TotalFreedomMC/VulnerabilityPatcher
1
0
Fork 0
mirror of https://github.com/TotalFreedomMC/VulnerabilityPatcher.git synced 2025-02-11 03:30:04 +00:00
Code Issues Projects Releases Wiki Activity

"Oversized" Sign exploit patched

Browse source
This commit is contained in:
Nathan Curran 2021-06-16 22:28:34 +10:00
parent ddcb6dc3c1
commit 03393f0c34
No known key found for this signature in database
GPG key ID: B3A964B30C2E56B8
10 changed files with 113 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
gradle.properties
View file

@ -1,2 +1,2 @@
pluginGroup=me.cooljwb.vulnerabilitypatcher pluginGroup=me.cooljwb.vulnerabilitypatcher
pluginVersion=v1.9.3.1 pluginVersion=v1.9.4

3
src/main/java/me/cooljwb/vulnerabilitypatcher/VulnerabilityPatcher.java
View file

@ -193,6 +193,9 @@ public final class VulnerabilityPatcher extends JavaPlugin
case "ItemNames": case "ItemNames":
listeners.add(new Item_Names()); listeners.add(new Item_Names());
break; break;
case "OversizedSigns":
listeners.add(new Oversized_Sign());
break;
} // Adds all events to the event register. } // Adds all events to the event register.
} }
listeners.forEach(listener -> Bukkit.getPluginManager().registerEvents(listener, this)); // Register the events. listeners.forEach(listener -> Bukkit.getPluginManager().registerEvents(listener, this)); // Register the events.

4
src/main/java/me/cooljwb/vulnerabilitypatcher/commands/CommandGetNBT.java
View file

@ -31,9 +31,9 @@ public class CommandGetNBT extends Patches implements CommandExecutor
ItemStack item = player.getInventory().getItemInMainHand(); ItemStack item = player.getInventory().getItemInMainHand();
String strItem = itemToString(item); String strItem = itemToString(item);
if (item != null && item.getType() != Material.AIR && strItem != null && !(strItem.length() > 5000)) if (item.getType() != Material.AIR && strItem != null && !(strItem.length() > 5000))
msg(sender, SMG.VULNERABILITYPATCHER.msg + ChatColor.GRAY + "Item data: " + ChatColor.GREEN + ChatColor.stripColor(strItem)); msg(sender, SMG.VULNERABILITYPATCHER.msg + ChatColor.GRAY + "Item data: " + ChatColor.GREEN + ChatColor.stripColor(strItem));
else if (item == null || item.getType() == Material.AIR) else if (item.getType() == Material.AIR)
msg(sender, SMG.GET_ITEM_IN_MAINHAND.msg); msg(sender, SMG.GET_ITEM_IN_MAINHAND.msg);
else if (strItem == null) else if (strItem == null)
msg(sender, SMG.NO_TAG.msg); msg(sender, SMG.NO_TAG.msg);

18
src/main/java/me/cooljwb/vulnerabilitypatcher/modifiers/NBTModifier.java
View file

@ -5,6 +5,7 @@ import org.bukkit.entity.Arrow;
import org.bukkit.entity.Entity; import org.bukkit.entity.Entity;
import org.bukkit.entity.Firework; import org.bukkit.entity.Firework;
import org.bukkit.entity.Player; import org.bukkit.entity.Player;
import org.bukkit.event.block.BlockPlaceEvent;
import org.bukkit.inventory.ItemStack; import org.bukkit.inventory.ItemStack;
import org.bukkit.inventory.meta.SpawnEggMeta; import org.bukkit.inventory.meta.SpawnEggMeta;
import org.bukkit.projectiles.ProjectileSource; import org.bukkit.projectiles.ProjectileSource;
@ -489,4 +490,21 @@ public class NBTModifier
} }
return false; return false;
} }
protected boolean isOversizedSign(ItemStack item)
{
if (getVersion().equals("1.16.5"))
{
return nbt_1_16_3.isOversizedSign(item);
}
return false;
}
protected void clearOversizedSign(BlockPlaceEvent event)
{
if (getVersion().equals("1.16.5"))
{
nbt_1_16_3.clearOversizedSign(event);
}
}
} }

52
src/main/java/me/cooljwb/vulnerabilitypatcher/modifiers/NBTModifier_1_16_3.java
View file

@ -19,6 +19,7 @@ import org.bukkit.entity.Arrow;
import org.bukkit.entity.Entity; import org.bukkit.entity.Entity;
import org.bukkit.entity.Firework; import org.bukkit.entity.Firework;
import org.bukkit.entity.Player; import org.bukkit.entity.Player;
import org.bukkit.event.block.BlockPlaceEvent;
import org.bukkit.inventory.ItemStack; import org.bukkit.inventory.ItemStack;
import org.bukkit.inventory.meta.BookMeta; import org.bukkit.inventory.meta.BookMeta;
import org.bukkit.inventory.meta.SpawnEggMeta; import org.bukkit.inventory.meta.SpawnEggMeta;
@ -500,4 +501,55 @@ public class NBTModifier_1_16_3
} }
return false; return false;
} }
boolean isOversizedSign(ItemStack item)
{
if (item != null && item.getType().name().contains("SIGN"))
{
net.minecraft.server.v1_16_R3.ItemStack nmsItem = CraftItemStack.asNMSCopy(item);
NBTTagCompound tag = nmsItem.getTag().getCompound("BlockEntityTag");
String text1 = tag.getString("Text1").toLowerCase();
String text2 = tag.getString("Text2").toLowerCase();
String text3 = tag.getString("Text3").toLowerCase();
String text4 = tag.getString("Text4").toLowerCase();
return text1.contains("\"nbt\":") || text2.contains("\"nbt\":") || text3.contains("\"nbt\":") || text4.contains("\"nbt\":");
}
return false;
}
void clearOversizedSign(BlockPlaceEvent event)
{
ItemStack item = event.getItemInHand();
net.minecraft.server.v1_16_R3.ItemStack nmsItem = CraftItemStack.asNMSCopy(item);
NBTTagCompound tag = nmsItem.getTag().getCompound("BlockEntityTag");
String text1 = tag.getString("Text1").toLowerCase();
String text2 = tag.getString("Text2").toLowerCase();
String text3 = tag.getString("Text3").toLowerCase();
String text4 = tag.getString("Text4").toLowerCase();
if (text1.contains("\"nbt\":"))
{
tag.setString("Text1", "{\"text\":\"NBT tag removed\"}");
}
if (text2.contains("\"nbt\":"))
{
tag.setString("Text2", "{\"text\":\"NBT tag removed\"}");
}
if (text3.contains("\"nbt\":"))
{
tag.setString("Text3", "{\"text\":\"NBT tag removed\"}");
}
if (text4.contains("\"nbt\":"))
{
tag.setString("Text4", "{\"text\":\"NBT tag removed\"}");
}
ItemStack newItem = CraftItemStack.asBukkitCopy(nmsItem);
if (event.getPlayer().getInventory().getItemInMainHand().equals(item))
{
event.getPlayer().getInventory().setItemInMainHand(newItem);
}
else
{
event.getPlayer().getInventory().setItemInOffHand(newItem);
}
}
} }

23
src/main/java/me/cooljwb/vulnerabilitypatcher/patches/Entity_Tag.java
View file

@ -54,24 +54,21 @@ public class Entity_Tag extends Patches implements Listener
{ {
ItemStack item = event.getItem(); ItemStack item = event.getItem();
if (item != null) if (isDangerousEgg(item))
{ {
if (isDangerousEgg(item)) event.setCancelled(true);
Container container = (Container) event.getBlock().getState();
for (int c = 0; c < container.getInventory().getSize(); c++)
{ {
event.setCancelled(true); if (container.getInventory().getItem(c) != null)
Container container = (Container) event.getBlock().getState();
for (int c = 0; c < container.getInventory().getSize(); c++)
{ {
if (container.getInventory().getItem(c) != null) if (container.getInventory().getItem(c).isSimilar(event.getItem()))
{ container.getInventory().getItem(c).setItemMeta(null);
if (container.getInventory().getItem(c).isSimilar(event.getItem()))
container.getInventory().getItem(c).setItemMeta(null);
}
} }
notifyViolation(event.getBlock().getType().name(), "use", "dangerous mob egg", event.getBlock().getLocation());
} }
notifyViolation(event.getBlock().getType().name(), "use", "dangerous mob egg", event.getBlock().getLocation());
} }
debug(event); debug(event);

22
src/main/java/me/cooljwb/vulnerabilitypatcher/patches/Oversized_Sign.java Normal file
View file

@ -0,0 +1,22 @@
package me.cooljwb.vulnerabilitypatcher.patches;
import org.bukkit.event.EventHandler;
import org.bukkit.event.EventPriority;
import org.bukkit.event.Listener;
import org.bukkit.event.block.BlockPlaceEvent;
public class Oversized_Sign extends Patches implements Listener
{
@EventHandler(priority = EventPriority.HIGHEST)
public void onBlockPlace(BlockPlaceEvent event)
{
if (isOversizedSign(event.getItemInHand()))
{
event.setCancelled(true);
clearOversizedSign(event);
notifyViolation(event.getPlayer(), "place", "oversized sign", event.getBlock().getLocation());
}
debug(event);
}
}

5
src/main/java/me/cooljwb/vulnerabilitypatcher/patches/Patches.java
View file

@ -124,7 +124,8 @@ public class Patches extends NBTModifier implements Listener
{ {
if (item != null && item.getItemMeta() != null) if (item != null && item.getItemMeta() != null)
{ {
if (item.getItemMeta().getEnchants() != null && !item.getItemMeta().getEnchants().isEmpty()) item.getItemMeta().getEnchants();
if (!item.getItemMeta().getEnchants().isEmpty())
{ {
for (Map.Entry entry : item.getItemMeta().getEnchants().entrySet()) for (Map.Entry entry : item.getItemMeta().getEnchants().entrySet())
{ {
@ -328,7 +329,7 @@ public class Patches extends NBTModifier implements Listener
ItemStack mainhand = inv.getItemInMainHand(); ItemStack mainhand = inv.getItemInMainHand();
ItemStack offhand = inv.getItemInOffHand(); ItemStack offhand = inv.getItemInOffHand();
if (item != null && inv != null && mainhand != null && offhand != null) if (item != null)
{ {
if (inv.getItemInMainHand().isSimilar(item) || inv.getItemInOffHand().isSimilar(item)) if (inv.getItemInMainHand().isSimilar(item) || inv.getItemInOffHand().isSimilar(item))
return true; return true;

1
src/main/resources/config.yml
View file

@ -24,6 +24,7 @@ Patches:
- Beehives # Removes all NBT data from any EntityBlockStorage such as beehives - Beehives # Removes all NBT data from any EntityBlockStorage such as beehives
- Skulls # Purges empty skull owner IDs - Skulls # Purges empty skull owner IDs
- ItemNames # Removes item names with events in them. - ItemNames # Removes item names with events in them.
- OversizedSigns # Removes signs with NBT tag
# All entities added below will be blocked to use in a spawn egg. # All entities added below will be blocked to use in a spawn egg.
BlockedEntityTags: BlockedEntityTags:

2
src/main/resources/plugin.yml
View file

@ -1,5 +1,5 @@
name: VulnerabilityPatcher name: VulnerabilityPatcher
version: "1.9.3.1" version: "1.9.4"
api-version: 1.13 api-version: 1.13
main: me.cooljwb.vulnerabilitypatcher.VulnerabilityPatcher main: me.cooljwb.vulnerabilitypatcher.VulnerabilityPatcher
authors: [CoolJWB] authors: [CoolJWB]