This commit is contained in:
Daniella / Tove 2023-09-27 23:09:21 +02:00
commit bfa05d16ab
Signed by: TudbuT
GPG key ID: 7D63D5634B7C417F
12 changed files with 150 additions and 103 deletions

View file

@ -6,9 +6,7 @@ import com.baseband.client.event.EventBus;
import com.baseband.client.event.FMLEventProcessor;
import com.baseband.client.module.Module;
import com.baseband.client.module.modules.*;
import de.tudbut.mcregistry.MCRegistry;
import de.tudbut.tools.Registry;
import de.tudbut.tools.Tools;
import net.minecraft.client.Minecraft;
import net.minecraft.launchwrapper.Launch;
import net.minecraftforge.common.MinecraftForge;
@ -31,11 +29,11 @@ import java.util.ArrayList;
@Mod(modid = "baseband")
public class BaseBand {
public static int majorVersion = 1;
public static int buildNumber = 218;
public static String hash = "0be4d7689526900f";
public static int buildNumber = 226;
public static String hash = "748755645be3deeb";
public static String name = "BaseBand";
public long timeOfCompile = 1695843754073L;
public long timeOfCompile = 1695849907385L;
public CommandManager commandRegistry;
public EventBus eventBus;
public ArrayList<Module> modules = new ArrayList<>();
@ -71,29 +69,13 @@ public class BaseBand {
public void onInit() {
Utils.check();
downloadMCRegistry();
try {
Registry = MCRegistry.registerMod("baseband");
registryData = Registry.register("*");
} catch (Exception e) {
// tamper detected
Utils.crash();
Registry = new Registry("BaseBand.registry");
} catch(Exception e) {
throw new RuntimeException(e);
}
// cant be a normal if statement because it might be null
if (registryData.get("LoaderPresent") == Boolean.TRUE) {
String key = registryData.getString("Key");
TCN data = TCN.readMap(Tools.stringToMap(new Key(key).decryptString(registryData.getString("Data"))));
registryData.set("Key", null);
registryData.set("Data", null);
this.level = data.getInteger("level");
} else {
// do other stuff here later?
log.info("No loader present, but able to start anyway ==> Debug environment detected.");
}
// unset so this won't be discovered and manipulated
registryData.set("LoaderPresent", null);
commandRegistry = new CommandManager();
eventBus = new EventBus();

View file

@ -2,7 +2,6 @@ package com.baseband.client;
import com.baseband.client.module.Module;
import de.tudbut.io.StreamReader;
import de.tudbut.mcregistry.MCRegistry;
import de.tudbut.parsing.JSON;
import de.tudbut.parsing.JSON.JSONFormatException;
import de.tudbut.parsing.TCN;
@ -18,7 +17,6 @@ public class ConfigManager {
for (Module module : BaseBand.INSTANCE.modules) {
module.updateData();
}
MCRegistry.GlobalRegistry.save();
}
}

View file

@ -70,9 +70,7 @@ dependencies {
exclude module: 'log4j-core'
}
// this is a tweaker, so it can go into the jar
jarLibs files('libs/mcregistry-1.0.jar')
jarLibs files('libs/TuddyLIB.jar')
annotationProcessor('org.spongepowered:mixin:0.8.5:processor') {
exclude module: 'gson'

Binary file not shown.

View file

@ -1,3 +1,9 @@
/*
* Copyright (c) 2023 Jess H & Daniella H. All Rights Reserved.
*
* Unauthorized copying of this file via any medium is Strictly Prohibited.
*/
package org.baseband.launcher;
import net.minecraft.launchwrapper.ITweaker;
@ -6,7 +12,7 @@ import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.baseband.launcher.launch.Loader;
import org.baseband.launcher.tweaker.Core;
import org.baseband.launcher.util.CustomClassloader;
import org.baseband.launcher.classloader.CustomClassloader;
import org.spongepowered.asm.launch.MixinTweaker;
import java.io.File;

View file

@ -1,4 +1,11 @@
package org.baseband.launcher.util;
/*
* Copyright (c) 2023 Jess H & Daniella H. All Rights Reserved.
*
* Unauthorized copying of this file via any medium is Strictly Prohibited.
*/
package org.baseband.launcher.classloader;
import de.tudbut.security.DataKeeper;
import de.tudbut.security.StrictnessBuilder;
@ -6,9 +13,11 @@ import de.tudbut.security.permissionmanager.CallClassRestriction;
import de.tudbut.security.permissionmanager.HideErrorRestriction;
import net.minecraft.launchwrapper.Launch;
import org.baseband.launcher.launch.Loader;
import org.baseband.launcher.util.BBPermissionManager;
import org.spongepowered.asm.service.MixinService;
import org.spongepowered.asm.service.mojang.MixinServiceLaunchWrapper;
import de.tudbut.security.AccessKiller;
import sun.misc.Unsafe;
import java.io.IOException;
import java.lang.reflect.Field;
@ -45,6 +54,7 @@ public class CustomClassloader extends ClassLoader {
}
public void initClasses(Object classes) {
try {
CustomMixinServer customService = new CustomMixinServer();
Class<?> mixinServiceClass = Class.forName("org.spongepowered.asm.service.MixinService");
@ -62,17 +72,13 @@ public class CustomClassloader extends ClassLoader {
Loader.exit();
}
INSTANCE = new CustomClassloader();
//CustomClassloader.classes = classes;
encryptedClasses.access(accessor -> accessor.setValue((HashMap<String, byte[]>) classes));
try {
Field parent = ClassLoader.class.getDeclaredField("parent");
parent.setAccessible(true);
parent.set(INSTANCE, parent.get(Launch.classLoader));
parent.set(Launch.classLoader, INSTANCE);
parent.set(this, parent.get(Launch.classLoader));
parent.set(Launch.classLoader, this);
} catch (IllegalAccessException | NoSuchFieldException var6) {
var6.printStackTrace();
}
@ -84,11 +90,20 @@ public class CustomClassloader extends ClassLoader {
final byte[][] data = {null};
encryptedClasses.access(accessor -> Loader.classKey.access(classKey -> data[0] = classKey.getValue().decryptByte(accessor.getValue().get(name))));
if (data[0] != null) {
Class<?> clazz = defineClass(name, data[0], 0, data[0].length);
if (clazz == null) {
throw new ClassNotFoundException(name);
}
return clazz;
Class<?> definedClass = defineClass(name, data[0], 0, data[0].length);
//// TudbuT // using unsafe is a bad idea as it breaks DataKeeper
// try {
// Field b = Unsafe.class.getDeclaredField("theUnsafe");
// Unsafe unsafe = (Unsafe)b.get(null);
// Class<?> definedClass = unsafe.defineClass(name, data[0], 0, data[0].length, this, null);
if (definedClass == null) {
throw new ClassNotFoundException(name);
}
return definedClass;
// }catch (Exception e){
// return null;
// }
} else {
try {
return Launch.classLoader.findClass(name);

View file

@ -1,6 +1,11 @@
/*
* Copyright (c) 2023 Jess H & Daniella H. All Rights Reserved.
*
* Unauthorized copying of this file via any medium is Strictly Prohibited.
*/
package org.baseband.launcher.launch;
import de.tudbut.mcregistry.MCRegistry;
import de.tudbut.security.DataKeeper;
import de.tudbut.security.PermissionManager;
import de.tudbut.security.Strictness;
@ -14,7 +19,7 @@ import de.tudbut.tools.Tools;
import net.minecraft.launchwrapper.Launch;
import org.baseband.launcher.Tweaker;
import org.baseband.launcher.util.BBPermissionManager;
import org.baseband.launcher.util.CustomClassloader;
import org.baseband.launcher.classloader.CustomClassloader;
import org.baseband.launcher.util.Key;
import sun.misc.Unsafe;
import de.tudbut.io.StreamRedirect;
@ -25,11 +30,8 @@ import java.io.*;
import java.lang.management.ManagementFactory;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.net.Socket;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
import java.security.MessageDigest;
import java.util.*;
import java.util.jar.JarOutputStream;
@ -103,14 +105,6 @@ public class Loader {
Key communicationKey = new Key(ticket);
if (System.getProperty("com.bb.debugKey") != null) {
if (System.getProperty("com.bb.debugKey").equalsIgnoreCase("true")) {
Tweaker.log("!!Warning!!\nEncryption Debug set to enabled.");
communicationKey.setDebug(true);
classKey.access(x -> x.getValue().setDebug(true));
objectKey.access(x -> x.getValue().setDebug(true));
}
}
outputF.writeUTF("loader");
outputF.writeUTF(communicationKey.encryptString(username));
@ -167,8 +161,7 @@ public class Loader {
}
String key = getRandomTicket();
/*
Registry baseBandRegistry = MCRegistry.registerMod("baseband");
TCN tcn = baseBandRegistry.register("*");
tcn.set("LoaderPresent", true);
@ -181,6 +174,7 @@ public class Loader {
baseBandRegistry.unregister("*", tcn);
MCRegistry.unregisterMod("baseband", baseBandRegistry);
MCRegistry.GlobalRegistry.save();
*/
Map<String, byte[]> classCache = new HashMap<>();
@ -203,6 +197,7 @@ public class Loader {
//Yep!
try (ZipInputStream zipStream = new ZipInputStream(input)) {
ZipEntry zipEntry;
while ((zipEntry = zipStream.getNextEntry()) != null) {
@ -337,7 +332,49 @@ public class Loader {
return true;
}
//// TudbuT // this is a VERY bad idea. it will overwrite any data that bytewise-matches
//// TudbuT // the security manager. this is so unsafe it might overwrite random data
//// TudbuT // that isnt even a security manager with one. if you really need a security
//// TudbuT // manager despite AccessKiller's existence, ask me and ill make a better setter.
// try {
// SecurityManager currentSecurityManager = System.getSecurityManager();
// if (currentSecurityManager != null) {
// Field b = Unsafe.class.getDeclaredField("theUnsafe");
// boolean a = b.isAccessible();
// b.setAccessible(true);
// Unsafe unsafe = (Unsafe)b.get(null);
// b.setAccessible(a);
// Object base = null;
// Field[] fields = System.class.getDeclaredFields();
// for (Field field : fields) {
// if (Modifier.isStatic(field.getModifiers())) {
// base = unsafe.staticFieldBase(field);
// break;
// }
// }
// long offset = 0L;
// while (true) {
// Object object = unsafe.getObject(base, offset);
// if (object == currentSecurityManager) {
// unsafe.putObject(base, offset, new BaseBandSecurityManager());
// return false;
// }
// offset += 4L;
// }
// } else {
// System.setSecurityManager(new BaseBandSecurityManager());
// return false;
// }
// } catch (Exception e) {
// return true;
// }
return false;
//return false if it's fine, return true if it broke
}
@ -376,8 +413,6 @@ public class Loader {
Method exitMethod = shutdownClass.getDeclaredMethod("exit", int.class);
exitMethod.setAccessible(true);
exitMethod.invoke(null, 1);
} catch (Exception b) {
while (true) ;
}
} catch (Exception ignored) {}
}
}

View file

@ -1,3 +1,9 @@
/*
* Copyright (c) 2023 Jess H & Daniella H. All Rights Reserved.
*
* Unauthorized copying of this file via any medium is Strictly Prohibited.
*/
package org.baseband.launcher.tweaker;
import org.spongepowered.asm.launch.MixinBootstrap;

View file

@ -64,6 +64,9 @@ public class BBPermissionManager extends Restriction {
@Override
public boolean checkCaller(Strictness strictnessLevel) {
if(!(System.getSecurityManager() instanceof BaseBandSecurityManager)) {
return false;
}
//// TudbuT // Are you sure this is this a good idea? it will be called a LOT.

View file

@ -0,0 +1,40 @@
/*
* Copyright (c) 2023 Jess H & Daniella H. All Rights Reserved.
*
* Unauthorized copying of this file via any medium is Strictly Prohibited.
*/
package org.baseband.launcher.util;
import org.baseband.launcher.launch.Loader;
import java.security.Permission;
public class BaseBandSecurityManager extends SecurityManager {
@Override
public void checkPermission(Permission permission) {
String permissionName = (permission.getName() != null) ? permission.getName() : "null";
if (permissionName.equals("setSecurityManager")) {
Loader.exit();
}
if (permissionName.startsWith("accessClassInPackage.com.baseband")) {
Class<?>[] classContext = this.getClassContext();
String callerClassName = (classContext.length > 4) ? classContext[4].getName() : null;
String parentClassName = (classContext.length > 5) ? classContext[5].getName() : null;
if (callerClassName != null && !callerClassName.startsWith("com.baseband.")) {
if (parentClassName == null || !parentClassName.startsWith("com.baseband.")) {
Loader.exit();
}
}
}
}
@Override
public void checkPermission(Permission b, Object a) {
checkPermission(b);
}
}

View file

@ -1,18 +1,18 @@
/*
* Copyright (c) 2023 Jess H & Daniella H. All Rights Reserved.
*
* Unauthorized copying of this file via any medium is Strictly Prohibited.
*/
package org.baseband.launcher.util;
import java.io.*;
import java.nio.charset.StandardCharsets;
import java.util.UUID;
public class Key {
//Daniella made the actual encryption,
//Jess made the serialization/byte handling/randomTicket
protected final String string;
private boolean debug = false;
public Key() {
string = getRandomTicket();
}
@ -25,9 +25,6 @@ public class Key {
string = new String(key);
}
public void setDebug(boolean debug) {
this.debug = debug;
}
private static String getRandomTicket() {
StringBuilder buffer = new StringBuilder();
@ -37,39 +34,6 @@ public class Key {
return buffer.toString();
}
public byte[] serializeObject(Object obj) {
try {
if(debug) {
System.out.println(obj + " serialize + encrypt");
}
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
ObjectOutputStream objectOut = new ObjectOutputStream(byteArrayOutputStream);
objectOut.writeObject(obj);
objectOut.close();
return encryptByte(byteArrayOutputStream.toByteArray());
} catch (IOException e) {
e.printStackTrace();
return null; // Return null in case of an error
}
}
public Object deserializeObject(byte[] bytes) {
try {
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decryptByte(bytes));
ObjectInputStream objectIn = new ObjectInputStream(byteArrayInputStream);
Object obj = objectIn.readObject();
objectIn.close();
if(debug) {
System.out.println(obj + " deserialize + decrypt");
}
return obj;
} catch (IOException | ClassNotFoundException e) {
e.printStackTrace();
return null; // Return null in case of an error
}
}
public byte[] encryptByte(byte[] bytes) {
if(bytes == null) {
return null;