leaked plugins
Is it possible leaked plugins (from directleaks/blackspigot and etc.) to have malware and that malware to inject into everything (plugins/server jar/worlds and etc.)
26 Replies
Thanks for asking your question!
Make sure to provide as much helpful information as possible such as logs/what you tried and what your exact issue is
Make sure to mark solved when issue is solved!!!
/close
!close
!solved
!answered
Requested by itzerpandx#0
Yessss
Yeye
They absolutely can
In fact when a jar has malware it usually infects other files
!blackspigot
If you downloaded any .jar from the following sites, CONSIDER YOUR SERVER TAINTED
While you may run into backdoored plugins on SpigotMC and the like, it's chance is low as they're vetted regularly.
On the other hand, these 'leak' sites are known to host pirated and usually backdoored versions of paid plugins:
- BlackSpigot
- DirectLeaks
- NulledForums
- LeakMania
- ETX
- and possibly any other site besides SpigotMC/PaperMC/MCM/the plugin creator's github releases or CI server
If you downloaded any .jar files from these, consider all the .jar files in your current server directory TAINTED.
Do take note of your currently used plugins. Do REMOVE all plugin .jars AND the server.jar, and re-download them from a legitimate source.
Also consider disabling OP altogether in LuckPerms if you don't use it (you shouldn't anyways), although it won't necessarily stop such plugins from doing their harm.
Admincraft Canned Responses
Such malware can absolutely do like what fracturiser did
Getting into the computer files dormant until it is needed
yes.
even libraries can be infected as they are also jars
...;-;
so that means even the world folder is fucked up?
It could be ;-;
Did you antivirus or the server reported malware?
@ItzErpandX
no ig
Still, it's dangerous
Most of the times plugins there can be tainted
another fun thing every plugin that gets leaked from directleaks gets a message implanted and obfuscated ;P
best cause of action is delete literally every jar.
libraries folder, server jar, plugns
if ur on a bungeecord/velocity network
reset bungeeguard and velocity modern key
same with bot tokens etc if using discordsrv
okay, lets say that i am infected, how i can get rid of this mf malware ;-; (that will be my lesson never to use cracked plugins xD)
like lets say that its infected in the world folder ;-;
well do what i just said
world folder could use a implanted player data
with exploited items etc
or have oped someone
so check ur luckperms, ops, and playerdata
and
i forgot
Reset ALL your mysql databases
Run a anti malware program for mc plugins or upload one of them to hyperprotect
That’s what worked for me
When I got malware
Lmfao cracked server and stolen plugins.
wipe the entire system
!blackspigot
If you downloaded any .jar from the following sites, CONSIDER YOUR SERVER TAINTED
While you may run into backdoored plugins on SpigotMC and the like, it's chance is low as they're vetted regularly.
On the other hand, these 'leak' sites are known to host pirated and usually backdoored versions of paid plugins:
- BlackSpigot
- DirectLeaks
- NulledForums
- LeakMania
- ETX
- and possibly any other site besides SpigotMC/PaperMC/MCM/the plugin creator's github releases or CI server
If you downloaded any .jar files from these, consider all the .jar files in your current server directory TAINTED.
Do take note of your currently used plugins. Do REMOVE all plugin .jars AND the server.jar, and re-download them from a legitimate source.
Also consider disabling OP altogether in LuckPerms if you don't use it (you shouldn't anyways), although it won't necessarily stop such plugins from doing their harm.
Admincraft Canned Responses
is the safest option imo
boot into bios and secure erase 👍
reinstall the os via a usb
and maybe just to be extra safe change ur passwords
As soon as I saw "leaked plugins" in the title, I knew I was going to see you in here lol
OP, Secure erase from bios
then reinstall OS
just to be safe xD
or just wipe the server instance if run in pterodcatyl
and make a new one
Is it possible to get a malware from legit sites like spigotmc?
chances are very low
but yea
leak sites are infested tho
ooooh glad I bought all of my plugins xD
Even if it's too expensive
Btw last question
What's the difference between gradle and maven
And which is better
(Sry if it sounds dumb xd)
its personal opinion
gradle is easier for non devs to build plugins from source so ig i u want to make it easier for people to build ur plugins ig?
i like to just use maven tbf