New crash exploit in Minecraft MojangsonParser
New exploit! A lot of servers are put down with the help of the client, if you encounter such errors - then you are put down by this method. In this article, we will tell you how to fix the crash.

This only works with vanilla commands: msg, minecraft:msg, tell, minecraft:tell, tm, teammsg, minecraft:teammsg, minecraft:w, minecraft:me
If you have a crash folder on your server with a crashlog where everything is flooded with MojangsonParser, then you were put down by this method.
at net.minecraft.server.v1_16_R3.MojangsonParser.g(SourceFile:176) ~[patched_1.16.5.jar:git-Paper-788]
at net.minecraft.server.v1_16_R3.MojangsonParser.e(SourceFile:143) ~[patched_1.16.5.jar:git-Paper-788]
at net.minecraft.server.v1_16_R3.MojangsonParser.d(SourceFile:132) ~[patched_1.16.5.jar:git-Paper-788]
at net.minecraft.server.v1_16_R3.MojangsonParser.g(SourceFile:189) ~[patched_1.16.5.jar:git-Paper-788]
Udp: the western LiquidBounce client has found the way
Ways to solve a problem
We will tell you about three ways of solving the problem, and you can decide which way is best for your project. Some of them are paid and some are free.
1. It is recommended to set such settings in LPX plugin, if you have it.

a:
enabled: true
punish: true
max-vl: 3
min-vl: 1
punish-commands:
- 'lpx kick %player% &cPossible server crash attempt. Did an error occur? Let us know:'
options:
starts:
- "/to "
- "//to"
- "minecraft:msg"
- "minecraft:advancement"
- "minecraft:attribute"
- "minecraft:ban"
- "minecraft:ban-ip"
- "minecraft:banlist"
- "minecraft:bossbar"
- "minecraft:clear"
- "minecraft:clone"
- "minecraft:data"
- "minecraft:datapack"
- "minecraft:debug"
- "minecraft:defaultgamemode"
- "minecraft:deop"
- "minecraft:difficulty"
- "minecraft:effect"
- "minecraft:enchant"
- "minecraft:execute"
- "minecraft:experience"
- "minecraft:fill"
- "minecraft:forceload"
- "minecraft:function"
- "minecraft:gamemode"
- "minecraft:give"
- "minecraft:help"
- "minecraft:kick"
- "minecraft:kill"
- "minecraft:list"
- "minecraft:loot"
- "minecraft:locate"
- "minecraft:locatebiome"
- "minecraft:message"
- "minecraft:me"
- "minecraft:op"
- "minecraft:pardon"
- "minecraft:pardon-ip"
- "minecraft:particle"
- "minecraft:playsound"
- "minecraft:recipe"
- "minecraft:reload"
- "minecraft:replaceitem"
- "minecraft:say"
- "minecraft:schedule"
- "minecraft:scoreboard"
- "minecraft:seed"
- "minecraft:setblock"
- "minecraft:setidletimeout"
- "minecraft:setworldspawn"
- "minecraft:spawnpoint"
- "minecraft:spectate"
- "minecraft:spreadplayers"
- "minecraft:stop"
- "minecraft:stopsound"
- "minecraft:summon"
- "minecraft:tag"
- "minecraft:team"
- "minecraft:teammsg"
- "minecraft:tell"
- "minecraft:tellraw"
- "minecraft:teleport"
- "minecraft:time"
- "minecraft:tp"
- "minecraft:trigger"
- "minecraft:weather"
- "minecraft:whitelist"
- "minecraft:worldborder"
- "minecraft:w"
- "minecraft:xp"
- "minecraft:title"
- "minecraft:tm"
contains:
- "while"
- "targetoffset"
- "for("
- "^(."
- "*."
- "@a"
- "@e"
- "@p"
- "@s"
- "@r"
Configure author Dark Mark
2. Install the AnarchyExploitFixes plugin 2.6.6 or higher
For versions 1.13-1.16.5 etc.
For new versions 1.19,1.20,1.21
Plugin authors: moo, xGinko
3. Download BigTeamCompletionFix plugin
This plugin fixes a vulnerability and has no extra fixes. It requires ProtocolLib to work
Authors: BigTeam
Additional tips
It is also recommended to do this action:
Deny players access to minecraft.command.* commands [even if they are blocked, you can still be put down]

More useful information can be found here: EnotTeam - Minecraft Servers Creation
авторизуйтесь прежде чем оставлять комментарии