UNPKG

@bdsx/anticrasher

Version:

simple anti-crasher

106 lines 10.1 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.Counter = exports.anticrasher = void 0; const networkidentifier_1 = require("bdsx/bds/networkidentifier"); const packetids_1 = require("bdsx/bds/packetids"); const packets_1 = require("bdsx/bds/packets"); const common_1 = require("bdsx/common"); const core_1 = require("bdsx/core"); const event_1 = require("bdsx/event"); const nativetype_1 = require("bdsx/nativetype"); const pointer_1 = require("bdsx/pointer"); const prochacker_1 = require("bdsx/prochacker"); const counter_1 = require("./counter"); Object.defineProperty(exports, "Counter", { enumerable: true, get: function () { return counter_1.Counter; } }); const event_2 = require("./event"); Object.defineProperty(exports, "anticrasher", { enumerable: true, get: function () { return event_2.anticrasher; } }); { console.log("[ANTICRASHER] allocated", " - mdisprgm".blue); event_1.events.serverOpen.on(() => { console.log("[ANTICRASHER] launching", " - mdisprgm".blue); }); event_1.events.serverClose.on(() => { console.log("[ANTICRASHER] closed", " - mdisprgm".blue); }); } core_1.ipfilter.setTrafficLimit(1024 * 1024); core_1.ipfilter.setTrafficLimitPeriod(3600); const InvalidSoundsCounter = new counter_1.Counter(3, 3); const FoodSpammerCounter = new counter_1.Counter(3, 3); const IllegalPositionsCounter = new counter_1.Counter(3, 0); // invalid sound events { event_1.events.packetBefore(packetids_1.MinecraftPacketIds.LevelSoundEvent).on((pkt, ni) => { if ([12, 26, 35, 42].includes(pkt.sound)) return; return InvalidSoundsCounter.enter(ni, event_2.anticrasher.Crashers.InvalidSounds); }); } // invalid eating food { event_1.events.packetBefore(packetids_1.MinecraftPacketIds.ActorEvent).on((pkt, ni) => { const action = pkt.event; if (action !== packets_1.ActorEventPacket.Events.EatingItem) return; return FoodSpammerCounter.enter(ni, event_2.anticrasher.Crashers.FoodSpammer); }); } // invalid positions { event_1.events.packetBefore(packetids_1.MinecraftPacketIds.PlayerAuthInput).on((pkt, ni) => { switch (true) { case pkt.moveX > 0x3fffffff: case pkt.moveZ > 0x3fffffff: case pkt.pos.x > 0x3fffffff: case pkt.pos.y > 0x3fffffff: case pkt.pos.z > 0x3fffffff: IllegalPositionsCounter.addBanned(ni, event_2.anticrasher.Crashers.IllegalPositions); return common_1.CANCEL; default: } }); } { const WrongSkinBlocker = new counter_1.Counter(70, 2); event_1.events.packetRaw(packetids_1.MinecraftPacketIds.PlayerSkin).on((ptr, size, ni, id) => { if (size < 0x400) { WrongSkinBlocker.enter(ni, event_2.anticrasher.Crashers.InvalidSkin); return common_1.CANCEL; } }); } { const disconnectConnection = prochacker_1.procHacker.js("?disconnect@NetworkConnection@@QEAAXXZ", nativetype_1.void_t, null, networkidentifier_1.NetworkConnection); const counter = {}; const receivePacket = prochacker_1.procHacker.hooking("?receivePacket@NetworkConnection@@QEAA?AW4DataStatus@NetworkPeer@@AEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAVNetworkSystem@@AEBV?$shared_ptr@V?$time_point@Usteady_clock@chrono@std@@V?$duration@_JU?$ratio@$00$0DLJKMKAA@@std@@@23@@chrono@std@@@5@@Z", nativetype_1.int32_t, // DataStatus null, networkidentifier_1.NetworkConnection, pointer_1.CxxStringWrapper, networkidentifier_1.NetworkHandler, core_1.VoidPointer)((conn, stream, networkHandler, time_point) => { const ni = conn.networkIdentifier; const addr = ni.getAddress(); const id = stream.valueptr.getUint8(); if (counter[addr] > 1 || id === packetids_1.MinecraftPacketIds.PurchaseReceipt) { event_2.anticrasher.crasherDetected.fire(new event_2.CrasherDetectedEvent(undefined, ni, event_2.anticrasher.Crashers.DisallowedPacket)); disconnectConnection(conn); return 1; } if (id === 0) { counter[addr] = counter[addr] ? counter[addr] + 1 : 1; } return receivePacket(conn, stream, networkHandler, time_point); }); } { // // example_and_test/vulnerabilities.ts // event_1.events.packetRaw(packetids_1.MinecraftPacketIds.ClientCacheBlobStatus).on((ptr, size, netId) => { if (ptr.readVarUint() >= 0xfff || ptr.readVarUint() >= 0xfff) { console.log(("DOS (ClientCacheBlobStatus) detected from " + netId).red); return common_1.CANCEL; } }); event_1.events.packetBefore(packetids_1.MinecraftPacketIds.Disconnect).on((pkt, ni) => { if (ni.getActor() == null) return common_1.CANCEL; }); } //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxrRUFBK0U7QUFDL0Usa0RBQXdEO0FBQ3hELDhDQUFvRDtBQUNwRCx3Q0FBcUM7QUFDckMsb0NBQWtEO0FBQ2xELHNDQUFvQztBQUNwQyxnREFBa0Q7QUFDbEQsMENBQWdEO0FBQ2hELGdEQUE2QztBQUM3Qyx1Q0FBb0M7QUF3R2Qsd0ZBeEdiLGlCQUFPLE9Bd0dhO0FBdkc3QixtQ0FBNEQ7QUF1R25ELDRGQXZHQSxtQkFBVyxPQXVHQTtBQXJHcEI7SUFDSSxPQUFPLENBQUMsR0FBRyxDQUFDLHlCQUF5QixFQUFFLGFBQWEsQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUMzRCxjQUFNLENBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQyxHQUFHLEVBQUU7UUFDdEIsT0FBTyxDQUFDLEdBQUcsQ0FBQyx5QkFBeUIsRUFBRSxhQUFhLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDL0QsQ0FBQyxDQUFDLENBQUM7SUFDSCxjQUFNLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQyxHQUFHLEVBQUU7UUFDdkIsT0FBTyxDQUFDLEdBQUcsQ0FBQyxzQkFBc0IsRUFBRSxhQUFhLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDNUQsQ0FBQyxDQUFDLENBQUM7Q0FDTjtBQUVELGVBQVEsQ0FBQyxlQUFlLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQyxDQUFDO0FBQ3RDLGVBQVEsQ0FBQyxxQkFBcUIsQ0FBQyxJQUFJLENBQUMsQ0FBQztBQUVyQyxNQUFNLG9CQUFvQixHQUFHLElBQUksaUJBQU8sQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUM7QUFDL0MsTUFBTSxrQkFBa0IsR0FBRyxJQUFJLGlCQUFPLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDO0FBQzdDLE1BQU0sdUJBQXVCLEdBQUcsSUFBSSxpQkFBTyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQztBQUVsRCx1QkFBdUI7QUFDdkI7SUFDSSxjQUFNLENBQUMsWUFBWSxDQUFDLDhCQUFrQixDQUFDLGVBQWUsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFLEVBQUUsRUFBRTtRQUNuRSxJQUFJLENBQUMsRUFBRSxFQUFFLEVBQUUsRUFBRSxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUM7WUFBRSxPQUFPO1FBQ2pELE9BQU8sb0JBQW9CLENBQUMsS0FBSyxDQUFDLEVBQUUsRUFBRSxtQkFBVyxDQUFDLFFBQVEsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUM5RSxDQUFDLENBQUMsQ0FBQztDQUNOO0FBRUQsc0JBQXNCO0FBQ3RCO0lBQ0ksY0FBTSxDQUFDLFlBQVksQ0FBQyw4QkFBa0IsQ0FBQyxVQUFVLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxFQUFFLEVBQUU7UUFDOUQsTUFBTSxNQUFNLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQztRQUN6QixJQUFJLE1BQU0sS0FBSywwQkFBZ0IsQ0FBQyxNQUFNLENBQUMsVUFBVTtZQUFFLE9BQU87UUFDMUQsT0FBTyxrQkFBa0IsQ0FBQyxLQUFLLENBQUMsRUFBRSxFQUFFLG1CQUFXLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQzFFLENBQUMsQ0FBQyxDQUFDO0NBQ047QUFFRCxvQkFBb0I7QUFDcEI7SUFDSSxjQUFNLENBQUMsWUFBWSxDQUFDLDhCQUFrQixDQUFDLGVBQWUsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFLEVBQUUsRUFBRTtRQUNuRSxRQUFRLElBQUksRUFBRTtZQUNWLEtBQUssR0FBRyxDQUFDLEtBQUssR0FBRyxVQUFVLENBQUM7WUFDNUIsS0FBSyxHQUFHLENBQUMsS0FBSyxHQUFHLFVBQVUsQ0FBQztZQUM1QixLQUFLLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLFVBQVUsQ0FBQztZQUM1QixLQUFLLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLFVBQVUsQ0FBQztZQUM1QixLQUFLLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLFVBQVU7Z0JBQ3ZCLHVCQUF1QixDQUFDLFNBQVMsQ0FBQyxFQUFFLEVBQUUsbUJBQVcsQ0FBQyxRQUFRLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztnQkFDN0UsT0FBTyxlQUFNLENBQUM7WUFDbEIsUUFBUTtTQUNYO0lBQ0wsQ0FBQyxDQUFDLENBQUM7Q0FDTjtBQUVEO0lBQ0ksTUFBTSxnQkFBZ0IsR0FBRyxJQUFJLGlCQUFPLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDO0lBQzVDLGNBQU0sQ0FBQyxTQUFTLENBQUMsOEJBQWtCLENBQUMsVUFBVSxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsR0FBRyxFQUFFLElBQUksRUFBRSxFQUFFLEVBQUUsRUFBRSxFQUFFLEVBQUU7UUFDckUsSUFBSSxJQUFJLEdBQUcsS0FBSyxFQUFFO1lBQ2QsZ0JBQWdCLENBQUMsS0FBSyxDQUFDLEVBQUUsRUFBRSxtQkFBVyxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsQ0FBQztZQUM3RCxPQUFPLGVBQU0sQ0FBQztTQUNqQjtJQUNMLENBQUMsQ0FBQyxDQUFDO0NBQ047QUFDRDtJQUNJLE1BQU0sb0JBQW9CLEdBQUcsdUJBQVUsQ0FBQyxFQUFFLENBQUMsd0NBQXdDLEVBQUUsbUJBQU0sRUFBRSxJQUFJLEVBQUUscUNBQWlCLENBQUMsQ0FBQztJQUN0SCxNQUFNLE9BQU8sR0FBMkIsRUFBRSxDQUFDO0lBQzNDLE1BQU0sYUFBYSxHQUFHLHVCQUFVLENBQUMsT0FBTyxDQUNwQyxrUkFBa1IsRUFDbFIsb0JBQU8sRUFBRSxhQUFhO0lBQ3RCLElBQUksRUFDSixxQ0FBaUIsRUFDakIsMEJBQWdCLEVBQ2hCLGtDQUFjLEVBQ2Qsa0JBQVcsQ0FDZCxDQUFDLENBQUMsSUFBSSxFQUFFLE1BQU0sRUFBRSxjQUFjLEVBQUUsVUFBVSxFQUFFLEVBQUU7UUFDM0MsTUFBTSxFQUFFLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDO1FBQ2xDLE1BQU0sSUFBSSxHQUFHLEVBQUUsQ0FBQyxVQUFVLEVBQUUsQ0FBQztRQUM3QixNQUFNLEVBQUUsR0FBRyxNQUFNLENBQUMsUUFBUSxDQUFDLFFBQVEsRUFBRSxDQUFDO1FBQ3RDLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsSUFBSSxFQUFFLEtBQUssOEJBQWtCLENBQUMsZUFBZSxFQUFFO1lBQ2hFLG1CQUFXLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxJQUFJLDRCQUFvQixDQUFDLFNBQVMsRUFBRSxFQUFFLEVBQUUsbUJBQVcsQ0FBQyxRQUFRLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxDQUFDO1lBQ2pILG9CQUFvQixDQUFDLElBQUksQ0FBQyxDQUFDO1lBQzNCLE9BQU8sQ0FBQyxDQUFDO1NBQ1o7UUFDRCxJQUFJLEVBQUUsS0FBSyxDQUFDLEVBQUU7WUFDVixPQUFPLENBQUMsSUFBSSxDQUFDLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDekQ7UUFDRCxPQUFPLGFBQWEsQ0FBQyxJQUFJLEVBQUUsTUFBTSxFQUFFLGNBQWMsRUFBRSxVQUFVLENBQUMsQ0FBQztJQUNuRSxDQUFDLENBQUMsQ0FBQztDQUNOO0FBQ0Q7SUFDSSxFQUFFO0lBQ0Ysc0NBQXNDO0lBQ3RDLEVBQUU7SUFFRixjQUFNLENBQUMsU0FBUyxDQUFDLDhCQUFrQixDQUFDLHFCQUFxQixDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsR0FBRyxFQUFFLElBQUksRUFBRSxLQUFLLEVBQUUsRUFBRTtRQUMvRSxJQUFJLEdBQUcsQ0FBQyxXQUFXLEVBQUUsSUFBSSxLQUFLLElBQUksR0FBRyxDQUFDLFdBQVcsRUFBRSxJQUFJLEtBQUssRUFBRTtZQUMxRCxPQUFPLENBQUMsR0FBRyxDQUFDLENBQUMsNENBQTRDLEdBQUcsS0FBSyxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDeEUsT0FBTyxlQUFNLENBQUM7U0FDakI7SUFDTCxDQUFDLENBQUMsQ0FBQztJQUNILGNBQU0sQ0FBQyxZQUFZLENBQUMsOEJBQWtCLENBQUMsVUFBVSxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUUsRUFBRSxFQUFFO1FBQzlELElBQUksRUFBRSxDQUFDLFFBQVEsRUFBRSxJQUFJLElBQUk7WUFBRSxPQUFPLGVBQU0sQ0FBQztJQUM3QyxDQUFDLENBQUMsQ0FBQztDQUNOIn0=