Describe the feature
Currently, servers using specific security plugins (like ExploitPreventer or custom Anti-Cheats) can detect Meteor Client users by exploiting how the client handles certain server-to-client requests. Even if "Brand Spoof" is active, servers can use "Device Fingerprinting" through Resource Pack packets or HTTP requests to identify Meteor users, leading to instant autobans (as seen on servers like Hugo-SMP).
The Problem:
Meteor currently lacks deep-level protection against these fingerprinting methods. Users are forced to install additional mods like ExploitPreventer on the client side to block these packets/requests and remain undetected.
Proposed Solution:
Integrate stealth features directly into Meteor to make it "undetectable" against these specific scans:
Enhanced Brand/Protocol Spoofing: Ensure that no Meteor-specific signatures are sent in any handshake phase.
Resource Pack / Payload Blocking: Option to intercept and spoof the response to server-side resource pack prompts or other "query" packets used for fingerprinting.
HTTP Request Interception: Prevent the client from sending identifiable information via external requests triggered by the server.
Additional Context:
This is becoming a common method for modern Anti-Cheats to "clean" their player base from utility clients without relying on movement checks alone.
Before submitting a suggestion
Describe the feature
Currently, servers using specific security plugins (like ExploitPreventer or custom Anti-Cheats) can detect Meteor Client users by exploiting how the client handles certain server-to-client requests. Even if "Brand Spoof" is active, servers can use "Device Fingerprinting" through Resource Pack packets or HTTP requests to identify Meteor users, leading to instant autobans (as seen on servers like Hugo-SMP).
The Problem:
Meteor currently lacks deep-level protection against these fingerprinting methods. Users are forced to install additional mods like ExploitPreventer on the client side to block these packets/requests and remain undetected.
Proposed Solution:
Integrate stealth features directly into Meteor to make it "undetectable" against these specific scans:
Enhanced Brand/Protocol Spoofing: Ensure that no Meteor-specific signatures are sent in any handshake phase.
Resource Pack / Payload Blocking: Option to intercept and spoof the response to server-side resource pack prompts or other "query" packets used for fingerprinting.
HTTP Request Interception: Prevent the client from sending identifiable information via external requests triggered by the server.
Additional Context:
This is becoming a common method for modern Anti-Cheats to "clean" their player base from utility clients without relying on movement checks alone.
Before submitting a suggestion
This feature doesn't already exist in the client. (I have checked every module and their settings on the latest dev build)
This wasn't already suggested. (I have searched suggestions on GitHub and read the FAQ)