An Important Realization About Minecraft’s Upcoming Chat Censor
For those that were unaware, Microsoft is looking to implement chat censoring into Minecraft, essentially trying to take control over moderation that should be in the hands of the server owners. In talking with a friend of mine, I learned that their approach was more rushed than I thought. We know that the censor gets applied to offline play as well for some reason, and that it banned the word “night” for containing the string “nig” But the reason why is what’s interesting here:
The way Microsoft implemented their blocklist was by storing it entirely on the client side as an unencrypted json file. That’s why it affects offline play: their implementation was rushed, which resulted in offline censorship and some faulty Regular Expressions (which is why the word “night” gets flagged for containing the string “nig”). This means that — in its current implementation — you could just overwrite the blacklist file to evade the censor.
Given that it is likely Microsoft doing this for some reason (pressure from parents, make the game more marketable, etc.) it is likely that their primary concern was their bottom line, which means that there are likely NO HUMANS moderating the bans.
Now, Here comes the fun part:
Their implementation was so rushed that there could be a security vulnerability somewhere, possibly even one that could allow remote code execution or SQL injection.
All someone would have to do is modify the blacklist to make it check for a string containing the right escape characters (those would depend on the architecture of the servers and what language is being used to parse everything) and a payload (wether that be an SQL query, some script, or a base64 encoded version of DOOM) then just… play online and say something that contains the string. That report will get flagged (because you told it to flag that string) and sent off to some moderation server. It will interpret the string not as a text string, but as CODE, thus executing the payload on the target machine.
Now a disclaimer: I have very little way to verify that this is possible. It may be the case that there are filters on Microsoft’s end that sanitize the inputs, or they might grow their brains past the spinal column and make an actual implementation, or any number of factors that I didn’t consider.
But I figure that every additional person that knows that this vulnerability could exist, is one more person that could be the one to make Microsoft come to regret making a chat censor in the first place.
My first thought upon discovering that this may be possible was to cause harmless chaos. However, not everyone will be so nice. This vulnerability —if it is indeed present and able to be utilized — could be very dangerous.
It could allow an attacker to access the databases on Microsoft’s servers, giving them access to troves of private data.
It could be used to steal sensitive records, passwords, and accounts.
It could allow bad actors to hijack the authentication servers, shutting down multiplayer for EVERYONE.
So for legal reasons, I do not suggest that you hack Microsoft unless you know what you are doing, both in terms of security (preserving anonymity) and/or legality (getting their permission to do some penetration testing).
But It’s not like I can stop you. I’m just saying this to make sure I don’t get held liable. I can’t fight if I’m locked up. And neither can you. So be careful.
