Minecraft Beaten in 0:00.050 Using Log4j Exploit

I set the world name to be a Log4shell payload. Then, I remove focus from the Minecraft window so that it pauses immediately. When Minecraft pauses it saves the world. Here's where the exploit comes in. When Minecraft saves the world it logs it into the console. This will run my payload as a URL, download my L.class file, and then run the code inside with full access to Minecraft's internals.

This... made me realize just how utterly bananas Log4Shell is. I didn't start a proper cybersecurity education until 2022, and I hadn't known that it had a CVSS score of 10.

the classic CVE-2022-2325

How can i set this up?

XD thanks for the code.

sub .50 when?

u can actually beat the game in time like this without glitches/exploits etc.

Minecraft WR TAS any%

Siiiiiiiick :D

GG on the Speedrun World Record!

hmmmmmm its work on 1.8.9 version? or it fix also for 1.8.9?

Gg

Imagine having a computer so slow that after waiting for the loading terrain to finish, the dirt background starts scrolling and shows the credits lol.

legit speedrun

welp, games solved
ggs

I just finished hunter hunter and now I read neferupitou on your terminal 0_0 (she's one of my favorites when talking about character design)

beat that, dream

What VSCode theme and font do you use?

ez game

BIG CONGRATULATIONS BROTHER!!!!!!!!

HOLY SHIT
ABSOLUTE WORLD RECORD!!!!

I like how he managed to gather the ender perls

people who just joined be like

50ms is exactly one tick

Actually, speedruns only count as soon as you hit the first key once you load in. Since you've probably touched 0 keys on your keyboard, you beat minecraft instantly

log4j is actually my minecraft nick, wtf

speedrunning has devoled into hacking.... what an achievement bro

This thing? aHR0cHM6Ly93d3cuc3BlZWRydW4uY29tL2ZpbmRzZWVkP2g9QUNFLVNldF9TZWVkX0dsaXRjaGxlc3NfU3RydWN0dXJlcyZ4PWxfZ2RyMHA4a2QtemRubG1ycTI (base64 URI

submit it to speedrun

this is what speedrunner want

what even happened?

Tool name?

minecraft credits warp any%

this adventure was awesome,

Slowest femboy speedrun

Minecraft cheat developers discovering a god tier remote code execution exploit that affects like 90% of the fortune 100 companies only to use it to dox people on 2b2t:

shiiit i gotta bring this up in our hackspace and see which crazy one will get the best times lmao

Wait what

Nice!

cool

Xd Java issues

dream was quiet since this dropped

lmao

This is literally the closest thing to Arbitrary code exec a "modern" video game will ever have. Best use of the exploit i could have ever imagined too 😂

Wowww dreammm