Invalidating the Log4Shell allegations on my ban.

    • New
    • Official Post

    I'll once again state, you attempted (unsuccessfully) to exploit Log4J on the network. Everything beyond that is ultimately irrelevant, just because we had patched it / put things in place to stop it, doesn't mean you didn't attempt it.


    Ignoring all of that even if I did invalidate the log4j bit and review your ban, the duration would likely get extended due to the number of offences you committed compared to others (As I said, being the 2nd largest offender)

    Yes but as a whole by the time I have attempted this the entire CVE was well-patched in the Log4J library officially, the resource name "get_balls" had no intents of ever reaching a destination in the first place unless I specified a domain name extension or it internally routed to somewhere, There's nothing written in the Log4J library routes it to anywhere else other than what's specified (does not append .com or anything of the sort) and it needs to be a functional LDAP server which was not plausible in my case, why should this specifically on it's own be considered a primary reason of extension onto the duration? I intended this to be a simple joke alongside with the other fake addresses such as the "|||||||||||||||||||" one and I wasn't even directly intending for it to cause stuff to occur on any part of the network, Log4J never intended for LDAP to be accessible in any string and Join Addresses aren't even parsed using Log4J per code investigation on my end. Nothing would have happened in a scenario where I was to log in and the network was vulnerable since it would need to be logged via Log4J, it's simply illogical to have join addresses being logged to a log other than for debug purposes but debug code generally gets removed/disabled in releases of any software so nothing should've had a reason to pass it to Log4J. I personally considered it to be harmless as at that point in the time it was patched to be not accessible whatsoever.

    All you've done is confirm what I said in the reply you quoted me on, you ATTEMPTED the exploit. That's all that matters here, because the reality is you couldn't have known with 100% confidence is it was vulnerable or not. Your ban was extended because you attempted to execute an exploit against the server, the fact that we had put a number of mitigations in place to ensure we weren't at risk (Because your understanding that this couldn't have been an issue is incorrect) was not well known before the threads relating to your appeal and the bottom line is you did attempt to execute an exploit against the server, even if it was unsuccessful.

  • A patched CVE loses its status as a critical vulnerability/exploit, attempts don't even matter after the official patch of the software, I thought I also said that I intended it to be a joke and not an attempt? I did this because of how funny and ridiculous Log4J was and I wanted to make a joke reference about it, not to directly target the server.


    Yi-Long Ma approves of this message.

  • I don't get why I should still be persecuted for this. It's not an exploit anymore and it would not have affected anything at that time, I am denying that I intentionally attempted this, let me repeat again, I intended for it to be a joke not an attempt, I am not your average naive person who would try something to cause disrupt and I knew how patched it was regardless of the patch statuses on the network itself. Point is that most of the stuff TotalFreedom uses come from third parties (Paper/Scissors fork of paper so falls under same umbrella) and plugins, mainly if Paper patched it it'd have been fixed on all plugins which if they used Log4J separately would've patched it themselves nearly instantaneous when it publicly surfaced and made headlines. Any person running a server would also follow suit if appropriate but newer Java versions did not feel the brute of the CVE as it was mostly targeted at older versions, the patches in December only fixed the remaining issues. Nothing would have been affected regardless since it was quite clear that it had been all fixed on everything back in December and I have never ONCE abused an actual CVE to ever to harm a service or do anything with it regardless, I only manipulate CVEs locally on test machines (VMs and other stuff like that), not on Minecraft servers, not on public services, not outside my local network. It's simply not my thing and I have never broken any rules technically speaking.


    Yi-Long Ma approves of this message.

  • i think it's stupid how your ban was so long considering you're perfectly knowledgeable in knowing the exploit meaning you know how it works and yet you still didn't commit a harmful use of the exploit, and merely a harmless one. i think you're a trustworthy player compared to many others and might be the most trustworthy on this list of offenders ryan keeps mentioning. i'm sure you could have done something but the point is you didn't and you made a joke with the exploit versus others who have done worse. it's unfair wild1145 calls you our second biggest offender when there exists many who would've actually harmfully used the exploit including many other offenders and we've had worse people attack the network. the point is you're knowledgeable and you didn't use your knowledge to cause any actual harm.

  • We're going off topic.


    This thread is about the 4 months ban for the LDAP balls joke, not the 2 months one for manipulating hostnames.

    TotalFreedom's Executive Community & Marketing Manager

    • New
    • Official Post

    We're going off topic.


    This thread is about the 4 months ban for the LDAP balls joke, not the 2 months one for manipulating hostnames.

    The bottom line is it was an attempted exploit as far as I see it. The argument that it's a joke just doesn't fly as far as I'm concerned. If the ask is that I assume it is a joke and re review the ban with that in mind I can but as I said it's likely to lead to an extended ban because at the time this was issued I hadn't realised Eva had abused the original issue so heavily as if I had they'd have already been banned like Ginlang was...

  • I retract this statement for recent turns of events

    I'll make an update thread


    Yi-Long Ma approves of this message.

    Edited 2 times, last by eva ().

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!