The security research team has reported a server penetration in Minecraft, allowing player locations to be predicted on the map successfully. This vulnerability affects specifically the 2b2t server, which is popular and features a massive map size of up to 3.6 quadrillion blocks. Knowing the positions of other players has significant implications, as developers mistakenly used the insecure java.util.Random system, which also takes player positions as input for randomness. When malicious individuals see enough dropped item locations on the map, they can eventually deduce the internal state of the random generator and predict the positions of other players.
This exploit impacts Minecraft versions from 1.8 Beta to 1.12.2.
Source: Github – spawnmason/randar-explanation
TLDR: A vulnerability in Minecraft servers allowed player locations to be predicted, impacting popular servers like 2b2t due to insecure random value generation based on player positions.
Leave a Comment