From f5cba1eb1eb5a031ce145ae8539970649a26c83a Mon Sep 17 00:00:00 2001 From: Kenny Date: Sat, 29 Apr 2017 02:05:07 -0400 Subject: [PATCH 1/3] Rate limit book/sign edits as a temporary measure against a crash exploit --- .../src/mineplex/core/BookRateLimiter.java | 54 +++++++++++++++++++ .../src/mineplex/game/clans/Clans.java | 3 ++ .../src/mineplex/clanshub/ClansHub.java | 3 ++ .../Mineplex.Hub/src/mineplex/hub/Hub.java | 6 ++- .../src/nautilus/game/arcade/Arcade.java | 9 +++- 5 files changed, 72 insertions(+), 3 deletions(-) create mode 100644 Plugins/Mineplex.Core/src/mineplex/core/BookRateLimiter.java diff --git a/Plugins/Mineplex.Core/src/mineplex/core/BookRateLimiter.java b/Plugins/Mineplex.Core/src/mineplex/core/BookRateLimiter.java new file mode 100644 index 000000000..e1a5c8e97 --- /dev/null +++ b/Plugins/Mineplex.Core/src/mineplex/core/BookRateLimiter.java @@ -0,0 +1,54 @@ +package mineplex.core; + +import java.util.UUID; +import java.util.concurrent.TimeUnit; + +import net.minecraft.server.v1_8_R3.PacketPlayInCustomPayload; + +import com.google.common.cache.Cache; +import com.google.common.cache.CacheBuilder; + +import mineplex.core.packethandler.PacketHandler; +import mineplex.core.packethandler.PacketHandler.ListenerPriority; + +/** + * A temporary fix for book-related crashes. Adds a rate limit to book/sign edits. + *

+ * See: + * https://hub.spigotmc.org/stash/projects/SPIGOT/repos/craftbukkit/commits/1c3428e534283395dd1b85641a96a6f16842fc1e + * https://hub.spigotmc.org/stash/projects/SPIGOT/repos/craftbukkit/commits/4acd0f49e07e0912096e79494472535baf0db2ab + */ +public class BookRateLimiter extends MiniPlugin +{ + + private final PacketHandler _packetHandler = require(PacketHandler.class); + private final Cache _cache = CacheBuilder.newBuilder() + .expireAfterWrite(1, TimeUnit.SECONDS) + .build(); + + public BookRateLimiter() + { + super("PacketRateLimiter"); + + _packetHandler.addPacketHandler(info -> + { + PacketPlayInCustomPayload packet = (PacketPlayInCustomPayload) info.getPacket(); + String s = packet.a(); + if (!s.equals("MC|BEdit") && !s.equals("MC|BSign")) + { + return; + } + + if (_cache.asMap().containsKey(info.getPlayer().getUniqueId())) + { + info.setCancelled(true); + + return; + } + + _cache.put(info.getPlayer().getUniqueId(), 0); + + }, ListenerPriority.LOW, true, PacketPlayInCustomPayload.class); + } + +} diff --git a/Plugins/Mineplex.Game.Clans/src/mineplex/game/clans/Clans.java b/Plugins/Mineplex.Game.Clans/src/mineplex/game/clans/Clans.java index 8bddf656b..8599201ea 100644 --- a/Plugins/Mineplex.Game.Clans/src/mineplex/game/clans/Clans.java +++ b/Plugins/Mineplex.Game.Clans/src/mineplex/game/clans/Clans.java @@ -280,6 +280,9 @@ public class Clans extends JavaPlugin MinecraftServer.getServer().getPropertyManager().setProperty("debug", false); SpigotConfig.debug = false; + + // TODO temporary fix for book related crashes. + new PacketRateLimiter(); } public static String prettifyName(Material material) diff --git a/Plugins/Mineplex.Hub.Clans/src/mineplex/clanshub/ClansHub.java b/Plugins/Mineplex.Hub.Clans/src/mineplex/clanshub/ClansHub.java index e0997337b..51de3e615 100644 --- a/Plugins/Mineplex.Hub.Clans/src/mineplex/clanshub/ClansHub.java +++ b/Plugins/Mineplex.Hub.Clans/src/mineplex/clanshub/ClansHub.java @@ -183,6 +183,9 @@ public class ClansHub extends JavaPlugin require(Titles.class); require(TwoFactorAuth.class); new WebsiteLinkManager(this, clientManager); + + // TODO temporary fix for book related crashes. + new PacketRateLimiter(); } @Override diff --git a/Plugins/Mineplex.Hub/src/mineplex/hub/Hub.java b/Plugins/Mineplex.Hub/src/mineplex/hub/Hub.java index 05b80b2e6..c1b7a822b 100644 --- a/Plugins/Mineplex.Hub/src/mineplex/hub/Hub.java +++ b/Plugins/Mineplex.Hub/src/mineplex/hub/Hub.java @@ -2,13 +2,13 @@ package mineplex.hub; import static mineplex.core.Managers.require; -import mineplex.hub.modules.AprilFoolsTreasureHunt; import org.bukkit.Bukkit; import org.bukkit.Location; import org.bukkit.entity.Player; import org.bukkit.plugin.java.JavaPlugin; import mineplex.core.CustomTagFix; +import mineplex.core.BookRateLimiter; import mineplex.core.PacketsInteractionFix; import mineplex.core.TwitchIntegrationFix; import mineplex.core.account.CoreClientManager; @@ -79,6 +79,7 @@ import mineplex.core.updater.Updater; import mineplex.core.velocity.VelocityFix; import mineplex.core.visibility.VisibilityManager; import mineplex.core.website.WebsiteLinkManager; +import mineplex.hub.modules.AprilFoolsTreasureHunt; import mineplex.hub.modules.BillboardManager; import mineplex.hub.queue.QueueManager; import mineplex.hub.server.ServerManager; @@ -244,6 +245,9 @@ public class Hub extends JavaPlugin implements IRelation require(AprilFoolsTreasureHunt.class); } require(TwitchIntegrationFix.class); + + // TODO temporary fix for book related crashes. + new BookRateLimiter(); } @Override diff --git a/Plugins/Nautilus.Game.Arcade/src/nautilus/game/arcade/Arcade.java b/Plugins/Nautilus.Game.Arcade/src/nautilus/game/arcade/Arcade.java index 26a762345..0a699a9f6 100644 --- a/Plugins/Nautilus.Game.Arcade/src/nautilus/game/arcade/Arcade.java +++ b/Plugins/Nautilus.Game.Arcade/src/nautilus/game/arcade/Arcade.java @@ -1,9 +1,10 @@ package nautilus.game.arcade; +import static mineplex.core.Managers.require; + import java.io.File; import java.util.HashMap; -import mineplex.core.aprilfools.AprilFoolsManager; import net.minecraft.server.v1_8_R3.MinecraftServer; import org.bukkit.Bukkit; @@ -16,6 +17,7 @@ import org.spigotmc.SpigotConfig; import mineplex.core.CustomTagFix; import mineplex.core.FoodDupeFix; +import mineplex.core.BookRateLimiter; import mineplex.core.PacketsInteractionFix; import mineplex.core.TimingsFix; import mineplex.core.TwitchIntegrationFix; @@ -24,6 +26,7 @@ import mineplex.core.achievement.AchievementManager; import mineplex.core.antihack.AntiHack; import mineplex.core.antihack.RelationProvider; import mineplex.core.antihack.logging.AntihackLogger; +import mineplex.core.aprilfools.AprilFoolsManager; import mineplex.core.blockrestore.BlockRestore; import mineplex.core.blood.Blood; import mineplex.core.boosters.BoosterManager; @@ -86,7 +89,6 @@ import mineplex.minecraft.game.core.damage.DamageManager; import nautilus.game.arcade.anticheatmetadata.GameInfoMetadata; import nautilus.game.arcade.game.Game; import nautilus.game.arcade.game.GameServerConfig; -import static mineplex.core.Managers.require; public class Arcade extends JavaPlugin { @@ -237,6 +239,9 @@ public class Arcade extends JavaPlugin MinecraftServer.getServer().getPropertyManager().setProperty("debug", false); SpigotConfig.debug = false; + + // TODO temporary fix for book related crashes. + new BookRateLimiter(); } @Override From 7994ed082e25df9bbbbb823d35afdead58023fe4 Mon Sep 17 00:00:00 2001 From: Kenny Date: Sat, 29 Apr 2017 02:16:31 -0400 Subject: [PATCH 2/3] Enable 2x XP --- .../src/nautilus/game/arcade/game/Game.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Plugins/Nautilus.Game.Arcade/src/nautilus/game/arcade/game/Game.java b/Plugins/Nautilus.Game.Arcade/src/nautilus/game/arcade/game/Game.java index 89fe831d5..b43b4408a 100644 --- a/Plugins/Nautilus.Game.Arcade/src/nautilus/game/arcade/game/Game.java +++ b/Plugins/Nautilus.Game.Arcade/src/nautilus/game/arcade/game/Game.java @@ -296,7 +296,7 @@ public abstract class Game extends ListenerComponent implements Lifetimed public long PrepareTime = 9000; public boolean PlaySoundGameStart = true; - public double XpMult = 1; + public double XpMult = 2; public boolean SpeedMeasurement = false; From 20264ff1af98a85a2ab0454fc4c0a3618755a2de Mon Sep 17 00:00:00 2001 From: Kenny Date: Sat, 29 Apr 2017 02:17:50 -0400 Subject: [PATCH 3/3] Clans doesn't have access to this through core for some reason --- .../mineplex/game/clans/BookRateLimiter.java | 55 +++++++++++++++++++ .../src/mineplex/game/clans/Clans.java | 2 +- .../src/mineplex/clanshub/ClansHub.java | 7 ++- 3 files changed, 60 insertions(+), 4 deletions(-) create mode 100644 Plugins/Mineplex.Game.Clans/src/mineplex/game/clans/BookRateLimiter.java diff --git a/Plugins/Mineplex.Game.Clans/src/mineplex/game/clans/BookRateLimiter.java b/Plugins/Mineplex.Game.Clans/src/mineplex/game/clans/BookRateLimiter.java new file mode 100644 index 000000000..49cdd7509 --- /dev/null +++ b/Plugins/Mineplex.Game.Clans/src/mineplex/game/clans/BookRateLimiter.java @@ -0,0 +1,55 @@ +package mineplex.game.clans; + +import java.util.UUID; +import java.util.concurrent.TimeUnit; + +import net.minecraft.server.v1_8_R3.PacketPlayInCustomPayload; + +import com.google.common.cache.Cache; +import com.google.common.cache.CacheBuilder; + +import mineplex.core.MiniPlugin; +import mineplex.core.packethandler.PacketHandler; +import mineplex.core.packethandler.PacketHandler.ListenerPriority; + +/** + * A temporary fix for book-related crashes. Adds a rate limit to book/sign edits. + *

+ * See: + * https://hub.spigotmc.org/stash/projects/SPIGOT/repos/craftbukkit/commits/1c3428e534283395dd1b85641a96a6f16842fc1e + * https://hub.spigotmc.org/stash/projects/SPIGOT/repos/craftbukkit/commits/4acd0f49e07e0912096e79494472535baf0db2ab + */ +public class BookRateLimiter extends MiniPlugin +{ + + private final PacketHandler _packetHandler = require(PacketHandler.class); + private final Cache _cache = CacheBuilder.newBuilder() + .expireAfterWrite(1, TimeUnit.SECONDS) + .build(); + + public BookRateLimiter() + { + super("PacketRateLimiter"); + + _packetHandler.addPacketHandler(info -> + { + PacketPlayInCustomPayload packet = (PacketPlayInCustomPayload) info.getPacket(); + String s = packet.a(); + if (!s.equals("MC|BEdit") && !s.equals("MC|BSign")) + { + return; + } + + if (_cache.asMap().containsKey(info.getPlayer().getUniqueId())) + { + info.setCancelled(true); + + return; + } + + _cache.put(info.getPlayer().getUniqueId(), 0); + + }, ListenerPriority.LOW, true, PacketPlayInCustomPayload.class); + } + +} diff --git a/Plugins/Mineplex.Game.Clans/src/mineplex/game/clans/Clans.java b/Plugins/Mineplex.Game.Clans/src/mineplex/game/clans/Clans.java index 8599201ea..4cb014d4a 100644 --- a/Plugins/Mineplex.Game.Clans/src/mineplex/game/clans/Clans.java +++ b/Plugins/Mineplex.Game.Clans/src/mineplex/game/clans/Clans.java @@ -282,7 +282,7 @@ public class Clans extends JavaPlugin SpigotConfig.debug = false; // TODO temporary fix for book related crashes. - new PacketRateLimiter(); + new BookRateLimiter(); } public static String prettifyName(Material material) diff --git a/Plugins/Mineplex.Hub.Clans/src/mineplex/clanshub/ClansHub.java b/Plugins/Mineplex.Hub.Clans/src/mineplex/clanshub/ClansHub.java index 51de3e615..d7a93e3f8 100644 --- a/Plugins/Mineplex.Hub.Clans/src/mineplex/clanshub/ClansHub.java +++ b/Plugins/Mineplex.Hub.Clans/src/mineplex/clanshub/ClansHub.java @@ -1,9 +1,12 @@ package mineplex.clanshub; +import static mineplex.core.Managers.require; + import org.bukkit.Bukkit; import org.bukkit.Location; import org.bukkit.plugin.java.JavaPlugin; +import mineplex.core.BookRateLimiter; import mineplex.core.CustomTagFix; import mineplex.core.PacketsInteractionFix; import mineplex.core.account.CoreClientManager; @@ -65,8 +68,6 @@ import mineplex.minecraft.game.core.combat.CombatManager; import mineplex.minecraft.game.core.condition.ConditionManager; import mineplex.minecraft.game.core.damage.DamageManager; -import static mineplex.core.Managers.require; - /** * Main class for clans hub */ @@ -185,7 +186,7 @@ public class ClansHub extends JavaPlugin new WebsiteLinkManager(this, clientManager); // TODO temporary fix for book related crashes. - new PacketRateLimiter(); + new BookRateLimiter(); } @Override