Minecraft's greatest mystery was just solved!

173,035
0
Published 2024-05-26
An ancient Minecraft leak, tominecon.7z, was lost for 13 years. But now, for the first time ever, we found it - and cracked it open. What's inside this mysterious file? Let's find out.

Watch RGN's videos on tominecon.7z for more! ➵    • The tominecon.7z Saga  

💟 Become a member for exclusive videos, early access, and more! ➵ youtube.com/mcbyt/join

🎙️ Subscribe to the live channel for streams every weekend! ➵    / @mcbytlive  
🤖 Join the Discord and chat with my community! ➵ discord.gg/rY4unvn
🐦 Follow my Twitter for, idk, memery I guess ➵ twitter.com/mcbytt

[SOUNDTRACK]
Craft Case - Interruption
Hideki Naganuma - That's Enough
Machine Girl - Heaven Central Authority
Van Sandano - Amalthea
Koji Kondo - River Safari
Koji Kondo - Volcano
pink - amelia
C418 - Chris
and one more I promise I'll add soon but I forgot the name

[CHAPTERS]
0:00 - Intro
0:22 - Let's catch up.
1:38 - tominecon.7z is found.
3:36 - The second hunt.
4:40 - From Dinnerbone, with love.
7:14 - Cracking the code.
8:48 - Inside tominecon.7z.
10:46 - Outro

bye lo

All Comments (21)
  • @Ciguato
    I like how Doge just casually has a bunch of leaked Mojang passwords like its nothing
  • @suzuaiki8007
    All community: we finally cracked a decoy for 10 years !! Doge: pull outs an all old mojang pass word and did it in 1 day.
  • @255ping4
    Please don't say "way back in 2020". It makes me feel old
  • @RetroGamingNow
    Thank you so much for introducing me to this mystery! I had a blast learning about it and discussing it with everyone!
  • @slicedlime
    I can't believe you listed totally real passwords on screen like that. Anyway, gg!
  • @treidex
    10:15 your data will still be encrypted. It's just that you wouldn't know the key so the data will just be garbage and unusable
  • @sicktaiz
    i just finished watching a video talking about how it will never be cracked, WHAT THE
  • @Derk_Mage
    This was solved because 2 people had random info lying around.
  • @Deductive
    Alright but seriously, why wasn't "boxpig41" bruteforced sooner?
  • @AshishXMC
    GGs to Doge who somehow decided to keep the old leaked passwords, then to Dinnerbone who helped have this spread further, and of course, the original user who had sent the real thing and not a decoy.
  • @mimifurwalker
    it was just 1.0 version of minecraft with minimal differences biggest differences being the extra files
  • @Moresteck
    great video! the only thing missing here is a mention that the server files are in fact different builds from the final 1.0.0. while code-wise (and even content-wise) they're identical, the final 1.0.0 server was built 6 hours after the tominecon 1.0.0 server, making them have different file hashes.
  • @TheKd8lvt
    That explanation about encryption is.... entirely wrong. The parts about hex and dec are correct, but everything else is completely off the mark. 1. The server only ever sends encrypted data. Your client only ever sends encrypted data. There is no way for the game to do anything else, by design . It would be a massive security risk if the opposite were the case, not only for your account details, but both your computer and the server machine. 2. There is no way for encryption to "break" and be left completely open while in transit. That's not how encryption works, unless someone very stupid implements a fallback to plaintext which defeats the point of encrypting that data in the first place, as you could just force one side or the other to fail, receiving all that data without needing to decrypt it. 3. The server ID being parsed in the wrong base wouldn't initially cause an issue. In fact, you'd be able to try to connect just fine. You wouldn't be able to fully connect, but you could try. 4. The reason it appears that multiplayer is completely disabled is because of a related (but different) problem. The first time the server (or your client, on modern versions it's the client) would try to send a packet the other would receive, what appears to them as, a garbled mess of incorrectly encrypted data. As such, they'd immediately close the connection, since trying to proceed would be a waste of time. The decryption fails because the encryption keys (in this case, the server id) would be different on either end, like trying to log in with the wrong password.
  • @DartMonkey2
    10:15 No, parseInt would just throw an exception, which would then be caught by the try-catch blocks surrounding that code, which would then disconnect. I don't even think the serverid is used for encryption, but if it is, the encryption wouldn't be "broken", it'd just fail to decrypt/encrypt anything because the keys don't match up.
  • @kuhluhOG
    7:09 "unless you have time travel and use it to connect to the office WiFi." Ok, another use of the password that we know now too.
  • @Emerald29
    The fact that it was broken in such a simple way without some expert cia level shit like that methods, along with the only difference of it between the offical 1.0 being 4 characters in the code feels so anticlimactically funny
  • @Lampe2020
    Kinda strange all the mobs in the sounds folder had names in singular (blaze, ghast, magmacube, etc.) but endermen are listed there as "endermen"…
  • @ACMBitz7
    Gives up after 13 years "So, I cracked this password in just a second now this is public information."
  • @Evie
    haha I have been waiting for this video since the password got cracked lmao