67 Replies
Thanks for asking your question!
Make sure to provide as much helpful information as possible such as logs/what you tried and what your exact issue is
Make sure to mark solved when issue is solved!!!
/close
!close
!solved
!answered
Requested by lazycaps.#0
Do you host on your own machine?
ye
Malware found
Your anti-malware is flagging every plugin you have as malware. Even though I assume you’re downloading them directly from spigot? Try allowing these plugins in your anti-malware settings
Any reason for using 1.8.8 in this day and age?
If you say combat just use a plug-in
He’s nostalgic
!blackspigot
If you downloaded any .jar from the following sites, CONSIDER YOUR SERVER TAINTED
While you may run into backdoored plugins on SpigotMC and the like, it's chance is low as they're vetted regularly.
On the other hand, these 'leak' sites are known to host pirated and usually backdoored versions of paid plugins:
- BlackSpigot
- DirectLeaks
- NulledForums
- LeakMania
- ETX
- and possibly any other site besides SpigotMC/PaperMC/MCM/the plugin creator's github releases or CI server
If you downloaded any .jar files from these, consider all the .jar files in your current server directory TAINTED.
Do take note of your currently used plugins. Do REMOVE all plugin .jars AND the server.jar, and re-download them from a legitimate source.
Also consider disabling OP altogether in LuckPerms if you don't use it (you shouldn't anyways), although it won't necessarily stop such plugins from doing their harm.
Admincraft Canned Responses
You reap what you sow.
Hey can I do it?
!offline
😄
ah
Bro your whole computer is infected with malware
I was incorrect about the offline mode thing, oops
But OP definitely downloaded a virus
wipe os moment
OP, delete system32, it’s for the best
he gotta boot into BIOS
then secure wipe the drive
reminds me of a friend who doesn't wanna use anything above 1.12.2
Woah woah
So
Spigot has a built-in malware detector??
Crappy computer or preference?
I hate/love 1.12.2
preference
I mean server btw
1.12.2 version for server
TIL
No I mean
I'm asking 😂😂
@lazycaps
You got a pretty big trouble there!
So you used black spigot or cracked plugins right?
If that's the case
The cracked plugin has spreaded to your other plugins
And if you weren't using docker
There's chances that the malware is on system files
Disconnect your computer from the internet now
Your bank data and passwords are on risk :/
Then boot on safe mode, and backup folders that might not have been compromised like photos, word docs, etc
I'm gonna share you a guide about flashing an OS in an USB, kindly shared by our friends from the tech support subreddit
Read everything I've sent
If you were using a hoster, I guess you joined
@Señor Leche do you know if a plugin with malware on a server can spread to clients?
no unless it's using a rce exploit
I wouldn't say it's impossible, but there isn't anything currently known that can do that.
After checking the logs I've seen the server loaded and they joinedn
it can infect other users via a rce
but afaik all rce that happened in past is patched
Log4j?
log4j was the newest one
but there was a rce before that
Outside of log4j, there are no currently known working public rce exploits. But that's patched in most every available version of minecraft you can grab.
2 rce exploits In total
in past
afaik
Idk if the exploit is fixed on his weird old 1.8 paper fork fork
And log4j was patched right? Like, Mojang dropped a patch
LOL
If he's running an old 1.8 paper fork, might not be fixed.
Actually when there's an invuln
:4371cough:
The patch is done by Mojang or by whoever mantains java (Oracle?)?
Not if he's never updated Java or the server.
Let's hope he was using adoptium or latest openJDK
Wind spigot?
no
its nachospigot
a server software that windspigot forked
GitHub
GitHub - Wind-Development/WindSpigot: A performant, multithreaded M...
A performant, multithreaded Minecraft server software for version 1.8.8. - GitHub - Wind-Development/WindSpigot: A performant, multithreaded Minecraft server software for version 1.8.8.
Archived last year 😳😳😳😳😳
WOAH
So
We start at spigot then paper > taco spigot > nacho spigot > wind spigot
A fork of a fork of a fork
But the first fork is good
(paper)
parody fork called "forkspigot"
that does nothing new
xd
https://github.com/TacoSpigot/TacoSpigot when the dev tells you to not use their software 😳
GitHub
GitHub - TacoSpigot/TacoSpigot: The main repository of TacoSpigot
The main repository of TacoSpigot. Contribute to TacoSpigot/TacoSpigot development by creating an account on GitHub.
Yea
I'm only playing super old versions if modded
And with friends only
Please op do the following steps if you ever downloaded stuff from sketchy websites and not official websites
You have a serious thing here or the fork of a fork is reporting a false positive
fork of a fork
it may be false or whatever cracked plugin he installed infected the rest
It's a fork of a fork of a fork of a modification to the source game
whossus help me out in off-topic
And one of the forks is the best thing that ever happened in Minecraft story
;d
ah, i thought you meant a dedicated server, not my pc, oops
looking back it was kinda dumb
haha don’t worry we fine
thank god i backed up like a week ago
So you cracked plugins? @lazycaps
if you do want to use 1.8.8 i recommend pandaspigot as its a direct fork of paper https://github.com/hpfxd/PandaSpigot
GitHub
GitHub - hpfxd/PandaSpigot: Fork of Paper for 1.8.8 focused on impr...
Fork of Paper for 1.8.8 focused on improved performance and stability. - GitHub - hpfxd/PandaSpigot: Fork of Paper for 1.8.8 focused on improved performance and stability.
So you use a hosting provider or a virtual machine? Not your own PC?
Pls tell me you have a backup of all server files before you downloaded cracked plugins. Because if not your server is infected with malware
yes and yes
no, one of my friends sent a plugin i needed 😦
And they got if frooom
dev.bukkit.org?
:that almost never ends well:
Modrinth? Hangar?
spigot!
Or from ✨ unknown and unreliable sources ✨
Seriously ask that friend
Where they got it
I'm sure the answer is black spigot or something like that
You should punch your friend in the face for that
Lmao
oh i will
!solved
post closed!
The post/thread has been closed!
Requested by lazycaps.#0