Blog

How to Make a List of Nearly Every Minecraft Player

I’ve recently been engaging in some tomfoolery to acquire a list of 51 million Minecraft: Java Edition player UUIDs (out of ~61 million total existing UUIDs). This blog post will explain exactly what I did to make this list.

Abusing the Mojang API with IPv6

Mojang has an internal API (documented by the community at wiki.vg) which the game uses to convert player usernames to UUIDs and to obtain information about player UUIDs. Mojang also allows anyone to use the API for their own purposes, but with ratelimits (about 10 requests per IP per second)....

Why did "matscan" join my Minecraft server? (FAQ)

matscan is a Minecraft bot that joins potentially vulnerable Minecraft servers and sends a message in chat to inform the admins.

How should I secure my server?

It should’ve told you in its long chat message but some servers might cut it off:

This website now supports Gemini

Gemini is a protocol similar to HTTP, in that it’s used for transmitting (mostly) text in (usually) a markup language. However, one of the primary goals of Gemini is simplicity. Requests are always a single TLS/TCP connection with the route, and a correct response looks like 20 text/gemini\n\rhello world\n. Additionally, Gemini uses a language called “Gemtext” as its markup language. It’s kind of like Markdown, but even simpler. Every line can only contain a single type of data, so for example you can’t have links in the middle of text. Read the Gemini spec if you’re interested.

Translating HTML to Gemtext

Anyways, so I decided to make my website support...

Minecraft Server Scanning Inc

For several years I’ve occasionally logged onto Shodan and searched for Minecraft servers. I just join, look around, and maybe leave a sign for the server owner. I’d also occasionally heard stories about people making their own Minecraft server scanners.

A while ago, on April 1st 2022, cybersecurity YouTuber LiveOverflow uploaded a video titled “I Spent 100 Days Hacking Minecraft”. Despite being uploaded on April Fools’, the video and series that followed was actually rea...

matdoes.dev markdown

This post is outdated, I rewrote my website to use mdsvex.

A couple years ago when I was creating the matdoes.dev blog I wrote a somewhat powerful markdown system with Regex to allow me to more easily write blog posts. Although I’ve barely written any posts, I’m still proud of it. Also this post is mostly just reference for myself, lol. I present: matdown™

Relative anchor: [matdoesdev](/blog) matdoesdev

External anchor: [matdoesdev](https://matdoes.dev) matdoesdev (External anchors have target=_...

The Story of ReportScammers

I wrote this story on the Hypixel Forums a while ago, but I realized it would be a good idea if I posted it on my blog too.

Intro

ReportScammers was a robot on the Hypixel SkyBlock Forums that automatically replied to posts where people were complaining that they got scammed. It all started on April 27th, 2020. I was bored and wanted to make a Hypixel Forums bot. At first, I wasn’t sure what I wanted it to do. Then I thought, “what’s a task that humans do often that could be easily automated?”: complaining about people getting scammed, of course.

madcausebad11

I didn’t do anything with this idea until a couple weeks later on May 14th, when I r...

Uncovering the Discord Twitch Bots

So a few days ago my friend Slip got a DM on Discord from this “Twitch” bot asking him to invite it to my servers as well as to join theirs. The message the bot said claimed that Discord and Twitch had partnered up to give its users free Nitro Games and free Twitch Prime.

It obviously looked fake, so Slip created a testing server and added me and some friends to help. Upon joining, the fake Twitch bot DMed everyone in the server with the same message as it sent to Slip. It looked like some sort of social engineering worm, but it hadn’t done anything bad yet, so we revoked the bot’s perms and left it in the server.

When I joined the server it linked, it looked like some sort of bad giveaway server with givea...

What Are Domain Hacks?

A domain hack is a domain in which both the top level domain (TLD) and the second level domain (SLD) are combined to make up a word or phrase. For example, matdoes.dev is a domain hack for mat does dev. Domain hacks are not security-related and they are completely legal.

Most domain hacks use country code top level domains (ccTLDs), for example, .it is for italy, .am is for Armenia, etc. Some companies even purchase their own custom TLDs from the Internet Assigned Numbers Authority in order to create a hack for their domains. Most notably is goo.gle, which was created by Google as a domain ha...

Who is mat?

Welcome to mat does dev. You might have some questions, so I’m here to answer them.

Who is mat? I am mat. I am a human that lives somewhere on a planet called Earth, you might’ve heard of it.

What do you do? I do dev. To clarify, I mean dev as in software development.

Why do you write your name in lowercase? Because I can and no one can stop me.

What type of stuff do you make? I make a variety of different tools, and you can see some of those things in my project list on this website. The list isn’t complete though, as a lot of things I make aren’t particularly presentable.

What programming languages do you u...