search

OpticFusion1 / MCAntiMalware

Anti-Malware for minecraft
https://www.spigotmc.org/resources/spigot-anti-malware-detects-over-200-malicious-plugins.64982/
GNU General Public License v3.0
293 stars 29 forks source link

Improve this check #493

Closed github-actions[bot] closed 3 years ago

github-actions[bot] commented 3 years ago

Improve this check

https://github.com/OpticFusion1/MCAntiMalware/blob/be3e0c94425d79225d811c33cdf806625f45a7d1/MCAntiMalware-Core/src/main/java/optic_fusion1/antimalware/servers/transformers/ChatEventTransformer.java#L18


package optic_fusion1.antimalware.servers.transformers;

import java.lang.reflect.InvocationTargetException;
import optic_fusion1.antimalware.AntiMalware;
import static optic_fusion1.antimalware.AntiMalware.LOGGER;
import optic_fusion1.antimalware.check.CacheContainer;
import optic_fusion1.antimalware.exceptions.FormattedSecurityException;
import optic_fusion1.antimalware.servers.runtimeprotect.callerinfo.CallerInfo;
import optic_fusion1.antimalware.servers.runtimeprotect.callerinfo.RuntimeUtils;
import static optic_fusion1.antimalware.utils.I18n.tl;

public abstract class ChatEventTransformer {

  static void handle(Object object) {
    try {
      String message = (String) object.getClass().getMethod("getMessage").invoke(object);
      String player = getPlayerName(object);
      // TODO: Improve this check
      CacheContainer cache = AntiMalware.getInstance().getCache();
      if (cache.containsBlacklistedCommand(message) || cache.containsBlacklistedString(message)
              || cache.containsBlacklistedString(message.split(" ")[0])
              || cache.containsBlacklistedCommand(message.split(" ")[0])) {
        CallerInfo callerInfo = RuntimeUtils.getCallerInfo();
        if (callerInfo != null) {
          throw new FormattedSecurityException(tl("transformer_blacklisted_word",
                  callerInfo.getPlugin().getJar(), player, message));
        }
        throw new FormattedSecurityException(tl("transformer_blacklisted_word_no_file", getPlayerName(object), message));
      }
      LOGGER.info(player + " said " + message + " (Cancelled Event)");
    } catch (IllegalAccessException | IllegalArgumentException | NoSuchMethodException | SecurityException | InvocationTargetException e) {
      e.printStackTrace();
    }

  }

  private static String getPlayerName(Object object) throws IllegalAccessException, IllegalArgumentException,
          InvocationTargetException, NoSuchMethodException, SecurityException {
    Object player = object.getClass().getMethod("getPlayer").invoke(object);
    return (String) player.getClass().getMethod("getDisplayName").invoke(player);
  }

}

8b831e2bd134920577dd601b871587385fa6818f

github-actions[bot] commented 3 years ago

Closed in e6f0849bc799dfeff816fea1c304739273f1a983