sandbox the user input somehow. For example reddit allows user to enter content in markdown which is then translated into HTML. A much more complex solution but it ensures the content is processed and no HTML tags other than desired ones make it into the output. Of course, it's still best to be familiar with what the HTML tags you DO allow actually can do. Images can track users, for example.
it's the minecraft console of the provider. I didn't fake that part ;)
@@LiveOverflow I thought you use docker?
I assume you use a console connecting to rcon instead of directly interacting with the process-console?
@@MrSimber1 he said he did in the video, they simply don't fix anything
The thumbnail is the developer console of a website on a browser. This window can be opened be pressing f12. Then going to the console tab to execute commands
Going down the minecraft hacking rabbithole usually leads to kids becoming hackers instead of security researchers
It was very fun finding this server b4 everyone else
can you send me IP? I always wanted to join it :(
@@thefoxguy nope ^-^
@@barrulik :(
@@thefoxguy He changed the ip anyway, I don't think anyone got the new ip yet
holy shit i love this channel so much
Hello Mr! Do you plan to make a video on the new "minecraft chat message validation failure" exploit? It allows to kick players with a simple chat message!
Great video btw :)
love the popbot refrence
Wait, does this mean everybody with enough tech skill can now replay and modify chat commands on modern Minecraft servers?
No, they have to be on the same network to actually see the packets getting sent by the client
No it does not. The exploit would only work on select hosting services, that log the chat in your browser in a unsecure way
the mainstream hosters do not have this problem
@@tigerdan That's not what he's talking about.
@@tigerdan bro
@@tigerdan bro wtf?
thnx for the info it could be useful for something to look for in server websites ill use in the future
surprised to see Ottomated_ here in this video, he's a pretty notable developer who works with lots of big streamers like Ludwig
Great video as always!
It's kind of cool Ottomated found your server
could you add the text that you actually have to type in the chat to gain op permission in description?
0:43 omg that's me
5:30 Dire 9x9!
sad to see the server down :(
Story telling for the win
Such a great video!
I met techno but nice vid XD you earned a new sub 👍
Still love this series
good job showing the public IPs of everyone who joined :p
i was so shocked by this, this man is teaching while playing minecraft
popstonia my love
POG a Czech guy was on this guys server
Otto ❤
the bug tracket prevents you from viewing MC-242462 & MC-249235 whilst logged out
3:00 does anyone know what software they used? I have a server that’s idling around most of the time and would like to do that for some channels that are likely to get censored.
i would also really like to get something like this running as i have 30tb or free space just laying around
Maybe a Plex server and you just upload the videos to them? Idk the only thing I could think of thats what my home lab uses
@@raygun2180 Plex is for watching, not archiving.
@@FlorianWendelborn you just upload them to plex and can watch them whenever
@@raygun2180 I’m not interested in uploading or watching, so Plex will NOT help me at ALL. I’m purely interested in archiving.
You need to start censoring the server IP more seriously. Haha :)
and client ips
he accidentally just showed ips of many people at 8:00
On some faction servers you need to set your password when logging for the first time... Maybe this can be weaponized pretty easily...
Otto!
My favorite part is when he said "byte" or "bytes".
potatoe farm called ireland is so funny
That was quite interesting
Ottomated is a familiar name! Small world :)
Aternos is very high probability for that kind of attack, because users have ussually opened the console to start the server
na dont work just tried
@@lordcrazyoflife ok, but if the bug would be there
All servers would be in trouble if it was the case
OTTO!!
here before premiere
lets goooooo
If packets could be recorded then all it takes is the recording of a user for a while to steal their identity. so theoretically, this attack could be adapted to steal someone's identity. it would be an even worse exploit than log4shell or uuid stealer combined.
Edit: I am referring to the second vulnerability talked about in the video, discovered by vktec
Edit2: I made a mistake, it was actually LiveOverflow's discovered vulnerability that could be adapted, although vktec did point out a much more critical vulnerability. in practice, both of these vulnerabilities could be used in conjunction to steal someone's id, impersonate someone, hijack someone's account, or even frame someone using the chat report system.
Well g-portal is a bad host, what do you expect? xD
Don't you think he leaked the ip intentionally? I found it twice... However, the server is now constantly full
in this video?
And now the server seems to be fully down... this was probably intentional
@@petey5009 He posted on Twitter that he messed up again and „made some changes“. Who knows, maybe some kind of a new challenge
@@loisI120 probably an ip change
@@petey5009 so where was the ip again?
The fact that web console's don't sanitize any messages is beyond absurd. You would figure they would sanitize everything by default but i guess not. I know for a fact pterodactyl does sanitize all console messages for this not to happen
8:10 shows peoples log off locations so you can find their bases
I was going to say that you leaked the IP again (1:10, 5:58, 7:28) (don't worry, I've got screenshots for the archive), but 12:13 convinced me that it was on purpose. It's a running gag now, I guess.
lol did he remove it?
Obtaining bedrock IS possible. It's just ridiculously difficult and is only known within the technical minecraft community.
I love how you left the IP in this video too, then 5 minutes later, complain about constantly leaking the IP.
2:03 lol, someone from SK-CZ
That's what I was thinking. :D
Note: lots of peoples IPs are shown around 8:00, perhaps you should blur this?
There is no ip address at all ! No worries
@@not_kelbaz there definitely are
How to fix? first of all delete the ability to get OP through commands (if thats possible. I think you can just override it like any other command by just creating a new one with the same name with bukkit plugin). Also if one gets OP you could check a database to check if the use really is someone thats allowed to go into OP. If not then simple BAN the user and tell them to get in contact with staff.
/minecraft:op
/essentials:gmc
/minecraft:gamemode creative
real
@@popnotfound can you disable the default commands in bukkit api?
@@imluctor5997 maybe
5:32 that's a 9x9 :D you need to watch Direwolf20
many tech mod players build these, it's the perfect size of a base and it's kind of a rule that they have to be built out of cobblestone XD
this is why you should sanitize everything to anything that user can type into
what is the code to force op when the console is open? could u pls tell me? thanks!
I practically understood nothing in this video lol and I felt like a real idiot
Herobrine endorses NordVPN too.
what was the personal archive service that popstonia was using?
I guess it was his own website of some sort, and I guess that it may not be accessible from the internet, it must be in his own local network. I've tried to search on Wayback Machine, and guess what? Attempts to archive the video failed. That means that Wayback Machine isn't useful to find old and long time lost videos on RUclips. The rest of the age is intact, it even shows all the comments that were made at the time of the snapshot, but video itself is unavailable. Other archiving sites may have the original video with the IP leak uncensored, I'll try to find one.
@@CZghost I know, I’m asking for the software he was using
But there is a chance. One could etract the frame of the video where the original IP leak is (now blurred), and run it through an AI designed to remove the blurring effect, reconstructing the original text underlaying the blurred area. I remember watching this video: ruclips.net/video/_1Az0KwBbXc/видео.html - It isn't exactly what you may be looking for, as it requires two inputs (the pixelated image of the characters and characters sample), and works slightly differently, but I guess there may exist an AI that does this type of job - deblurring/decensoring parts of images, notably text, using neural networks that learned on a training set where the input given was censored image and the original uncensored image (in order for the AI to know how the end result is supposed to look like), and this training set contains like dozens of these images, and there is always test done where the neural network is given set of images to test what the network has learned, end result is taken and directly compared to uncensored originals. Once the match coefficient passes a certain percentile value, the attempt is considered success. I guess there might be such AI to do it. However, easiest way would be to find the original video with the server address uncensored yet, archived somewhere. Or wait and watch every single video closely until you find the IP leak of the server. I most certainly will and I will attemt to join the server at some point.
And guess what? This video could very potentially also contain the server IP leak at 8:50. Well, not this time, LO was careful this time and censored the IP again.
But wait, maybe there is a little hope. I'm not going to spoil it just yet, I'm saving the link, but I might have found an archive somewhere. The archived video just isn't ready for playback yet.
7:23 : wrong! If there was an ssh exploit, you'd be silently using it to get acvess to your target, THEN expose it, after 20 years 🤣
What OS do you use for your minecraft server?
thx
6:47 Have you ever heard of Scicraft?
If you're a complete beginner to soft production then soft is imo the easiest daw that you can get, I started off with it.. If you have a little bit
ini yang terjadi sama brutal hardcore
wait, no way the original "other" "Herobrine" admin user with hacks wasn't scripted, LiveOverflow ~himself ... O.O ? (edit: ok, I'm not insane :D)
- still, a long time ago, he ~started this whole series by exploiting a .. hosting server web UI ? XD damn. (also, I'm very surprised that's not escaped...)
Can you show the full command you use to get op?
$("#rconCommand")[0].value='op vxpeeep';
$("#sendRconCommand")[0].click();
$(".row-standard").remove();
@@vxpe7864 What website is the server hosted on
@@vxpe7864 it didnt work in vanilla
@@kiddojad1827 of course it do not work in vanilla lol
9:03 idin t work on my server it s on 1.12.2
Even in 1.16.5 and 1.20
What was in the chat?
Ja tě tam viděl MajnKrafaku xDdd
whats the ip
it's in here 1:08 the same ip was revealed on the previews video ruclips.net/video/gSxcDYCK_lY/видео.html (pause at the exact second and you will see it, on the top right )
and there's another ip that i found from the comment section
but i wouldn't trust it, there might aswell be a clone of the server trying to steal other people's ips
@@haithem8906 thx man im looking in it
@@haithem8906 i cant see the thing in 1:08
@@haithem8906 found it
@@haithem8906 ip doesnt work