Detect and fight the exploitation of various flaws/bugs in Minecraft!
Introduction
NoCheatPlus is an unofficial fork of the famous anti-cheat plugin NoCheat created by Evenprime. NoCheatPlus attempts to enforce "vanilla Minecraft" mechanics, as well as preventing players from abusing weaknesses in Minecraft or its protocol, making your server safer. Organized in different sections, various checks are performed to test players doing, covering a wide range including flying and speeding, fighting hacks, fast block breaking and nukers, inventory hacks, chat spam and other types of malicious behaviour. For a more complete list have a look at the Features Page.
NoCheatPlus still puts emphasis on configurability and allows you to alter all actions that are carried out when a player fails a check, according to your needs. So you can just have players actions be silently cancelled, log their actions to in-game chat or files, or let arbitrary commands be executed, all possible to be differentiated by the level of violation. Many aspects can be configured on a per world basis as well, there are plenty of bypass permissions for individual checks and you can also alter other aspects such as allowed speeds for walking, sprinting, flying, and more!
Certainly NoCheatPlus is not a magical bullet, it uses a lot of heuristics and even guessing mixed with exact analysis as well as rather statistical judgement methods, so you will encounter false positives here and there and also not catch every single violation. One of the strengths of NoCheatPlus is the configurability, if your server happens to get many false positives you can apart from filing a support request also lessen the punishments by configuration or even deactivate the check if you want to allow players doing something.
Protective plugins also have to take part in the classical cat and mice play, expect hack clients to update now and then, forcing protection plugins to also update, if you find any flaws or uncovered hacks, you can help us improving the plugin by telling us!
Video
Downloads and more
- Download officially approved versions on the Files page at BukkitDev.
- Development builds have been moved over to the Jenkins at EcoCityCraft.
- Do not download from any other source, do not use jars other people send you.
- Changes by build number can be examined in the Jenkins changes list.
- All commits can be seen in the GitHub commit history.
- Developers might have a look at the page describing the API of NoCheatPlus.
- Plugin statistics are reported to mcstats.org.
Support
Consider first: Frequently asked Questions and Known Issues.
Quick questions can be asked on this page, for real issues or feature requests please create a new ticket or add to an existing ticket.
To send information that is not to be seen by all, you can also reach us by PM to @asofold and @MyPictures.
Please state versions of NoCheatPlus, CraftBukkit, and if used cncp, otherwise we have to ask back.
Please do not contact the user 'NoCheatPlus', it is for administrative purposes only and will likely not be answered in time. Keep to BukkitDev and GitHub for support, do not trust users on other forums or websites, also not if their nick names are the same as NCP staff on BukkitDev.
Recommended
The following plugins might be useful to have a look at.
CompatNoCheatPlus
You have plugins like mcMMO, Citizens, MagicSpells or MachinaCraft? NoCheatPlus would prevent skill use or NPCs actions on basis of what is allowed on vanilla Minecraft only, so to make it compatible with other plugins CompatNoCheatPlus provides a platform to do so. Not all possible plugins are covered (yet), but you can leave a note or ticket request there stating the plugin in question and what actions fail and which checks alert, maybe something can be done about it soon!
Orebfuscator
Orebfuscator fights all sorts of X-ray-hacks by altering the map information that is sent to the players, such that they have to mine blocks to actually reveal what is behind. Orebfuscator also can hide chests out of visible range. It is not exactly light weight but can be configured to use less resources, it is certainly a "must look at".
Sponsors
Donators: Thanks to all donators out there that support us!
RockServer: Big thanks for giving us a vServer where we can host our Jenkins, DevelopmentServer and websites on!
Facts
- Date created
- Apr 02, 2012
- Categories
- Last update
- Jun 16, 2013
- Development stage
- Release
- License
- GNU General Public License version 3 (GPLv3)
- Curse link
- NoCheatPlus
- Downloads
- 613,472
- Recent files
- R: NoCheatPlus 3.9.3-RC-b539 for 1.5.2 Jun 16, 2013
- R: NoCheatPlus 3.9.2-RC-b520 for 1.5.2 May 23, 2013
- R: NoCheatPlus 3.9.1-RC2-b510 for 1.5.2 May 05, 2013
- R: NoCheatPlus 3.9.0-RC-b488 for 1.5.1 Mar 21, 2013
- R: NoCheatPlus 3.8.12-RC2-b472 for 1.5.0 Mar 14, 2013
Authors
-
- Manager
-
- Author
-
- Tester
-
- Tester
- Ticket Manager
-
- Maintainer
-
- Former author
-
- Former author
-
- Former author
- Reply
- #4993
NemesisMate May 08, 2013 at 20:50 UTC - 0 likes@server075: Go
No, I'm not a cheater (I had never understood how players like to cheat, is boring and it breaks the game at all) but I like to think on all cheats that could be because to do something well you have to think bad :D.
<<size 0px>>BFAK:90729344,74aacaca3d3856b1170228fb862ea99d22ea47e64a937482acb9099c0076dc6f<</size>>
- Reply
- #4992
NemesisMate May 08, 2013 at 20:06 UTC - 0 likes@MyPictures: Go
Thanks for your help, it doesn't seem to be Jobs fault because of it doesn't use LoginEvents and it always happens after one.
I'll try on bukkit forum.
Oh, thread removed because of: "We do not support offline (cracked) servers."
That's really disappointing.
- Reply
- #4991
ShadowKillerx May 08, 2013 at 19:40 UTC - 0 likesToday i saw someone with working flyhack on my server.
I have NoCheatPlus 3.9.1-RC2-b510 for 1.5.2
IP: mc.xpirationcraft.pl
- Reply
- #4990
LordKainzo May 08, 2013 at 18:57 UTC - 0 likesAny luck with the movement/velocity stuff for Jump skill?
VOTE | JOIN | Donate | Anti-DDOS
- Reply
- #4989
MyPictures May 08, 2013 at 16:27 UTC - 0 likes@asofold: Go
Do you mean the KeepAlive sniffer by that? I guess its also possible to avoid damage with other methods but not 100% sure.
BFAK:MyPictures,68804,4095b7e13e1842a5c6922a5b3a9094d1f7dbb5f4e7e36f133280ab58fa2882b0
- Reply
- #4988
asofold May 08, 2013 at 14:48 UTC - 0 likes@kukelekuuk00: Go
That is because they do nothing. If they interacted with anything (attack, blocks. ..) they would become vulnerable soon due to the godmode check. So the use for actual cheaters is very limited (can't move, attack etc.).
I could make it so that chat and command times also get checked for guessing activity, but they could just sit there and not even chat. To really make them vulnerable we would have to access obc/nms internals, it is prepared but not yet implemented.
BFAK:asofold,90573112,4305cd44b773216e4e4b4865b3831dcc3c507c15087fb5cfeebd9392050724fc
NoCheatPlus
Latest Release (approved): NoCheatPlus 3.9.3-RC-b539
(Development builds: Jenkins)
- Reply
- #4987
kukelekuuk00 May 08, 2013 at 13:38 UTC - 0 likesPeople using minechat (stupid/broken iOS app for chatting on MC) are able to completely ignore damage being dealt to them, they don't take damage and the server doesn't apply damage either, they're simply in godmode.
While this means that MineChat is broken, this also means there's an exploit that allows for people to completely ignore damage, this would be bad in the hands of hackers. I request this to be fixed ASAP, seeing as this is a rather serious bug for any pvp server.
using build 510
My plugins: AntiFarm and EssentialsPayLogger
- Reply
- #4986
asofold May 08, 2013 at 12:44 UTC - 0 likes@jack588: Go
No problem it seems all very clear. It seems the time to investigate if the player is using a client - it can also happen if he is using a cheat client in deactivated state, because some clients are in fact not using all-vanilla behavior even if deactivated.
So two things next:
- Reply
- #4985
jack588 May 08, 2013 at 11:30 UTC - 0 likes@asofold: Go
currently its happen only player with the same IP (2 account). this happen everytime he's mining and digging, sometimes his VL is upto 5000. btw i removed the cmd to kick the player, but now the log is flooding my chat @.@
sorry if i spelled wrongly and you dont understand, english is not my native language
- Reply
- #4984
asofold May 08, 2013 at 09:53 UTC - 0 likes@jack588: Go
Only to random players that are lagging or to certain players?
From my logs i only see very few interact-speed violations and those are from one distinct player plus few players that probably only joined once shortly, all in all very seldom. We do use mcMMO and it should happen much more if it was a bug, though there can be bugs that only happen under certain circumstances.
It is really hard to trigger interact/speed, because it allows much more than block breaking, so either the player had a connection-delay or extreme client side lag, or it is a special client in use that (be it cheating attempts or not) sends more/other events.
How often does it happen (how many players online in average, how many times per day)?