Utilising private messages also gives us the ability to remove messages. With just the chat chain, how do they know if you actually received a message, or if it was a private message that you couldn't see? Every message you can see on your client will appear to Mojang as if it was sent in public chat. Mojang, however, forgot the one thing that got them in this mess in the first place, you can't trust the client. In order to keep the chain consistent for every player, Mojang added a new packet that sends only the signature of a message for any message a player cannot see. The workaround Gaslight uses is private messages. You can't remove messages anymore, because the last seen field would show messages that no longer exist, and you can't add messages because it would invalidate the signatures of messages surrounding it as it would not be included in the last seen field. Mojang's fix was to add a chat chain system, this is beyond the scope of a youtube/github description, but you can read in depth about it here, but the important part is that it stops you adding messages after the fact. ![]() Not long before their announcement banning all blockchain technologies from the game, Mojang themselves added a blockchain to the chat system, this clusterfuck of a system had us stumped, not because it fixed Gaslight, but because it doesn't make any sense. Gildfesh: of course! (working as of 1.19.2)ฤก.19.1-pre4/5 was a patch to the initial version of Gaslight. ![]() Which example is legitimate, which is from Gaslight? We will attach any correct cryptographic proof to the top of this readme, and probably look like idiots. We have included 3 example reports, containing all data sent to Mojang (although we redacted the server ip), at least one of them is legitimate, and at least one is produced via Gaslight. Mojang recently tweeted implying that Gaslight is detectable, while it is (currently) detectable in some cases, it is not detectable in all cases, and if you know what you are doing, generating indistinguishable reports is more than doable. sendnormal - sends a direct message that looks like a public chat message.sendhidden - sends a signed chat message to a specified user, and immediately removes it from the clients screen, however the message is still in last seen.sendsystem - sends a chat message as a system message without signing it.There are three commands added by Gaslight: These attacks can still be done on a server that isn't pretending to use system messages, you only lose the ability to send messages completely detached from the chain. This leads to a much simpler chat log than client side Gaslight, simply "are you breaking mojang's tos?" "of course!". By sending a message, then immediately sending the delete chat message packet, you can have a client acknowledge a chat message that the user never saw, and because the server is using system messages, the user cannot tell when messages are forged. ![]() The attack in the video shows a server that appears to be disabling chat reports via system messages, however clients will still sign chat messages. If you install Gaslight on a server, there are new ways to manipulate context. ![]() The new system has a similar flaw to the last attempt in that messages can be removed as long as theres no messages from you that acknowledge them, and from the point of view of a silent reporter, this means every message can be deleted (although it might look weird if 20 people have seen a message you haven't). As of 1.19.3, last seen is a list of 20 signatures, which is the only source for context, this means you can't add messages by implying they've been seen. Previously, context gathering was done by walking the merkle tree formed by the last seens, this allowed adding messages because it would if alice saw a message from bob, and bob has seen a private message from himself to charlie, it would imply that alice has seen that private message. 1.19.3 rewrote chat again, this time the security of the system hinges almost entirely on last seen.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |