Blog

How to Make a List of Nearly Every Minecraft Player

I’ve recently been engaging in some tomfoolery to acquire a list of 51 million Minecraft: Java Edition player UUIDs (out of ~61 million total existing UUIDs). This blog post will explain exactly what I did to make this list.

Abusing the Mojang API with IPv6

Mojang has an internal API (documented by the community at wiki.vg) which the game uses to convert player usernames to UUIDs and to obtain information about player UUIDs. Mojang also allows anyone to use the API for their own purposes, but with ratelimits (about 10 requests per IP per second)....

Making a metasearch engine

In 2020, tired of every search engine seemingly having suboptimal results and missing the instant answers I wanted, I decided to make a search engine for myself. I knew making a general-purpose web search engine from scratch by myself was infeasible, so instead I opted to make a meta-search engine, which aggregates results from other web search engines. First I tried forking Searx, but it was slow and the old Python codebase was annoying to work with....

Why did "matscan" join my Minecraft server? (FAQ)

matscan is a Minecraft bot that joins potentially vulnerable Minecraft servers and sends a message in chat to inform the admins.

How should I secure my server?

It should’ve told you in its long chat message but some servers might cut it off:

This website now supports Gemini

Gemini is a protocol similar to HTTP, in that it’s used for transmitting (mostly) text in (usually) a markup language. However, one of the primary goals of Gemini is simplicity. Requests are always a single TLS/TCP connection with the route, and a correct response looks like 20 text/gemini\n\rhello world\n. Additionally, Gemini uses a language called “Gemtext” as its markup language. It’s kind of like Markdown, but even simpler. Every line can only contain a single type of data, so for example you can’t have links in the middle of text. Read the Gemini spec if you’re interested.

Translating HTML to Gemtext

...

Minecraft Server Scanning Inc

For several years I’ve occasionally logged onto Shodan and searched for Minecraft servers. I just join, look around, and maybe leave a sign for the server owner. I’d also occasionally heard stories about people making their own Minecraft server scanners.

A while ago, on April 1st 2022, cybersecurity YouTuber LiveOverflow uploaded a video titled “I Spent 100 Days Hacking Minecraft”. Despite being uploaded on April Fools’, the video and series t...

matdoes.dev markdown

This post is outdated, I rewrote my website to use mdsvex.

A couple years ago when I was creating the matdoes.dev blog I wrote a somewhat powerful markdown system with Regex to allow me to more easily write blog posts. Although I’ve barely written any posts, I’m still proud of it. Also this post is mostly just reference for myself, lol. I present: matdown™

Relative anchor: [matdoesdev](/blog) matdoesdev

External anchor: [matdoesdev](https://matdoes.dev) ...

The Story of ReportScammers

I wrote this story on the Hypixel Forums a while ago, but I realized it would be a good idea if I posted it on my blog too.

Intro

ReportScammers was a robot on the Hypixel SkyBlock Forums that automatically replied to posts where people were complaining that they got scammed. It all started on April 27th, 2020. I was bored and wanted to make a Hypixel Forums bot. At first, I wasn’t sure what I wanted it to do. Then I thought, “what’s a task that humans do often that could be easily automated?”: complaining about people getting s...

Uncovering the Discord Twitch Bots

So a few days ago my friend Slip got a DM on Discord from this “Twitch” bot asking him to invite it to my servers as well as to join theirs. The message the bot said claimed that Discord and Twitch had partnered up to give its users free Nitro Games and free Twitch Prime.

It obviously looked fake, so Slip created a testing server and added me and some friends to help. Upon joining, the fake Twitch bot DMed everyone in the server with the same message as it sent to Slip. It looked like some sort of social engineering worm, but it hadn’t done anything bad yet, so we revoked the bot’s perms and left it in the server.

...

What Are Domain Hacks?

A domain hack is a domain in which both the top level domain (TLD) and the second level domain (SLD) are combined to make up a word or phrase. For example, matdoes.dev is a domain hack for mat does dev. Domain hacks are not security-related and they are completely legal.

Most domain hacks use country code top level domains (ccTLDs), for example, .it is for italy, .am is for Armenia, etc. Some companies even purchase their own custom TLDs from the Internet Assigned Numb...

Who is mat?

Welcome to mat does dev. You might have some questions, so I’m here to answer them.

Who is mat? I am mat. I am a human that lives somewhere on a planet called Earth, you might’ve heard of it.

What do you do? I do dev. To clarify, I mean dev as in software development.

Why do you write your name in lowercase?...