search

OpticFusion1 / MCAntiMalware

Anti-Malware for minecraft
https://www.spigotmc.org/resources/spigot-anti-malware-detects-over-200-malicious-plugins.64982/
GNU General Public License v3.0
288 stars 29 forks source link

False Positive (ForceOP) #22

Closed OpticFusion1 closed 4 years ago

OpticFusion1 commented 5 years ago

General Troubleshooting

Issue

Issue Type

Description

Certain plugins cause a false positive due Player#setOp this is usually used in the following way setOp dispatchCommand setOp

The plugin below is an example of this, more plugins with this false positive can be provided as needed ActionLibOpenSource(47507).zip

OpticFusion1 commented 5 years ago

A list of false positives are below AnimatedMenu(4690).zip https://luckperms.github.io/ (https://github.com/lucko/LuckPerms) http://www.mythicmobs.net/ http://www.enginehub.org/worldguard (https://github.com/EngineHub/WorldGuard) LibsCommands(88).zip MagicChat(362).zip VipCodes(1508).zip TreasureChestReloaded(1747).zip killStats(2098).zip SkinsRestorer(2124).zip

OpticFusion1 commented 5 years ago

CommandSigns(10512).zip TinyTools(13664).zip CustomHeadsDecorative(18643).zip MCGui(13595).zip RunAsOP(13163).zip ClickEnchant(12435).zip CommandsXL(12336).zip JoinPrizeLite(12101).zip MoreItems(11622).zip SignShop(10997).zip SuperSword(37139).zip Macros(10042).zip DungeonsXL(9488).zip GUIAdminShopIngameEditor(36655).zip

OpticFusion1 commented 5 years ago

for this issue to be considered closed, NONE of these and ANY plugin using these methods should be logged as a false positive, while actual force ops are

ghost commented 5 years ago

That might be the most difficult issue to fix

ghost commented 5 years ago

@OpticFusion1 The false positive comes from

p.setOp not if(p.isOp)

OpticFusion1 commented 5 years ago

@OpticFusion1 The false positive comes from

p.setOp not if(p.isOp)

I'm aware :P If we can fix this specific false positive then we will have MOST of not all false positives dealt with

OpticFusion1 commented 5 years ago

AntiGriefAntiGrief(14593).zip

OpticFusion1 commented 5 years ago

AdminTools(14781).zip

OpticFusion1 commented 5 years ago

DeACoudre(14635).zip

OpticFusion1 commented 5 years ago

JustinCraftTemporaryOP(23411).zip

OpticFusion1 commented 5 years ago

gonna try and spend a few hours on this issue, it's the biggest issue currently, besides dealing with obfuscated malware..

OpticFusion1 commented 5 years ago

There's been quite a few updates since this, closing. A general issue will be made if a false-positive of this type is found again (however there's definitely going to be another issue opened up due to this definitely not getting fixed)

OpticFusion1 commented 4 years ago

None of these throw ForceOP triggers anymore which is nice. AntiGriefAntiGrief(14593).jar triggers the AntiCrash and Bewerbung checks CommandsXL(12336).jar triggers the Annoyance check DungeonsXL(9488).jar triggers the Annoyance check LibsCommands(88).jar triggers the AdminTools check

I just can't win can i XD