Spigot Anti-Malware/Anti-Virus 4.16

The beginning of a safe server

  1. Optic_Fusion1
    Source Code:
    https://github.com/OpticFusion1/MCAntiMalware
    Contributors:
    MrIvanPlays
    THIS IS NOT A PLUGIN

    HOW TO USE

    1. Turn the server off so the malware can't spread
    2. Upload the MCAntiMalware.jar file to your server directory.
    3. Run the jar file in a shell, terminal, or cmd prompt with the command "java -jar MCAntiMalware.jar"
    4. This will create a "AntiMalware" folder. Within that are the log files open the latest log file. Possibly malicious jars are logged as DETECTED
    5. PM me the listed jar(s) to me so I can look through it/them and update the program (or send ALL of the jars to me if you want to be completely sure there's nothing this program doesn't detect)
    6. Delete the listed jars or all of the plugins if you want to be extra safe
    7. Restart the server
    8. If there is STILL malicious stuff happening PM me EVERY jar file (including the server jar) then delete EVERY plugin jar AND the server jar then re-download the plugins and server jar
    VIDEO TUTORIAL


    COMMAND LINE ARGUMENTS

    use the --help command line argument to get this information, it will be the most up to date

    FEATURES

    Detects over 100 malicious plugins
    Runs 24/7 for constant protection
    Scans any new jars, rar, or zip files forr plugins
    WHY THIS IS OPEN SOURCE
    Simple, it's java it's easy to deobfuscate and decompile, if someone tried hard enough they'll figure out everything. I'm better off making it open source and getting help from the community.
    KNOWN FALSE POSITIVES
    The ForceOP check will false positive for a lot of popular plugins due to workarounds brought up in https://github.com/OpticFusion1/MCAntiMalware/issues/22
    LeakedPlugin - Spigot's anti-piracy injection is triggering it because it injects an invokestatic at the start of the instructions. I'm sure other things also cause this check to FalsePositive

    index.png
    OnyxianSoul, besuper, SkyZou and 16 others like this.

Recent Updates

  1. [4.16]
  2. [4.15.3]
  3. [4.15.2]

Recent Reviews

  1. onemoreplays
    onemoreplays
    3/5,
    Version: 4.15.2
    I will be honest, it has detected my private plugin with OP command. Problem here is, my OP command is security enhanced version of the classical OP. It's permission and hash protected (that means even if you have a backdoor in our permission system, you need to unlock it with password, that is hashed).
    1. Optic_Fusion1
      Author's Response
      If you PM me the jar i can look into fixing the false-positives the ForceOP check has
  2. MrIvanPlays
    MrIvanPlays
    5/5,
    Version: 4.14
    Code Quality: A
    This is a must-have if you don't know what you're putting into your server!
    In about 3 days we've fixed critical issues with it and I'm so proud I was able to help to make this program even better!
  3. CaoTrongThang
    CaoTrongThang
    5/5,
    Version: 4.10
    Really need a tutorial video :(
    .................................................
    1. Optic_Fusion1
      Author's Response
      Yea i know. I need to get around to a tutorial video for all of my current resources.
      Need to see if my headset is good enough for videos though.
  4. CatCode
    CatCode
    1/5,
    Version: 3.53
    ...............................................................
    Your project didn't find my exploits.
    ...............................................................
    1. Optic_Fusion1
      Author's Response
      If they're not public, how am i supposed to find them?
  5. AKATONY
    AKATONY
    5/5,
    Version: 3.49.1
    Superb plugin, author helped me find out my problem. Plugin works without problems and detects maleware pretty well.
  6. bobbyjo31
    bobbyjo31
    5/5,
    Version: 3.46.1
    it was awesome just had some issues cuz i am not that smart with this stuff but it works AWESOME
  7. SluthoPrud
    SluthoPrud
    5/5,
    Version: 3.45
    Very very great plugin!
    On 174 malicious plugins, this anti-virus detected 165.
    I mean it don't detect all malicious things, but it's a (very) good start!
    But I noticed some non-malicious plugins are flagged as ForceOP, like LuckPerms and more! Could you fix it?
    Otherwise great plugin.
    1. Optic_Fusion1
      Author's Response
      If you can PM me those remaining malicious plugins i can fix that ;)
      Also i'm more than aware of the ForceOP thing, i personally don't know how to fix it though :(
  8. AllMightySilence
    AllMightySilence
    5/5,
    Version: 3.42
    Simple but very useful, I see much potential in this! Author was fast to respond to!
    1. Optic_Fusion1
      Author's Response
      Thanks <3
  9. OnyxianSoul
    OnyxianSoul
    5/5,
    Version: 3.41
    Wow. I really appreciate you making and sharing this plugin after seeign the risk our servers were exposed to. Thank you, you have my gratitude!
  10. HexedHero
    HexedHero
    5/5,
    Version: 3.41
    Amazing little app to quickly scan .jars for exploits. It has a lot of ForceOP false positives but if you have a tiny bit of how plugins work you can work out if its an issue or not. Better a false positive than no detection at all.
    1. Optic_Fusion1
      Author's Response
      Yea, i'm fully aware of the force-op as the overview says, not much i personally can do about that though since i'm not smart enough to fix it. No one has made a PR to the github fixing it either :/