Welcome to E8 :: [eon8]

Register now to gain access to all of our features. Once registered and logged in, you will be able to contribute to this site by submitting your own content or replying to existing content. You'll also be able to use the shoutbox, customize your profile, change themes, gain reputation points for submitting content, while also communicating with other members via your own private messenger, plus much more!

 

This message will be removed once you have signed in.

Guest BlackShadow

Hacking into a Minecraft Server

24 posts in this topic

K so, I know this asshole who stole my world and put it in his minecraft server and claims credit for the world. I am banned from the server, but is there a way to access his computers files to delete his server or break into the server?


Shadow~

Share this post


Link to post
Share on other sites

Is it name ban or IP ban? IP ban just use a proxy connection, Name ban just use a different account.

As far as breaking in, you would have to learn how to hack. Not much you can do. Its the internet so just slander the asshole.

Share this post


Link to post
Share on other sites

Is it name ban or IP ban? IP ban just use a proxy connection, Name ban just use a different account.

As far as breaking in, you would have to learn how to hack. Not much you can do. Its the internet so just slander the asshole.

I can learn how to hack if i have a good teacher. I have exp in building computers and hacking. Posted a vid of me hacking club penguin when I was 8. Still on youtube :)

I think its name and ip.

Share this post


Link to post
Share on other sites

I can learn how to hack if i have a good teacher. I have exp in building computers and hacking. Posted a vid of me hacking club penguin when I was 8. Still on youtube :)

I think its name and ip.

just make a new account and use a proxyip. personally, i use hotspot shield but there's others.

If you're trying to delete the server you'll need to find a way to get admin status and use the commands from there (for instance replace all air blocks with lava blocks)

Share this post


Link to post
Share on other sites

I would suggest scanning the ports that are open and available. Most people running a server do not close all important ports. A good one to hopefully find is an unsecure FTP port...21 I believe. There are quite a few more as well. You can scan a server by simply googling for some information.

Share this post


Link to post
Share on other sites

Do some black ops shit, pretend to be someone else, gain his trust, become admin, then grief the shit out of the server.

Share this post


Link to post
Share on other sites

I would suggest scanning the ports that are open and available. Most people running a server do not close all important ports. A good one to hopefully find is an unsecure FTP port...21 I believe. There are quite a few more as well. You can scan a server by simply googling for some information.

Scanning for ports is probably the way to go

Share this post


Link to post
Share on other sites

Scanning for ports is probably the way to go

Ill do that. For now, if there are any hackers reading this, he has changed the ip twice. The first one is: 72.222.182.148:12345 I think that one got deleted but as far as i know the latest one is 68.110.94.155:12345

Please fuck this ip up, hack it, delete the files anything you want.

Share this post


Link to post
Share on other sites

ftp is really only good for, well, transferring files. But if you can get an unsecured port you could upload a file that would crush the server, or you could just empty the entire server or delete specific files and hope he doesn't have a backup of the database. You could always try an SQL injection to try and gain root access to the DB itself and drop the tables, and if you feel really frisky, copy the users/PW's/e-mail information from the server and post it on a warez site for people to do what they please with it.

A small introduction to SQLi:

1). Check for vulnerability

Let’s say that we have some site like this

http://www.site.com/news.php?id=5

Now to test if is vulrnable we add to the end of url ‘ (quote),

and that would be http://www.site.com/news.php?id=5

so if we get some error like

“You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right etc…”

or something similar

that means is vulrnable to sql injection

2). Find the number of columns

To find number of columns we use statement ORDER BY (tells database how to order the result)

so how to use it? Well just incrementing the number until we get an error.

http://www.site.com/news.php?id=5 order by 1/* <– no error

http://www.site.com/news.php?id=5 order by 2/* <– no error

http://www.site.com/news.php?id=5 order by 3/* <– no error

http://www.site.com/news.php?id=5 order by 4/* <– error (we get message like this Unknown column ‘4′ in ‘order clause’ or something like that)

that means that the it has 3 columns, cause we got an error on 4.

In no way is this complete, nor did I write it. SQLi's are becoming increasingly more difficult with the advent of obfuscation becoming more widely used. A good way to test for things is to use the ASCII codes, those are usually not filtered by default installed functions running on mySQL servers.

Most admin's are fairly lazy and do not take the time to filter input in either the username or password box and those can also be manipulated to gain access. Once again, the key to obtaining a server and making it your bitch, is to gain root access.

Share this post


Link to post
Share on other sites

Ill do that. For now, if there are any hackers reading this, he has changed the ip twice. The first one is: 72.222.182.148:12345 I think that one got deleted but as far as i know the latest one is 68.110.94.155:12345

Please fuck this ip up, hack it, delete the files anything you want.

Ok then. I'm not supposed to do this but i'll try just for you. I play minecraft too and people have griefed my server, so i'll get in and try to annoy the f**k outta him.

Share this post


Link to post
Share on other sites

ftp is really only good for, well, transferring files. But if you can get an unsecured port you could upload a file that would crush the server, or you could just empty the entire server or delete specific files and hope he doesn't have a backup of the database. You could always try an SQL injection to try and gain root access to the DB itself and drop the tables, and if you feel really frisky, copy the users/PW's/e-mail information from the server and post it on a warez site for people to do what they please with it.

A small introduction to SQLi:

1). Check for vulnerability

Let’s say that we have some site like this

http://www.site.com/news.php?id=5

Now to test if is vulrnable we add to the end of url ‘ (quote),

and that would be http://www.site.com/news.php?id=5′

so if we get some error like

“You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right etc…”

or something similar

that means is vulrnable to sql injection

2). Find the number of columns

To find number of columns we use statement ORDER BY (tells database how to order the result)

so how to use it? Well just incrementing the number until we get an error.

http://www.site.com/news.php?id=5 order by 1/* <– no error

http://www.site.com/news.php?id=5 order by 2/* <– no error

http://www.site.com/news.php?id=5 order by 3/* <– no error

http://www.site.com/news.php?id=5 order by 4/* <– error (we get message like this Unknown column ‘4′ in ‘order clause’ or something like that)

that means that the it has 3 columns, cause we got an error on 4.

In no way is this complete, nor did I write it. SQLi's are becoming increasingly more difficult with the advent of obfuscation becoming more widely used. A good way to test for things is to use the ASCII codes, those are usually not filtered by default installed functions running on mySQL servers.

Most admin's are fairly lazy and do not take the time to filter input in either the username or password box and those can also be manipulated to gain access. Once again, the key to obtaining a server and making it your bitch, is to gain root access.

I almost never use SQLi, it's too unreliable. I'd rather use social engineering or exploits. (I <3 Metasploit) :)

Share this post


Link to post
Share on other sites

And then IF you could find that he has SSH and FTP you could bruteforce the SSH and upload a trojan, then execute it via SSH. Like, some high-port binding shellcode (port could be something like 31337, lol). Endless possibilities. Hell, I demonstrated hacking a host computer by hacking a virtual machine running on it.

Share this post


Link to post
Share on other sites
This is what i learned about the ip address:
IP Address Location results for 68.110.94.155

IP Address: 68.110.94.155 WhoIs Lookup IP BlackList Lookup
Hostname: ip68-110-94-155.ph.ph.cox.net Reverse DNS

[see complete information about your system with our IP Information tool!]

IP Location Lookup results for 68.110.94.155 in Arizona

IP Address Region: Arizona
IP Address City: Phoenix
IP Postal Code (IP Zip Code): 85032
IP Area Code: 602
IP Metro: 753
IP Address Latitude: (33.6238)
IP Address Longtitude: (-112.004)

IP Location Lookup results for United States

IP Country Name: United States us.png
IP Country Capital: Washington
IP Language: English
IP Currency: United States dollar($) (USD)
IP Country Latitude: (38)
IP Country Longitude: (-98)
IP Country Code: USA (US)

IP Address Conversion - IP Convert for 68.110.94.155 to Hex & to Dec

IP to Dec [iP Address to decimal]: 1148083867
IP to Hex [iP Address to hexadecimal]: 446e5e9b
IP to Bin [iP to binary]: 1000100011011100101111010011011

IP Address Lookup results for North America

IP Address Continent: North America
IP Continent Code:(NA)
IP Continent Population: 528,720,588
IP Continent Area: 24,709,000 km²
IP Continent Total Population: 8%
IP Continent Density People: 22.9 per km²
IP Continent Latitude: (46.07305)
IP Continent Longitude: (-100.546)

Additional IP Location information for 68.110.94.155

IP Address Organization: Cox Communications
IP Address ISP: Cox Communications

Time zone for 68.110.94.155: America/Phoenix
Local time zone for 68.110.94.155: America/Phoenix

IP Address Location results for 68.110.94.155

IP Address: 68.110.94.155 WhoIs Lookup IP BlackList Lookup
Hostname: ip68-110-94-155.ph.ph.cox.net Reverse DNS


[see complete information about your system with our IP Information tool!]


IP Location Lookup results for 68.110.94.155 in Arizona

IP Address Region: Arizona
IP Address City: Phoenix
IP Postal Code (IP Zip Code): 85032
IP Area Code: 602
IP Metro: 753
IP Address Latitude: (33.6238)
IP Address Longtitude: (-112.004)



IP Location Lookup results for United States

IP Country Name: United States us.png
IP Country Capital: Washington
IP Language: English
IP Currency: United States dollar($) (USD)
IP Country Latitude: (38)
IP Country Longitude: (-98)
IP Country Code: USA (US)



IP Address Conversion - IP Convert for 68.110.94.155 to Hex & to Dec

IP to Dec [iP Address to decimal]: 1148083867
IP to Hex [iP Address to hexadecimal]: 446e5e9b
IP to Bin [iP to binary]: 1000100011011100101111010011011



IP Address Lookup results for North America

IP Address Continent: North America
IP Continent Code:(NA)
IP Continent Population: 528,720,588
IP Continent Area: 24,709,000 km²
IP Continent Total Population: 8%
IP Continent Density People: 22.9 per km²
IP Continent Latitude: (46.07305)
IP Continent Longitude: (-100.546)



Additional IP Location information for 68.110.94.155

IP Address Organization: Cox Communications
IP Address ISP: Cox Communications


Time zone for 68.110.94.155: America/Phoenix
Local time zone for 68.110.94.155: America/Phoenix

Share this post


Link to post
Share on other sites

Hi,

 

Id like to learn how to actually hack into a console

So have control over the console so I am in the control panel

 

I was thinking like a hack to crack the password

I heard brute force does that ?

 

then upload some kind of plugin that unbans users every second so I can never be banned and

wreck them

 

 

Share this post


Link to post
Share on other sites

Using brute force to crack a password generally only works on very simple ones. It's basically a piece of software that automatically tries passwords from a list you give it.

Share this post


Link to post
Share on other sites

Using brute force to crack a password generally only works on very simple ones. It's basically a piece of software that automatically tries passwords from a list you give it.

How do I use brute force and could u recommend any downloads ? 

Share this post


Link to post
Share on other sites

All the programs go about it in slightly different ways so there really isn't any universal directions. Just search around the Internet until you find one that you're the most comfortable with.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now