Skip to content

Commit

Permalink
v15.9
Browse files Browse the repository at this point in the history 
CacheContainer no longer throws errors when trying to load an invalid class
Cleaned up the code slightly
Added some TODO comments
ForceOpCheckF should no longer throw errors
Removed FormattedSecurityException.java
Removed server_hooked and minecraft_server_version_not_found messages
  • Loading branch information
@OpticFusion1
OpticFusion1 committed Jun 22, 2023
1 parent ca413a9 commit 4eefac6
Show file tree
Hide file tree
Showing 17 changed files with 59 additions and 115 deletions.
2 changes: 1 addition & 1 deletion MCAntiMalware-Core/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>MCAntiMalware</artifactId>
<version>15.8.2</version>
<version>15.9</version>
<packaging>jar</packaging>

<parent>
Expand Down
12 changes: 7 additions & 5 deletions MCAntiMalware-Core/src/main/java/optic_fusion1/antimalware/check/CacheContainer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,8 @@ public ClassNode fetchClass(Path filePath, Path path) {
}
return cachedClasses.get(filePath, path);
} catch (Exception ex) {
LOGGER.exception(ex);
// Caused by invalid classes that we can't do much, if anything about
// LOGGER.exception(ex);
}
return null;
}
Expand All @@ -89,10 +90,11 @@ private ClassNode loadClass(Path filePath, Path path) {
classReader.accept(classNode, 0);
cachedClasses.put(filePath, path, classNode);
return classNode;
} catch (Exception e) {
LOGGER.info(filePath.toString());
LOGGER.warn(tl("couldnt_read_class", path.toString()));
LOGGER.exception(e);
} catch (IOException e) {
// Caused by invalid classes that we can't do much, if anything about
// LOGGER.info(filePath.toString());
// LOGGER.warn(tl("couldnt_read_class", path.toString()));
// LOGGER.exception(e);
cachedClasses.put(filePath, path, null);
return null;
}
Expand Down
19 changes: 7 additions & 12 deletions MCAntiMalware-Core/src/main/java/optic_fusion1/antimalware/check/impl/CrasherCheck.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,16 +52,14 @@ public int detectCrasher(MethodNode node) {
if (!(abstractInsnNode instanceof MethodInsnNode)) {
continue;
}
if (abstractInsnNode instanceof MethodInsnNode) {
MethodInsnNode methodInsnNode = (MethodInsnNode) abstractInsnNode;
if (abstractInsnNode instanceof MethodInsnNode methodInsnNode) {
// Variant A
if (methodInsnNode.owner.equals("org/bukkit/entityPlayer")) {
if (methodInsnNode.name.equals("setHealthScale") && methodInsnNode.desc.equals("(D)V")) {
AbstractInsnNode previous = methodInsnNode.getPrevious();
if (previous.getOpcode() == Opcodes.LDC) {
LdcInsnNode ldcNode = (LdcInsnNode) previous;
if (ldcNode.cst instanceof Double) {
double d = (Double) ldcNode.cst;
if (ldcNode.cst instanceof Double d) {
if (d == Double.MAX_VALUE) {
return curLine;
}
Expand All @@ -82,8 +80,7 @@ public int detectCrasher(MethodNode node) {
AbstractInsnNode previous = methodInsnNode.getPrevious();
if (previous.getOpcode() == Opcodes.LDC) {
LdcInsnNode ldcNode = (LdcInsnNode) previous;
if (ldcNode.cst instanceof Long) {
long l = (Long) ldcNode.cst;
if (ldcNode.cst instanceof Long l) {
if (l == 9223372036854775807l) {
return curLine;
}
Expand All @@ -110,8 +107,7 @@ public int detectCrasher(MethodNode node) {
AbstractInsnNode previous = methodInsnNode.getPrevious();
if (previous.getOpcode() == Opcodes.LDC) {
LdcInsnNode ldcNode = (LdcInsnNode) previous;
if (ldcNode.cst instanceof Double) {
double d = (Double) ldcNode.cst;
if (ldcNode.cst instanceof Double d) {
if (d == Double.MAX_VALUE) {
return curLine;
}
Expand All @@ -137,8 +133,7 @@ public int detectCrasher(MethodNode node) {
continue;
}
LdcInsnNode ldcNode = (LdcInsnNode) method.getPrevious();
if (ldcNode.cst instanceof Double) {
double d = (Double) ldcNode.cst;
if (ldcNode.cst instanceof Double d) {
if (d == Double.MAX_VALUE) {
return curLine;
}
Expand All @@ -151,8 +146,8 @@ public int detectCrasher(MethodNode node) {
return -1;
}
}
} else if (abstractInsnNode instanceof LineNumberNode) {
curLine = ((LineNumberNode) abstractInsnNode).line;
} else if (abstractInsnNode instanceof LineNumberNode lineNumberNode) {
curLine = lineNumberNode.line;
}
}
} catch (Exception e) {
Expand Down
11 changes: 5 additions & 6 deletions ...Malware-Core/src/main/java/optic_fusion1/antimalware/check/impl/DispatchCommandCheck.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,8 +50,7 @@ public List<CheckResult> process(ClassNode classNode, Path rootFolder, Path zipF
public int detectMaliciousCommandExecution(MethodNode node) {
int curLine = -1, foundLine = -1;
for (AbstractInsnNode abstractInsnNode : node.instructions) {
if (abstractInsnNode instanceof MethodInsnNode) {
MethodInsnNode methodInsnNode = (MethodInsnNode) abstractInsnNode;
if (abstractInsnNode instanceof MethodInsnNode methodInsnNode) {
if (methodInsnNode.owner.equals("org/bukkit/Server") && methodInsnNode.name.equals("dispatchCommand")
|| methodInsnNode.owner.equals("org/bukkit/entity/Player") && methodInsnNode.name.equals("performCommand")
|| methodInsnNode.owner.equals("org/bukkit/Bukkit") && methodInsnNode.name.equals("dispatchCommand")) {
Expand Down Expand Up @@ -87,15 +86,15 @@ public int detectMaliciousCommandExecution(MethodNode node) {
}
}
// Method 2
if (previous instanceof LdcInsnNode) {
String command = (String) ((LdcInsnNode) previous).cst;
if (previous instanceof LdcInsnNode ldcInsnNode) {
String command = (String) ldcInsnNode.cst;
if (cache.containsBlacklistedCommand(command)) {
foundLine = curLine;
}
}
}
} else if (abstractInsnNode instanceof LineNumberNode) {
curLine = ((LineNumberNode) abstractInsnNode).line;
} else if (abstractInsnNode instanceof LineNumberNode lineNumberNode) {
curLine = lineNumberNode.line;
}
}
return foundLine;
Expand Down
11 changes: 5 additions & 6 deletions ...lware-Core/src/main/java/optic_fusion1/antimalware/check/impl/NonVanillaEnchantCheck.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,14 +94,13 @@ private int hasNonVanillaEnchant(MethodNode method) {
int foundLine = -1;

for (AbstractInsnNode abstractInsnNode : method.instructions) {
if (abstractInsnNode instanceof MethodInsnNode) {
MethodInsnNode methodInsnNode = (MethodInsnNode) abstractInsnNode;
if (abstractInsnNode instanceof MethodInsnNode methodInsnNode) {
if (methodInsnNode.owner.equals("org/bukkit/inventory/meta/ItemMeta") && methodInsnNode.name.equals("addEnchant")
&& methodInsnNode.desc.equals("(Lorg/bukkit/enchantments/Enchantment;IZ)Z")) {
AbstractInsnNode enchantLevelNode = methodInsnNode.getPrevious().getPrevious();
int enchantLevel = 1;
if (enchantLevelNode instanceof IntInsnNode) {
enchantLevel = ((IntInsnNode) enchantLevelNode).operand;
if (enchantLevelNode instanceof IntInsnNode intInsnNode) {
enchantLevel = intInsnNode.operand;
}
if (!(enchantLevelNode.getPrevious() instanceof FieldInsnNode)) {
continue;
Expand All @@ -113,8 +112,8 @@ private int hasNonVanillaEnchant(MethodNode method) {
}
}
}
} else if (abstractInsnNode instanceof LineNumberNode) {
curLine = ((LineNumberNode) abstractInsnNode).line;
} else if (abstractInsnNode instanceof LineNumberNode lineNumberNode) {
curLine = lineNumberNode.line;
}
}
return foundLine;
Expand Down
1 change: 1 addition & 0 deletions MCAntiMalware-Core/src/main/java/optic_fusion1/antimalware/check/impl/QlutchCheck.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,7 @@ private int decodeBase64(String string) {
}
if (Base64.isBase64(string)) {
String decoded = new String(Base64.decodeBase64(string));
// TODO: Add these to database
if (decoded.equalsIgnoreCase("https://api.minecraftforceop.com/download.php?port=")
|| decoded.equalsIgnoreCase("https://api.minecraftforceop.com/name.php")
|| cache.containsBlacklistedString(decoded)
Expand Down
1 change: 1 addition & 0 deletions MCAntiMalware-Core/src/main/java/optic_fusion1/antimalware/check/impl/SystemAccessCheck.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
import org.objectweb.asm.tree.MethodInsnNode;
import org.objectweb.asm.tree.MethodNode;

// TODO: Fully implement this
public class SystemAccessCheck extends BaseCheck {

@Override
Expand Down
16 changes: 6 additions & 10 deletions ...alware-Core/src/main/java/optic_fusion1/antimalware/check/impl/forceop/ForceOpCheckA.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,27 +43,23 @@ private int detect(MethodNode methodNode) {
int curLine = -1;
int foundLine = -1;
for (AbstractInsnNode instruction : methodNode.instructions) {
if (instruction instanceof MethodInsnNode) {
MethodInsnNode methodInsnNode = (MethodInsnNode) instruction;
if (methodInsnNode.owner.equals("org/bukkit/entity/Player") || methodInsnNode.owner.equals("org/bukkit/OfflinePlayer") || methodInsnNode.owner.equals("org/bukkit/command/CommandSender") || methodInsnNode.owner.equals("org/bukkit/permissions/ServerOperator")) {
if (!methodInsnNode.name.equals("setOp")) {
continue;
}
if (!methodInsnNode.desc.equals("(Z)V")) {
if (instruction instanceof MethodInsnNode methodInsnNode) {
if (METHOD_INSN_NODE_OWNERS.contains(methodInsnNode.owner)) {
if (!(methodInsnNode.name.equals("setOp") && methodInsnNode.desc.equals("(Z)V"))) {
continue;
}
AbstractInsnNode previous = methodInsnNode.getPrevious();
if (ByteCodeUtils.matches(previous, 1)) {
setOpTrue = true;
foundLine = curLine;
} else if (ByteCodeUtils.matches(previous, 0)) {
} else {
if (setOpTrue) {
setOpFalse = true;
}
}
}
} else if (instruction instanceof LineNumberNode) {
curLine = ((LineNumberNode) instruction).line;
} else if (instruction instanceof LineNumberNode lineNumberNode) {
curLine = lineNumberNode.line;
}
}
return (setOpTrue && !setOpFalse) ? foundLine : -1;
Expand Down
12 changes: 2 additions & 10 deletions ...alware-Core/src/main/java/optic_fusion1/antimalware/check/impl/forceop/ForceOpCheckB.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@
import org.objectweb.asm.Opcodes;
import org.objectweb.asm.tree.AbstractInsnNode;
import org.objectweb.asm.tree.ClassNode;
import org.objectweb.asm.tree.LineNumberNode;
import org.objectweb.asm.tree.MethodInsnNode;
import org.objectweb.asm.tree.MethodNode;

Expand All @@ -33,12 +32,8 @@ public int detectForceOP(MethodNode node) {
boolean setOpTrue = false;
boolean setOpFalse = false;

int curLine = -1;
int foundLine = -1;

for (AbstractInsnNode abstractInsnNode : node.instructions.toArray()) {
if (abstractInsnNode instanceof MethodInsnNode) {
MethodInsnNode methodInsnNode = (MethodInsnNode) abstractInsnNode;
if (abstractInsnNode instanceof MethodInsnNode methodInsnNode) {
if (methodInsnNode.owner.equals("org/bukkit/entity/Player")
|| methodInsnNode.owner.equals("org/bukkit/OfflinePlayer")
|| methodInsnNode.owner.equals("org/bukkit/command/CommandSender")
Expand All @@ -48,20 +43,17 @@ public int detectForceOP(MethodNode node) {
if (previous.getOpcode() == Opcodes.IALOAD) {
if (ByteCodeUtils.matches(previous.getPrevious(), 1)) {
setOpTrue = true;
foundLine = 2;
}
}
if (ByteCodeUtils.matches(previous, 0)) {
setOpFalse = true;
}
}
}
} else if (abstractInsnNode instanceof LineNumberNode) {
curLine = ((LineNumberNode) abstractInsnNode).line;
}
}
if (setOpTrue && !setOpFalse) {
return foundLine;
return 1;
}
return -1;
}
Expand Down
13 changes: 9 additions & 4 deletions ...alware-Core/src/main/java/optic_fusion1/antimalware/check/impl/forceop/ForceOpCheckF.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,15 @@ private int detect(MethodNode methodNode) {
continue;
}
if (ByteCodeUtils.isMethodInsnNodeCorrect(methodInsnNode, "org/bukkit/entity/Player", "isOp", "()Z")) {
MethodInsnNode node = (MethodInsnNode) methodInsnNode.getNext().getNext().getNext().getNext().getNext().getNext()
.getNext().getNext().getNext();
if (ByteCodeUtils.isMethodInsnNodeCorrect(node, "org/bukkit/entity/Player", "setOp", "(Z)V")) {
return 1;
try {
if (!(methodInsnNode.getNext().getNext().getNext().getNext().getNext().getNext().getNext().getNext().getNext() instanceof MethodInsnNode node)) {
continue;
}
if (ByteCodeUtils.isMethodInsnNodeCorrect(node, "org/bukkit/entity/Player", "setOp", "(Z)V")) {
return 1;
}
} catch (Exception e) {
continue; // Bytecode error, just continue
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion MCAntiMalware-Core/src/main/java/optic_fusion1/antimalware/database/Database.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@

import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.StandardCopyOption;
import java.sql.Connection;
Expand All @@ -33,6 +32,7 @@
import static optic_fusion1.antimalware.AntiMalware.LOGGER;
import optic_fusion1.antimalware.check.CheckResult;

// TODO: Convert this to the new Database once created
public class Database {

private static final String DATABASE_URL = "https://github.com/OpticFusion1/MCAntiMalwareDatabase/blob/master/database.db?raw=true";
Expand Down
37 changes: 0 additions & 37 deletions ...e-Core/src/main/java/optic_fusion1/antimalware/exceptions/FormattedSecurityException.java
View file

This file was deleted.

1 change: 0 additions & 1 deletion ...e-Core/src/main/java/optic_fusion1/antimalware/notifications/impl/ConsoleNotifSender.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@ public void sendNotification(Path path, CheckResult result) {
LOGGER.detected(I18n.tl("scanner_might_be_malicious", path, result.getPlatform(), result.getType(),
result.getFamily(), result.getVariant(), result.getClassNodePath(), result.getSourceFilePath(),
result.getLine()));

}

}
1 change: 0 additions & 1 deletion ...e-Core/src/main/java/optic_fusion1/antimalware/notifications/impl/DiscordNotifSender.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,6 @@ public void sendNotification(Path path, CheckResult result) {
result.getPlatform(), result.getType(), result.getFamily(), result.getVariant(),
result.getClassNodePath(), result.getLine(), result.getSourceFilePath()));
embed.setColor(16711680);

packet.addEmbeds(embed.build());
CLIENT.send(packet.build()).get();
} catch (InterruptedException | ExecutionException ex) {
Expand Down
23 changes: 12 additions & 11 deletions MCAntiMalware-Core/src/main/java/optic_fusion1/antimalware/utils/Utils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -166,20 +166,21 @@ public static int getJavaVersion() {
}

public static List<String> getAuthors(FileConfiguration config) {
List<String> authors = new ArrayList<>();
if (config.isSet("authors")) {
if (config.isList("authors")) {
authors.addAll(config.getStringList("authors"));
} else {
authors.add(config.getString("authors"));
}
return getAuthors(config, "authors");
}
if (config.isSet("author")) {
if (config.isList("author")) {
authors.addAll(config.getStringList("author"));
} else {
authors.add(config.getString("author"));
}
return getAuthors(config, "author");
}
return new ArrayList<>();
}

private static List<String> getAuthors(FileConfiguration config, String field) {
List<String> authors = new ArrayList<>();
if (config.isList(field)) {
authors.addAll(config.getStringList(field));
} else {
authors.add(config.getString(field));
}
return authors;
}
Expand Down
6 changes: 1 addition & 5 deletions MCAntiMalware-Core/src/main/resources/messages.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,8 +137,4 @@ file_deleted={0} was deleted

# Plugins
plugin_has_no_yml={0} doesn''t contain a plugin.yml so it's most likely not in the database
plugin_has_no_author_or_name=author & name configuration sections aren''t set

# Server
server_hooked=Hooked into the server
minecraft_server_version_not_found=Couldn''t find the minecraft server version
plugin_has_no_author_or_name=author & name configuration sections aren''t set
6 changes: 1 addition & 5 deletions MCAntiMalware-Core/src/main/resources/messages_en.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,8 +137,4 @@ file_deleted={0} was deleted

# Plugins
plugin_has_no_yml={0} doesn't contain a plugin.yml so it's most likely not in the database
plugin_has_no_author_or_name=author & name configuration sections aren't set

# Server
server_hooked=Hooked into the server
minecraft_server_version_not_found=Couldn't find the minecraft server version
plugin_has_no_author_or_name=author & name configuration sections aren't set

0 comments on commit 4eefac6

Please sign in to comment.