How One Man Hacked Hypixel...
Рет қаралды 676,518
Күн бұрын
@RealCenti 2 ай бұрын
Here Before 25k! (Pls pin lol)
@myfatherwent1111 2 ай бұрын
Same
@melon64_ 2 ай бұрын
Here as well!
@Rechercher 2 ай бұрын
me tooo
@phase..33 2 ай бұрын
Hi centi (im already in ur Discord and im friends with u on discord)
@sadtrua 2 ай бұрын
Here before the children
@mckayshirou 2 ай бұрын
Interestingly i once saw this as an opportunity to bypass the "login lobbies" of semi-premium servers but at the time (aroun 2018) i wasn't savy enough to know how to breach those defenses, this was a very good documentary...
@niicespiice 2 ай бұрын
how do semi-premium servers work? i'm interested because i currently have a cracked server and it has security issues
@hashinemiretsien9920 2 ай бұрын
@@niicespiice Idk if it's these ones, but basically, through cracked clients you could just enter with a name you choose and then make a password if the name's not taken. If you were to be premium, logging in with your name if it's not already taken gives you the option to first make ur password and then "turn" your account into premium status, so once you log in you don't need to use ur password and such, usual premium login.
@Shizkeb 2 ай бұрын
@@niicespiice fed
@gobedits 2 ай бұрын
@@Shizkeb XD
@TheRroganShow 2 ай бұрын
@@niicespiice smei premium auto logs u in to the server without needing the /login command. if you have a premium mc account
@Jankoekepannekoek 2 ай бұрын
I can't believe Hypixel made themselves vulnerable to the exploit that normally only occurs on all the 10yo kids first bungee networks.
@adrian-pr4tn 2 ай бұрын
it's because they thought that a firewall is enough, an error on the backend caused for the firewall to reset
@silent4198 2 ай бұрын
@@adrian-pr4tn in this case it would be enough if it wasn't reset
@Timongcraft 2 ай бұрын
@@adrian-pr4tnThat's why you don't only have 1 layer
@adrian-pr4tn 2 ай бұрын
@@Timongcraft i'm just explaining
@enterprofilname9625 2 ай бұрын
@@Timongcraft If they have more than one, that would lead to more lag for the server (and you know they are already horrible)
@dalton191 2 ай бұрын
As a server owner, and developer for MC Mods/Plugins you did an amazing job explaining all of the systems talked about in this video! Great video for those who want to learn about the basics of Bungeecord security & networking works as well! I also loved the small jab at Eclipse LMAO 11:28
@_thomas 2 ай бұрын
intellij my beloved ❤️
@X5up0_ 2 ай бұрын
True I am a cyber security student and he explained the Asymmetric authentication part really really well
@Jwolf0 2 ай бұрын
Yeah I don’t know how anything works and this video honestly helped me understand how all this works, this also explains why once I got a warning by bungee cord and no one explained what the hell it was
@MUmer-g9t 2 ай бұрын
Yea i also known that why bungecord can only connect to different server
@mrdragonboi 2 ай бұрын
To be fair, its a good thing he disclosed said method which this guy could be considered a Grey hat hacker, since he didn't do it with permission, but seeing as he helped the admins and devs, well - he technically got away. I would prefer to use a White hat method, but obviously I would only use "burner" accounts (with permission) and tell the admins about such. This is part of cybersecurity, and can be known as other names, especially ethical hacking. Although some countries deem it as a grey area, it is what it is.
@andrewkvk1707 2 ай бұрын
He also stole discord accounts so I am thinking they only disclosed the exploit to reduce their punishment, more black hat with the hypixel instance itself being grey.
@xblxckxpxny1005 2 ай бұрын
@@mrdragonboi why are you trying your hardest to sound "cool" and "knowledgable". "gReY hAt" "wHiTe HaT aPpRoAcH" "eTHiCaL hAcKiNg"...? Cringe NPC go back to playing games and doing homework 💀 No one that honestly knows whats up talks like that 🤦♂️
@mrdragonboi 2 ай бұрын
@@andrewkvk1707 Yeah fair point
@MrMauio 2 ай бұрын
man just put the fries in the bag
@mrdragonboi 2 ай бұрын
@@MrMauio Alright then
@das_9677 2 ай бұрын
As someone with extensive experience in system administration and Spigot plugin development, I think that this was a nice explanation of the exploit. However, I have one correction to make: Velocity is NOT a fork of Bungeecord, but an independent project serving as an alternative to PaperMC's now discontinued "Waterfall" Bungeecord fork that aims for higher performance and security
@Kristibek 2 ай бұрын
I thought Velocity is the discontinued fork and Waterfall was the independent one made from scratch
@das_9677 2 ай бұрын
@@Kristibek Nope, it's the other way around. Velocity is more modern and the only proxy the PaperMC team is maintaining at the moment
@_thomas 2 ай бұрын
this is correct (kinda embarrassing since I was building plugins for both 4 years ago)
@ItzYotamGamingYT 2 ай бұрын
so basically, every once in a while, a genius comes and somehow hacks Hypixel. they found out they asked about it sometimes they tell, sometimes they don't and at the end they fix all and ban / wipe / punish the hackers. crazy stuff but bro has brains
@Zedacat 2 ай бұрын
this exploit existed since forever, hypixel was only so unlucky for one of their firewalls to die and allow connections
@DreadHalfling9 2 ай бұрын
@@ItzYotamGamingYT misconfigured ports/machines are very very common and its honestly amazing the internet still functions with how poor the security is on most systems
@ItzYotamGamingYT 2 ай бұрын
@@DreadHalfling9 well yes but my point is someone finds an exploit, abuses it and then tells it, it's a cycle
@DreadHalfling9 2 ай бұрын
@@ItzYotamGamingYT usually you have to look through logs to figure out what happened when its malicious as people dont really like to share that and make themselves public when theyre bad. But yea in cases like this and in good cases its awesome to have stuff directly from the hacker, glad you found cybersecurity interesting have a good day bro :]
@ItzYotamGamingYT 2 ай бұрын
@@DreadHalfling9 alright, and thanks you too 👍
@xfsdark 2 ай бұрын
How da hell im i subscribed I think you hacked me
@aathifshadow6549 2 ай бұрын
@@xfsdark bro is it me at the thumbnail
@xfsdark 2 ай бұрын
@@aathifshadow6549 hmm , don't copyright him then
@aathifshadow6549 2 ай бұрын
@@xfsdark I won't do it
@TheWin9User 2 ай бұрын
1:51 "Your latest 2 week Minecraft phase?" He knows us good xD
@computeroid6162 2 ай бұрын
@@TheWin9User Came here to say this too lmao, too accurate
@cor3po491 2 ай бұрын
WHY IS NOBODY TALKING ABOUT HOW ON THE MAP IN THE INTRO NZ IS JUST ROTATED UK 😭
@_thomas 2 ай бұрын
HAHAHAHA CONGRATULATIONS you are the first person to notice
@Ceelker 2 ай бұрын
@@_thomas Why is Africa gone?
@Agent_Mighty 2 ай бұрын
what happend to italy…
@teraba1696 2 ай бұрын
@@_thomasI noticed straight away and was confused, It's where I live aswell 😂😂
@Bilge-ko5qp 2 ай бұрын
I came to watch how one guy hacked Hypixel but learned the whole computer science, wtf! Amazing video dude, immediately liked and subbed!
@teraba1696 2 ай бұрын
@@Bilge-ko5qp I decided to watch it 3 times cause I didn't expect to learn it either! Gonna be saving it to keep my mind refreshed about it
@Bilge-ko5qp 2 ай бұрын
@@teraba1696 exactly, it's clean as water and teaches this topic very effectively, amazing!
@_raptor4070 2 күн бұрын
I did not expect to be reminded of my networking classes in a Minecraft video of all places. Very high quality production, keep it up!
@vaniemsky8571 11 күн бұрын
i work in IT, that guy explained async cryptography technology better than some teachers at my university.
@ookinbao 2 ай бұрын
Random comment but me and my friend are currently taking a Cyber Security class studying for the SC-900. Your explanation of the encryption system genuinely taught us better than our teacher. Hope to see more of this kind of content, maybe your explanations will help us pass the SC.
@TheWin9User 2 ай бұрын
8:28 A needle in a haystack in a field of haystacks.
@Clip_It1 2 ай бұрын
i LOVE how you explained this, its not even hard to understand with your visual examples
@PR3SVX 2 ай бұрын
i love how you so effortlessly explained asymmetric encryption in 3 minutes better than my computer science teacher did in an hour
@hito1988 Ай бұрын
im impressed, never saw this channel and having "minecraft/hypixel" and "hacked" in a video title doesnt sound promising (theres too many fake "i griefed server XY" or "i hacked server XY" on this plattform). but im really surprised, this is a really informative video and im glad i stumbled over it. thanks for taking your time to educate us 👍
@locipro9937 Ай бұрын
insane quality and attention to detail from an underrated channel
@Clazzette 2 ай бұрын
I've learned more Cybersecurity concepts in this video than my own college course back in the day. I love this video.
@dirtismyolduser 2 ай бұрын
amazing video- great balance of technical detail and accessibility to everyone. Keep up the great work!
@SilentTombMusic Ай бұрын
here before 25k! Great video bro!
@Cherrypizzasquad 2 ай бұрын
5:49 Ithlught that was gonna be a sponsorship lol
@_thomas 2 ай бұрын
man i WISH
@itomato8836 2 ай бұрын
@@_thomas try to actually dm the marketing representatives of certain companies that are close to the content you offer and offer them a sponsorship, this is a way to get recognized faster and it'll help you get sponsorships easier and have them as your clients.
@Lol-ke2pw 2 күн бұрын
Amazing video bro I love how you explain everything super well
@Laggy_boi_ 2 ай бұрын
Not gonna lie, this was such a good documentary. I'm surprised you only have 18.4k subs since your content is peak. Keep it up bro, earned another sub!
@Zilkenian_Davenport 2 ай бұрын
I like the way you explained all of this. I work with servers, and IPs, ports, proxies, firewalls and backend servers are something I deal with on a daily basis, but took me a long time to understand when I started. Would have loved to have your video back then.
@infinite_bed 2 ай бұрын
Very well done explanations! Just finished a proxy system for my server, and I had to learn everything you explained so will by myself. If only I had these videos a week earlier!
@_thomas 2 ай бұрын
@@infinite_bed damn! if only I had posted this video more than a week ago... 😔
@scalemerald 2 ай бұрын
first video i ever watched from you- i put this on for background noise and slight bit of entertainment as i ate a bowl of cereal, praying that you wouldnt be a super quiet content creator that my eating would drown out... just to find out that you are very much not quiet and do your own subtitles.. based as hell, im def coming back here again lmao
@CrownlessOcto Ай бұрын
You did a fantastic job at describing all the server security feature then some of my professors lol
@Tomakins 2 ай бұрын
It's wild that you kept my attention while describing how logins work
@deadshxll 2 ай бұрын
"Cybersecurity professionals need to win every time, attackers need to win only once."
@Levemoore 2 ай бұрын
This is a really good video, i love the editing
@DeIexo Ай бұрын
I learned more cybersecurity in this video then my actual class- IN 15 MINUTES.
@lmnk 2 ай бұрын
Great job explaining concepts of server scaning in simple terms!
@thatfridayfeeling5490 2 ай бұрын
moyang
@proook3606 2 ай бұрын
Yangmo
@terrariapro147 2 ай бұрын
agmnoy
@timeblade 2 ай бұрын
gnaymo
@Nitrogen_Dioxide 2 ай бұрын
Who unpinned this man.
@_thomas 2 ай бұрын
moyang!
@talksickcs 2 ай бұрын
Nice informative video on internet security and technology! Well done.
@moltenlavacore 3 күн бұрын
Incredibly well explained! Good stuff
@OURPR_ 2 ай бұрын
Crazy good explanations / editing in PERFECT pace 😍✨💅😮💨
@KyleEU 2 ай бұрын
Is there any way to watch the recording of the admin talking to them? Interested in doing a deeper dive of this with more of the technical details
@aniruddh576 2 ай бұрын
this is an incredible video man, editing and info wise, loving it! you just gained a new sub
@JJTurtle4ever 2 ай бұрын
Well, you've earned a sub! Made me a little more interested in hacks since my microsoft account just got hacked... good job on the explaination!
@redsox. 2 ай бұрын
Wow I remember the players with level 5,000+ and had no idea this is what took place. I’m pretty sure hypixel covered it up at the time, claiming they abused some bug
@goktughatipoglu436 Ай бұрын
Actually most of the times there are no decryption. Usually this token check works like encrypting the data you gave us and checking if they both have same hash script. Since we have the hash on our database, we can compare them and check if they match
@kemox 2 ай бұрын
Amazing representation for ports, i've always explained it to my friends as doors to a house but this was a nice well made video for sure. subbed.
@Jecket22 2 ай бұрын
Genuinely informative and overall well made video! It's honestly surprising that Hypixel didn't have (an equivalent of) BungeeGuard for their servers. learning something new behind big servers haha
@lucachinou 2 ай бұрын
Good vidéo ! Continue like this !
@jarikooper6325 Ай бұрын
As a IT student who learns about ethical hacking. This is actually extremely smart. People like this could become a pen tester and make big bank legally. It takes a lot of skill, experience and creativity to come up with stuff like this
@mbhv-ll9lq 2 ай бұрын
Great video, very good explanation of ports ( towns ).
@dantheturtle6412 2 ай бұрын
I love the way you explained things in the video, I actually understood something for once
@behasan7949 Ай бұрын
Bro the way you explain things is crazy good
@mrvenzen5719 2 ай бұрын
Very good vid, story telling and explaining. Enjoyed watching it through, keep it up!
@MrElectric6096 2 ай бұрын
ah yes, hack the subscribe button The subscribe button: javascript:void(0)
@rodricbr 2 ай бұрын
well, that's why port plus cidr scanning is so important loved the video, really well explained.
@NvroIshere 2 ай бұрын
That's crazy. As someone who has been doing server development and some pentesting myself over at least a decade now, I'm surprised as to how easy of an exploit went unnoticed for so long. I've actually done this before as a test on some smaller servers I worked on as well. Crazy dude. Edit: The fact that they were still using Legacy Bungeecord as well is insane.. but, it makes sense seeing that the server itself is really old and has thousands of players that still play today.
@Matthew-we3ir 2 ай бұрын
Very very Underrated Video, keep up the good work. Rn the video is at 52,288 view, and I wont be surprised if it hit 2-3 mill.
@UltraCenterHQ Ай бұрын
11:48 damn... all the evil hacker wanted was friends all along 😔
@TlMEL0RD 2 ай бұрын
15:04 Being a government hacker on you're goverment's side is a job.
@SentakuuGaming 2 ай бұрын
damn that was well made video insane man also i remember when servers were running 1.8 bungeecord so simple to get to the server bypass authme and grief them i remember i had friend who was very insane in this stuff we griefed one german server like it was fun got bored quickly since nobody was there well anyways keep posting more vids il watch them if its like hypixel history related ;D
@itz_Crih 2 ай бұрын
really good vid and nice explanation. as a java dev myself i have a lot of experience in this and yeah i can say most of the things this guy said is true. There were too many ads tho...
@McArmsVal 28 күн бұрын
this is possibly the most informational vids and it explains it so well
@Rohan.Reddy.Bandi. 2 ай бұрын
as someone tryna get into cybersecurity and also love minecraft, this was the best video i have ever seen
@TheElderReal 2 ай бұрын
In just 2 hours There is already someone who archived it In Way back machine This video Is really Great.
@DreadHalfling9 2 ай бұрын
Techy people like stuff like this and theyre usually the ones who use wayback :)
@TheElderReal 2 ай бұрын
@@DreadHalfling9 Yes sadly The video Is not Registered.
@gavinmorrow3328 Ай бұрын
As someone trying to get into cyber and tech these were great explanations of all the concepts involved I really loved the port scan metaphor in particular!
@NewRodin 2 ай бұрын
Really well explained. I'm pretty familiar with pentesting and how that stuff works (I work with it and daily drive BlackArch and Qubes) and I love how you ELI5'd it so well so people can understand easily. That hacker was an absolute legend, found the backdoor and responsibly just said what it was so they could patch it, and didn't abuse it for his monetary gains. That's how we do it. Thanks for making this video, it was definitely a good watch. Definitely subscribed!
@Cyber_Chriis 2 ай бұрын
The port explanation was amazing!
@Roach606 7 күн бұрын
I made the DougDoug Minecraft Server and we actually had a guy come in and do exactly this. Nice guy just told us to get Bungeeguard
@user-wb7ot7kt3x 2 ай бұрын
The fact that you have to install a seperate plugin so the backend servers can validate the authenticity of the bungeecord server is insane. Like the whole authentication is handled by bungeecord. Applications like this should be secure by default.
@pontusnyfelt8096 Ай бұрын
this is how must stuff work when it comes to securyty that there exist a flaw until someone find that flaw and then that flaw is patch and thats how the securyty gets greater and greater
@spookyispoggg Ай бұрын
this is giving bill wurtz vibes hahaha keep it up
@snn183 2 ай бұрын
Good video, love the networking lessons
@moondescended 2 ай бұрын
i like the way u explained things, awesome video 10/10 will subscribe
@johennes09 2 ай бұрын
„it wont work with your friends server“ my ass who has a bungeecord server😂
@Dybannn 2 ай бұрын
i actually love this editing style so fucking much
@Nevvulo 2 ай бұрын
Awesome video, love your explanations and editing :)
@curcodes 2 ай бұрын
What a great video, I'm a tech teacher and the explanations were so good on this for me!
@xanderreade 2 ай бұрын
There was a 50% chance clicking on the video that it was going to be about you 🤣
@kuba4ful 2 ай бұрын
If you ever get bored of Minecraft videos, please make white hat hacking/computer science explanation videos. I already knew most of the stuff here, but I was surprised at how well it was explained here. I'd love to have such videos back when I was studying this.
@desleyv9999 2 ай бұрын
Hacked the subscribe button just for you. Interesting video, thanks for putting in all the effort to bring it to us!
@x4dam 2 ай бұрын
Bro is so underrated. I learnt more from this than in computing class.
@nathantraverso2713 2 ай бұрын
Really didn’t think I’d see Thomas on my fyp haven’t seen anything since tfm
@NolusWithUs 2 ай бұрын
1:14 wow tysm for this free cats clip
@bigrice303 2 ай бұрын
That hacker totally deserved keeping the creative mind 🤣
@luckycatzinho 2 ай бұрын
"security is not a process, it's a state until you got pwned"
@bill.zhanxg 2 ай бұрын
You explained all concepts very well!
@CCakeYummy 2 ай бұрын
Love your style of videos. ❤
@outmc 2 ай бұрын
Goated video
@Miiiasm Ай бұрын
It’s not the first time that Bungeecoord is involved with security flaws on authentication, there were quite few similiar exploits in the past and yet seems nobody even in Hypixel learned their lesson
@SuperNuketown2025 Ай бұрын
As per US laws, this almost certainly wouldn’t constitute hacking, because the “hacker” in this case never entered any kind of password or secret, and didn’t abuse known a software bug to bypass such authentication. Misconfiguring a server and giving someone access because you didn’t properly authenticate them is, in fact, not a violation of the computer fraud and abuse act.
@monstersponge9096 2 ай бұрын
Hypixel having a max player count of 50k with an average of 30k people being on at any given time is really crazy to me. I started playing hypixel in 2015 and haven't been on since 2020. I was online when they hit the maximum connected players (555k at the time) record & sent out a server announcement through chat to thank everyone for playing. Very surprised that the new generation doesn't have much interest in playing multiplayer servers anymore.
@TheBladeE 2 ай бұрын
Why ur so professional bro wow this is next level bro 👏🏻
@Doom_YXZ 2 күн бұрын
Bungee itself has got a lot of security issues from the start. Just remember how easy was to hack any 3rd party server via bungee exploit that was mostly in every cheat client. That's why I prefer to play on local/private servers or create my own for my friends.
@beatiok Ай бұрын
it's crazy how ONE MAN hacked hypixel man.. not an alien or a god, just one man. 👽
@hi12167pies 2 ай бұрын
i remember doing this same exploit on some smaller servers, i didn't think hypixel would have ever had this issue considering how large they are.
@LeanPicachu 2 ай бұрын
taught me about asymmetric encryption better than my cybersecurity class 💀
@epicstar86 2 ай бұрын
peak content, you're so underrated
@jc008titan 2 ай бұрын
why can't teachers explain tokens that well?? you are the best teacher of those things!
@iasontzortzis9472 Ай бұрын
Great job explaining all the terminologies !!!
@Conford 2 ай бұрын
goated video , glad to be 100th comment :)
@luminescentlion 2 ай бұрын
Public Private Key encryption does not work backwards. The server just makes it own private key and sends clients the public key, so they both have each other's public key. ultimately meaning that when you encrypt something with the public key only the designated receiver(Whoever has the private key that matches the public key) can recieve it.
@_thomas 2 ай бұрын
It does, in fact, work backwards. RSA is a trapdoor permutation, works both ways!Typically you would only sign and decrypt with the private key, though, since it's not very good encryption if anyone with your public key can decrypt! The client never generates a keypair. The server never has the client's public key as: 1. the client doesn't have one and 2. it doesn't need it. The server's public key is used to encrypt the shared secret. The client generated the shared secret internally, so it doesn't need to receive any encrypted information. They then use that to talk with AES - symmetrical encryption. Read more about Minecraft's implementation here: wiki.vg/Protocol_Encryption
@fruitepic9260 2 ай бұрын
that's probably the best metaphor for what a proxy is, cheers
Devil Lilith
Рет қаралды 67 МЛН
Jason Derulo
Рет қаралды 14 МЛН