Server manager with automatic plugin- mod- server- java- self- updater, scheduled restarts, automatic backups, shared folders, and many more handy features to automate/boost your server maintenance.
Problem
Plugins or executable jar files in general, kind of can do whatever they want to your system, for example deleting or encrypting your files, and get away with it, undetected by your antivirus.
Solution
Add commands which would scan folders for malicious jar files and give each of them a "safety score" from 0-100%.
.scan | Scans the current working directory for malicious jar files. (Shortcut: .sc)
.scan <folder-path> | Scans the provided folder for malicious jar files. Folder path can be relative or absolute. (.sc <folder-path>)
.scan plugins | Scans the ./plugins folder for malicious jar files. (.scp)
Solution details
Unpack jar file into a temp directory
Decompile its .class files
Check each class for specific imports like java.io
If the class contains such an import, do an in-depth check of the whole class
How can a Java program harm your system? Ranked from easiest -> hardest to detect.
Description
Detection
The easiest and most obvious way is by using methods/classes provided by the Java API.
Decompile the jars' .class files and search for dangerous Java imports/classes/methods.
You could use Javas' ProcessBuilder to execute/abuse any kind of program installed on your machine.
You could use Javas' ProcessBuilder to execute terminal commands like rmdir <directory-path> (on Linux and if the user under which the Java program is running, has permission).
You could write code in another programming language and execute it.
You could download and inject malicious Java code at runtime.
Dangerous imports/packages provided by the Java API
java.io to read/delete/create/modify files
java.nio to read/list files and listen to file events
Note that at the moment these are notes of some brainstorming without deeper research done yet.
Problem Plugins or executable jar files in general, kind of can do whatever they want to your system, for example deleting or encrypting your files, and get away with it, undetected by your antivirus.
Solution Add commands which would scan folders for malicious jar files and give each of them a "safety score" from 0-100%.
Solution details
java.io
How can a Java program harm your system? Ranked from easiest -> hardest to detect.
ProcessBuilder
to execute/abuse any kind of program installed on your machine.ProcessBuilder
to execute terminal commands likermdir <directory-path>
(on Linux and if the user under which the Java program is running, has permission).Dangerous imports/packages provided by the Java API
java.io
to read/delete/create/modify filesjava.nio
to read/list files and listen to file eventsNote that at the moment these are notes of some brainstorming without deeper research done yet.