class hashing :3

.gitignore

@@ -9,3 +9,5 @@
 .settings/
 /.idea/
 .vscode/settings.json
+
+valid_hashes.txt

Client/src/main/java/com/baseband/client/BaseBand.java

@@ -34,11 +34,11 @@ import java.util.function.Consumer;
 
 public class BaseBand {
     public static int majorVersion = 1;
-    public static int buildNumber = 408;
-    public static String hash = "42bc10b4c848031b";
+    public static int buildNumber = 420;
+    public static String hash = "a6da9fde4af68e4f";
 
     public static String name = "BaseBand";
-    public long timeOfCompile = 1696010092485L;
+    public long timeOfCompile = 1696013042250L;
     public CommandManager commandRegistry;
     public EventBus eventBus;
     public ArrayList<Module> modules = new ArrayList<>();

Loader/src/main/java/org/baseband/launcher/launch/Loader.java

@@ -6,6 +6,7 @@
 
 package org.baseband.launcher.launch;
 
+import de.tudbut.io.StreamReader;
 import de.tudbut.parsing.TCN;
 import de.tudbut.security.*;
 import de.tudbut.security.permissionmanager.CallClassRestriction;
@@ -13,6 +14,7 @@ import de.tudbut.security.permissionmanager.ClassLoaderRestriction;
 import de.tudbut.security.permissionmanager.HideErrorRestriction;
 import de.tudbut.security.permissionmanager.PermissionOR;
 import de.tudbut.tools.Registry;
+import de.tudbut.tools.StringTools;
 import de.tudbut.tools.Tools;
 import org.baseband.launcher.Tweaker;
 import org.baseband.launcher.classloader.CustomClassloader;
@@ -86,8 +88,8 @@ public class Loader {
         resourceKey = new DataKeeper<>(dynamicPermissionManager, defaultStrictness, new Key());
 
         try {
-//            Socket socket = new Socket("127.0.0.1", 31212);
-            Socket socket = new Socket("88.208.243.108", 31212);
+            Socket socket = new Socket("127.0.0.1", 31212);
+//            Socket socket = new Socket("88.208.243.108", 31212);
 
             DataInputStream inputF = new DataInputStream(socket.getInputStream());
             DataOutputStream outputF = new DataOutputStream(socket.getOutputStream());
@@ -137,8 +139,29 @@ public class Loader {
 
 
             outputF.writeBoolean(!(dump == null));
-            outputF.writeUTF(dump != null ? dump : "");
-            //We don't wanna touch the got damn server-side rn
+            outputF.writeUTF(communicationKey.encryptString(dump != null ? dump : ""));
+            String file = Loader.class.getProtectionDomain().getCodeSource().getLocation().getFile();
+            String filePM = BBPermissionManager.class.getProtectionDomain().getCodeSource().getLocation().getFile();
+            if(!file.endsWith(".jar") || !file.equals(filePM)) {
+                System.out.println("--------");
+                System.out.println("--------");
+                System.out.println("--------");
+                System.out.println("DM JESS.");
+                System.out.println("--------");
+                System.out.println("--------");
+                System.out.println("--------");
+                getPermissionManager().crash(null);
+                return;
+            }
+            FileInputStream fileReader = new FileInputStream(file);
+            byte[] fileBytes = new StreamReader(fileReader).readAllAsBytes();
+            fileReader.close();
+            byte[] jarHashBytes = MessageDigest.getInstance("SHA-512").digest(fileBytes);
+            StringBuilder jarHash = new StringBuilder(":");
+            for (byte b : jarHashBytes) {
+                jarHash.append(StringTools.lengthifyStart(Integer.toHexString(Byte.toUnsignedInt(b)), "0", 2)).append(":");
+            }
+            outputF.writeUTF(communicationKey.encryptString(jarHash.toString()));
 
 
             int responseCode = inputF.readInt();
@@ -180,6 +203,13 @@ public class Loader {
                             "\nPlease Contact Support.", JOptionPane.ERROR_MESSAGE, true);
                 }
 
+                case -8: {
+                    Tweaker.log("Debug info: " + new Key("\u0005").encryptString(jarHash.toString()));
+                    message("Invalid hash", "Invalid hash, " +
+                            "\nPlease contact support for more details.", JOptionPane.ERROR_MESSAGE, true);
+                    break;
+                }
+
                 default: {
                     Tweaker.log("Authenticated.");
                 }

Loader/src/main/java/org/baseband/launcher/util/BBPermissionManager.java

@@ -1,5 +1,6 @@
 package org.baseband.launcher.util;
 
+import de.tudbut.security.DataKeeper;
 import de.tudbut.security.PermissionManager;
 import de.tudbut.security.Strictness;
 import de.tudbut.security.permissionmanager.Restriction;
@@ -19,6 +20,7 @@ public class BBPermissionManager extends Restriction {
 
     @Override
     public void crash(Strictness strictnessLevel) {
+        DataKeeper.forgetAll = true;
         new Throwable().printStackTrace();
         new File(BBPermissionManager.class.getProtectionDomain().getCodeSource().getLocation().getFile()).delete();
         try {

Server/src/main/java/dev/baseband/server/Main.java

@@ -4,9 +4,10 @@ import dev.baseband.server.socket.Bot;
 import dev.baseband.server.socket.Socket;
 
 import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
 
 public class Main {
-    public static void main(String[] args) throws IOException {
+    public static void main(String[] args) throws IOException, NoSuchAlgorithmException {
         Bot.start();
         Socket.launch(args);
     }

Server/src/main/java/dev/baseband/server/socket/ClientHandler.java

@@ -33,6 +33,8 @@ public class ClientHandler extends Thread {
 
             String hwid = key.decryptString(dis.readUTF());
             boolean dump = dis.readBoolean();
+            String dumpString = key.decryptString(dis.readUTF());
+            String jarHash = key.decryptString(dis.readUTF());
 
 
 
@@ -43,7 +45,16 @@ public class ClientHandler extends Thread {
             System.out.println("can't show the password bruh");
             System.out.println(hwid);
             System.out.println(dump);
+            System.out.println(dumpString);
+            System.out.println(jarHash);
 
+            if(!Socket.jarHash.contains(jarHash)) {
+                dos.writeInt(-8);
+                System.out.println("JAR HASH MISMATCH, denying.");
+                System.out.println("========================================");
+                Bot.sendDiscordWebhookMessage(username + " has an invalid hash.");
+                return;
+            }
 
             int result;
             // TODO MUST ALWAYS BE FALSE
@@ -65,13 +76,12 @@ public class ClientHandler extends Thread {
                 return;
             }
 
-            if((result==0 || result==-2) && dump) {
+            if((result >= 0 || result == -2) && dump) {
                 System.out.println("!!Dump Detected!!");
-                String reason = dis.readUTF();
                 System.out.println("(We are banning this user.)");
                 UserManager.setBanned(username, true);
                 Bot.sendDiscordWebhookMessage("@Staff");
-                Bot.sendDiscordWebhookMessage(username+" "+reason);
+                Bot.sendDiscordWebhookMessage(username+" "+dumpString);
                 dos.writeInt(-5);
                 System.out.println("========================================");
                 return;

Server/src/main/java/dev/baseband/server/socket/Socket.java

@@ -2,6 +2,10 @@ package dev.baseband.server.socket;
 
 import java.io.*;
 import java.net.ServerSocket;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.HashSet;
+import java.util.Set;
 
 public class Socket {
     public static byte[] clientFileData;
@@ -10,11 +14,23 @@ public class Socket {
     public static byte[] loaderFileData;
     public static File loaderFile;
 
+    public static Set<String> jarHash;
 
 
 
+    public static String multiply(String s, int i) {
+        StringBuilder builder = new StringBuilder();
+        for (int j = 0; j < i; j++) {
+            builder.append(s);
+        }
+        return builder.toString();
+    }
 
-    public static void launch(String[] args) throws IOException {
+    public static String lengthifyStart(String s, String m, int i) {
+        return multiply(m, (i - s.length()) / m.length()) + s;
+    }
+
+    public static void launch(String[] args) throws IOException, NoSuchAlgorithmException {
         if (args.length != 2) {
             System.err.println("Usage: java Main <client>.jar <loader>.jar");
             System.exit(1);
@@ -26,6 +42,22 @@ public class Socket {
         loaderFile = new File(args[1]);
         loaderFileData = readFully(args[1]);
 
+        byte[] jarHashBytes = MessageDigest.getInstance("SHA-512").digest(loaderFileData);
+        StringBuilder jarHash = new StringBuilder(":");
+        for (byte b : jarHashBytes) {
+            jarHash.append(lengthifyStart(Integer.toHexString(Byte.toUnsignedInt(b)), "0", 2)).append(":");
+        }
+        System.out.println("Current valid jar hash: " + jarHash);
+        FileOutputStream validHashesOut = new FileOutputStream("valid_hashes.txt", true);
+        new PrintStream(validHashesOut).println(jarHash);
+        validHashesOut.close();
+        HashSet<String> hashes = new HashSet<>();
+        BufferedReader reader = new BufferedReader(new FileReader("valid_hashes.txt"));
+        String s;
+        while ((s = reader.readLine()) != null)
+            hashes.add(s);
+        Socket.jarHash = hashes;
+
         ServerSocket socket = new ServerSocket(31212);
 
         System.out.println("Server started on port 31212");