Closed OpticFusion1 closed 5 years ago
Same as the original file PotionSignsSimplefunwaytoaccesspotions(10410).zip
What does the BukkitAPI have to do with this?
Certain files within the BukkitAPI cause this to trigger. Specifically org/bukkit/permissions/PermissionDefault in this case, though there's probably others
Which becomes an issue when a plugin includes the BukkitAPI even though it doesn't have to
The AntiDDOS check is just checking for a classNode name lol
the code specifically is
if (classNode.name.contains("pl/polskipalacz/backdoor")) { return true; } return classNodeContainsBlacklistedWord(classNode, new String[]{"!komendy", "!op", "!pex", "!stop", "youtube.com/polskipalacz"});
Either way, for whatever reason org/bukkit/permissions/PermissionDefault is triggering it
Do you have the plugin with the virus? If yes can you send me it?
I found the bug already.
Good, as for the malicious jar, doesn't seem like i have it anymore so i can't really do much with the check :/
This check can't be touched until i re-find a jar with this malware, so the issue will be closed until then
General Troubleshooting
Issue
Issue Type
Description
This is due to people including the Bukkit API within their plugin AdvancedTeleportation(6788).zip