Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue with spoofing client messages #192

Open
Lilyp3892 opened this issue Jan 28, 2023 · 2 comments
Open

Issue with spoofing client messages #192

Lilyp3892 opened this issue Jan 28, 2023 · 2 comments

Comments

@Lilyp3892
Copy link

I'm trying to overwrite the contents (the string) of a chat message, but I'm not sure how to do it with the new chat verification system (1.19.1) I'm doing this in 1.19.2. My intended outcome is that if you send any message in chat it instead sends a predetermined string in chat possibly just reusing the same verification it generated for that message. If anyone could help me out here that would be great.
@MajliTech

This comment was marked as off-topic.

Sign in to view
@dries007
Copy link
Collaborator

You can't, that's the entire point of the chat verification system.

It makes it so it's impossible to change the chat messages from users without "leaving a mark". If you still want to change the text, you have to do it without the signature, and then clients will be able to tell.
I don't know how to do this, I presume just by sending a chat message packet without the signature at all.

IIRC You can't reply messages either, since it uses the previous message in the computation of it's signature. (see reply attack)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dries007 @MajliTech @Lilyp3892