Urgent help needed with server hacking

Hello all, I have had some MAJOR issues with my server being hacked recently.

My server, Skyblock.us, has gone through EVERYTHING in the last month.

It started out the day that I went on vacation, all hell broke loose and people got op, they did a ton of stuff, and basically I had to reset.

While I was gone many things happened, but that is not of concern.

What is happening currently, is that people have no permissions, however they can still use admin commands. They can force other players to talk without leaving a trace in the server log. They can even /sudo players even though it is removed from everyone. I am completely at a loss here, and I need help. They don't have access to the console, I know that for a fact, because I moved it to an SSH window on a laptop on my home network and this still happened. I'll list my plugins just for any help, because I seriously need it. I have done everything I can and they won't stop. They're clearly targeting me and trying to cause damage to me as they constantly reset donor's islands.

Plugins:



Once again, any help is appreciated as this is sucking the life out of my server and I cannot do anything to stop it. I've been forced to remove commands from essentials just to try to stop things, and I'm not even sure if it's working.

Thanks in advance for anyone that can help,

thekillerofevil

 

Full server.log including the times where they OP'd themselves and your ops.txt file please. Pastebin them.

Also, what do you mean "I moved it to an SSH window on a laptop"? Do you mean you moved your entire server to your laptop, or just changed where you SSH'd in from?

 

Usually I just have the server running in multicraft, but on this occasion I pulled out an old laptop, opened up a PUTTY SSH window into my server and manually ran the java command from there. I'll post the server.log, but why the ops file if it's just my own username? They never gained op. I have a plugin to stop it, yet they continue to torment the server. I'll follow this post up with the pastebin link as it's about 150mb of text.

Also, please note that I am not a noob with bukkit. I know what I'm doing, and this has left me simply stumped. I know you will know more, considering you are an admin here, but just letting you know I can handle difficult instructions and what not, I don't need things simplified. I've gone through every config file and I can't find squat. Hopefully you can make something of the server log, cause I sure haven't been able to.

Okay, the log is too large to be pastebinned, but I've uploaded it to mediafire.

<Edit by Moderator: Redacted mediafire url>

EDIT by Moderator: merged posts, please use the edit button instead of double posting.

 

Code:

2013-01-19 22:00:19 [WARNING] **** SERVER IS RUNNING IN OFFLINE/INSECURE MODE!
2013-01-19 22:00:19 [WARNING] The server will make no attempt to authenticate usernames. Beware.
2013-01-19 22:00:19 [WARNING] While this makes the game possible to play without internet access, it also opens up the ability for hackers to connect with any username they choose.
2013-01-19 22:00:19 [WARNING] To change this, set "online-mode" to "true" in the server.properties file.

There is your problem. Set 'online-mode' to true.

 

If it's in offline mode they logged into an admin account, opped their regular player then all hell breaks loose!

 

Ever wonder why we don't support offline mode servers? This is one of the best examples.

You didn't get "hacked". You had no security at all, and someone took advantage of that fact.

This is akin to putting all your valuables in a car, making sure those valuables are clearly visible, and parking your car in a bad neighborhood and not even bothering to lock your doors. You really shouldn't be surprised when you find you have no valuables left in the car when you return.

Locked. Buy the game, and set online-mode=true.