Minecraft's greatest mystery was just solved!

173,035

11,153 0

Published 2024-05-26

An ancient Minecraft leak, tominecon.7z, was lost for 13 years. But now, for the first time ever, we found it - and cracked it open. What's inside this mysterious file? Let's find out.

Watch RGN's videos on tominecon.7z for more! ➵ • The tominecon.7z Saga

💟 Become a member for exclusive videos, early access, and more! ➵ youtube.com/mcbyt/join

🎙️ Subscribe to the live channel for streams every weekend! ➵ / @mcbytlive
🤖 Join the Discord and chat with my community! ➵ discord.gg/rY4unvn
🐦 Follow my Twitter for, idk, memery I guess ➵ twitter.com/mcbytt

[SOUNDTRACK]
Craft Case - Interruption
Hideki Naganuma - That's Enough
Machine Girl - Heaven Central Authority
Van Sandano - Amalthea
Koji Kondo - River Safari
Koji Kondo - Volcano
pink - amelia
C418 - Chris
and one more I promise I'll add soon but I forgot the name

[CHAPTERS]
0:00 - Intro
0:22 - Let's catch up.
1:38 - tominecon.7z is found.
3:36 - The second hunt.
4:40 - From Dinnerbone, with love.
7:14 - Cracking the code.
8:48 - Inside tominecon.7z.
10:46 - Outro

bye lo

All Comments (21)

@mcbyt 21 days ago

Here's some important links you might want to check out! My Discord: discord.gg/rY4unvn RetroGamingNow Discord: discord.gg/retrogamingnow Tominecon.7z Team Discord: discord.gg/Q2BU69AN3S Download tominecon.7z: buu.sh/u/tominecon.7z
@Ciguato 21 days ago

I like how Doge just casually has a bunch of leaked Mojang passwords like its nothing
@suzuaiki8007 21 days ago

All community: we finally cracked a decoy for 10 years !! Doge: pull outs an all old mojang pass word and did it in 1 day.
@255ping4 21 days ago

Please don't say "way back in 2020". It makes me feel old
@RetroGamingNow 14 days ago

Thank you so much for introducing me to this mystery! I had a blast learning about it and discussing it with everyone!
@slicedlime 21 days ago

I can't believe you listed totally real passwords on screen like that. Anyway, gg!
@treidex 21 days ago

10:15 your data will still be encrypted. It's just that you wouldn't know the key so the data will just be garbage and unusable
@sicktaiz 21 days ago

i just finished watching a video talking about how it will never be cracked, WHAT THE
@Derk_Mage 14 days ago

This was solved because 2 people had random info lying around.
@Deductive 21 days ago

Alright but seriously, why wasn't "boxpig41" bruteforced sooner?
@AshishXMC 21 days ago

GGs to Doge who somehow decided to keep the old leaked passwords, then to Dinnerbone who helped have this spread further, and of course, the original user who had sent the real thing and not a decoy.
@mimifurwalker 21 days ago

it was just 1.0 version of minecraft with minimal differences biggest differences being the extra files
@Moresteck 21 days ago

great video! the only thing missing here is a mention that the server files are in fact different builds from the final 1.0.0. while code-wise (and even content-wise) they're identical, the final 1.0.0 server was built 6 hours after the tominecon 1.0.0 server, making them have different file hashes.
@TheKd8lvt 14 days ago

That explanation about encryption is.... entirely wrong. The parts about hex and dec are correct, but everything else is completely off the mark. 1. The server only ever sends encrypted data. Your client only ever sends encrypted data. There is no way for the game to do anything else, by design . It would be a massive security risk if the opposite were the case, not only for your account details, but both your computer and the server machine. 2. There is no way for encryption to "break" and be left completely open while in transit. That's not how encryption works, unless someone very stupid implements a fallback to plaintext which defeats the point of encrypting that data in the first place, as you could just force one side or the other to fail, receiving all that data without needing to decrypt it. 3. The server ID being parsed in the wrong base wouldn't initially cause an issue. In fact, you'd be able to try to connect just fine. You wouldn't be able to fully connect, but you could try. 4. The reason it appears that multiplayer is completely disabled is because of a related (but different) problem. The first time the server (or your client, on modern versions it's the client) would try to send a packet the other would receive, what appears to them as, a garbled mess of incorrectly encrypted data. As such, they'd immediately close the connection, since trying to proceed would be a waste of time. The decryption fails because the encryption keys (in this case, the server id) would be different on either end, like trying to log in with the wrong password.
@DartMonkey2 14 days ago

10:15 No, parseInt would just throw an exception, which would then be caught by the try-catch blocks surrounding that code, which would then disconnect. I don't even think the serverid is used for encryption, but if it is, the encryption wouldn't be "broken", it'd just fail to decrypt/encrypt anything because the keys don't match up.
@kuhluhOG 21 days ago

7:09 "unless you have time travel and use it to connect to the office WiFi." Ok, another use of the password that we know now too.
@Emerald29 14 days ago

The fact that it was broken in such a simple way without some expert cia level shit like that methods, along with the only difference of it between the offical 1.0 being 4 characters in the code feels so anticlimactically funny
@Lampe2020 21 days ago

Kinda strange all the mobs in the sounds folder had names in singular (blaze, ghast, magmacube, etc.) but endermen are listed there as "endermen"…
@ACMBitz7 14 days ago

Gives up after 13 years "So, I cracked this password in just a second now this is public information."
@Evie 21 days ago

haha I have been waiting for this video since the password got cracked lmao