amy/chomens-bot-java
1
0
Fork 0
forked from ChomeNS/chomens-bot-java
Code Pull requests Activity

make the hashing MORE strict

Browse source 
no more trol 😎 actually if you make a bot that sudoes the player that ran the trusted cummand with the same command name you can actually make it do something else tho like servereval to run shit and fard my entire server
This commit is contained in:
Chayapak 2023-07-16 19:07:29 +07:00
parent f1c30b344f
commit 5d6108c74f
9 changed files with 35 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
src/main/java/land/chipmunk/chayapak/chomens_bot/command/CommandContext.java
View file

@ -11,17 +11,14 @@ public class CommandContext {
public final PlayerEntry sender;
public final String hash;
public final String ownerHash;
public final boolean inGame;
public CommandContext(Bot bot, String prefix, PlayerEntry sender, String hash, String ownerHash, boolean inGame) {
public String[] splitInput;
public CommandContext(Bot bot, String prefix, PlayerEntry sender, boolean inGame) {
this.bot = bot;
this.prefix = prefix;
this.sender = sender;
this.hash = hash;
this.ownerHash = ownerHash;
this.inGame = inGame;
}

2
src/main/java/land/chipmunk/chayapak/chomens_bot/command/ConsoleCommandContext.java
View file

@ -9,7 +9,7 @@ public class ConsoleCommandContext extends CommandContext {
private final Bot bot;
public ConsoleCommandContext (Bot bot, String prefix) {
super(bot, prefix, bot.players.getBotEntry() /* real */, null, null, false);
super(bot, prefix, bot.players.getBotEntry() /* real */, false);
this.bot = bot;
}

4
src/main/java/land/chipmunk/chayapak/chomens_bot/command/DiscordCommandContext.java
View file

@ -19,7 +19,7 @@ public class DiscordCommandContext extends CommandContext {
private final Bot bot;
public DiscordCommandContext(Bot bot, String prefix, MessageReceivedEvent event, String hash, String ownerHash) {
public DiscordCommandContext(Bot bot, String prefix, MessageReceivedEvent event) {
super(
bot,
prefix,
@ -36,8 +36,6 @@ public class DiscordCommandContext extends CommandContext {
new byte[0],
true
),
hash,
ownerHash,
false
);
this.bot = bot;

4
src/main/java/land/chipmunk/chayapak/chomens_bot/command/PlayerCommandContext.java
View file

@ -11,8 +11,8 @@ public class PlayerCommandContext extends CommandContext {
private final Bot bot;
public PlayerCommandContext (Bot bot, String playerName, String prefix, String selector, PlayerEntry sender, String hash, String ownerHash) {
super(bot, prefix, sender, hash, ownerHash, true);
public PlayerCommandContext (Bot bot, String playerName, String prefix, String selector, PlayerEntry sender) {
super(bot, prefix, sender, true);
this.bot = bot;
this.playerName = playerName;
this.selector = selector;

7
src/main/java/land/chipmunk/chayapak/chomens_bot/commands/ValidateCommand.java
View file

@ -1,5 +1,6 @@
package land.chipmunk.chayapak.chomens_bot.commands;
import land.chipmunk.chayapak.chomens_bot.Bot;
import land.chipmunk.chayapak.chomens_bot.command.Command;
import land.chipmunk.chayapak.chomens_bot.command.CommandContext;
import land.chipmunk.chayapak.chomens_bot.command.TrustLevel;
@ -19,10 +20,12 @@ public class ValidateCommand extends Command {
@Override
public Component execute(CommandContext context, String[] args, String[] fullArgs) {
final Bot bot = context.bot;
final String hash = fullArgs[0];
if (hash.equals(context.hash)) return Component.text("Valid hash").color(NamedTextColor.GREEN);
else if (hash.equals(context.ownerHash)) return Component.text("Valid OwnerHash").color(NamedTextColor.GREEN);
if (hash.equals(bot.hashing.getHash(context.splitInput[0], context.sender))) return Component.text("Valid hash").color(NamedTextColor.GREEN);
else if (hash.equals(bot.hashing.getOwnerHash(context.splitInput[0], context.sender))) return Component.text("Valid OwnerHash").color(NamedTextColor.GREEN);
return null;
}

4
src/main/java/land/chipmunk/chayapak/chomens_bot/plugins/ChatCommandHandlerPlugin.java
View file

@ -56,7 +56,7 @@ public class ChatCommandHandlerPlugin extends ChatPlugin.Listener {
final String commandString = contents.substring(prefix.length());
final PlayerCommandContext context = new PlayerCommandContext(bot, displayName, prefix, "@a", message.sender, bot.hashing.hash, bot.hashing.ownerHash);
final PlayerCommandContext context = new PlayerCommandContext(bot, displayName, prefix, "@a", message.sender);
final Component output = bot.commandHandler.executeCommand(commandString, context, true, false, false, null);
@ -88,7 +88,7 @@ public class ChatCommandHandlerPlugin extends ChatPlugin.Listener {
final String selector = UUIDUtilities.selector(sender.profile.getId());
final PlayerCommandContext context = new PlayerCommandContext(bot, displayName, prefix, selector, sender, bot.hashing.hash, bot.hashing.ownerHash);
final PlayerCommandContext context = new PlayerCommandContext(bot, displayName, prefix, selector, sender);
final Component output = bot.commandHandler.executeCommand(commandString, context, true, false, false, null);

8
src/main/java/land/chipmunk/chayapak/chomens_bot/plugins/CommandHandlerPlugin.java
View file

@ -136,17 +136,19 @@ public class CommandHandlerPlugin {
} else {
if (
command.trustLevel == TrustLevel.TRUSTED &&
!userHash.equals(bot.hashing.hash) &&
!userHash.equals(bot.hashing.ownerHash)
!userHash.equals(bot.hashing.getHash(splitInput[0], context.sender)) &&
!userHash.equals(bot.hashing.getOwnerHash(splitInput[0], context.sender))
) return Component.text("Invalid hash").color(NamedTextColor.RED);
if (
command.trustLevel == TrustLevel.OWNER &&
!userHash.equals(bot.hashing.ownerHash)
!userHash.equals(bot.hashing.getOwnerHash(splitInput[0], context.sender))
) return Component.text("Invalid OwnerHash").color(NamedTextColor.RED);
}
}
context.splitInput = splitInput;
try {
return command.execute(context, args, fullArgs);
} catch (Exception e) {

2
src/main/java/land/chipmunk/chayapak/chomens_bot/plugins/DiscordPlugin.java
View file

@ -117,7 +117,7 @@ public class DiscordPlugin {
final String message = messageEvent.getContentRaw();
if (message.startsWith(prefix)) {
final DiscordCommandContext context = new DiscordCommandContext(bot, prefix, event, null, null);
final DiscordCommandContext context = new DiscordCommandContext(bot, prefix, event);
final Component output = bot.commandHandler.executeCommand(message.substring(prefix.length()), context, false, true, false, event);

38
src/main/java/land/chipmunk/chayapak/chomens_bot/plugins/HashingPlugin.java
View file

@ -2,47 +2,39 @@ package land.chipmunk.chayapak.chomens_bot.plugins;
import com.google.common.hash.Hashing;
import land.chipmunk.chayapak.chomens_bot.Bot;
import land.chipmunk.chayapak.chomens_bot.data.chat.PlayerEntry;
import java.nio.charset.StandardCharsets;
public class HashingPlugin {
private final Bot bot;
public String hash;
public String ownerHash;
private long lastTime;
public HashingPlugin (Bot bot) {
this.bot = bot;
bot.tick.addListener(new TickPlugin.Listener() {
@Override
public void onTick() {
update();
}
});
}
public void update () {
public String getHash (String prefix, PlayerEntry sender) {
final long time = System.currentTimeMillis() / 5_000;
// mabe this will optimize it?
if (time <= lastTime) return;
lastTime = time;
final String key = bot.config.keys.normalKey;
final String normalHashKey = bot.config.keys.normalKey;
final String ownerHashKey = bot.config.keys.ownerKey;
final String hashValue = sender.profile.getIdAsString() + prefix + time + key;
final String hashValue = time + normalHashKey;
hash = Hashing.sha256()
return Hashing.sha256()
.hashString(hashValue, StandardCharsets.UTF_8)
.toString()
.substring(0, 16);
}
final String ownerHashValue = time + ownerHashKey;
ownerHash = Hashing.sha256()
.hashString(ownerHashValue, StandardCharsets.UTF_8)
public String getOwnerHash (String prefix, PlayerEntry sender) {
final long time = System.currentTimeMillis() / 5_000;
final String key = bot.config.keys.ownerKey;
final String value = sender.profile.getIdAsString() + prefix + time + key;
return Hashing.sha256()
.hashString(value, StandardCharsets.UTF_8)
.toString()
.substring(0, 16);
}