diff options
| author | PandaNinjas <admin@malwarefight.gq> | 2023-05-19 17:19:06 -0400 |
|---|---|---|
| committer | PandaNinjas <admin@malwarefight.gq> | 2023-05-19 17:19:06 -0400 |
| commit | f6b449e65d050b321abf0e54826ec48c0d993b2a (patch) | |
| tree | 33f0a244dd1a37ccf557c08b0ddb0f1677709ce5 | |
| parent | d30a5775fab3f4e8968e4066a5e59a4b953d8870 (diff) | |
| parent | f1b1c43ba43f78c8cf86be2c32593131054af089 (diff) | |
| download | NoSession-f6b449e65d050b321abf0e54826ec48c0d993b2a.tar.gz NoSession-f6b449e65d050b321abf0e54826ec48c0d993b2a.tar.bz2 NoSession-f6b449e65d050b321abf0e54826ec48c0d993b2a.zip | |
fix merge conflict
| -rw-r--r-- | .github/workflows/gradle.yml | 16 | ||||
| -rw-r--r-- | README.md | 4 | ||||
| -rw-r--r-- | SECURITY.md | 3 | ||||
| -rw-r--r-- | releasesigner.asc | 63 | ||||
| -rw-r--r-- | src/main/java/gq/malwarefight/nosession/utils/Utils.java | 2 |
5 files changed, 82 insertions, 6 deletions
diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index b451daa..f78d4fd 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -28,13 +28,25 @@ jobs: with: java-version: '8' distribution: 'corretto' + - name: Add the release signing secret key + if: github.ref_name == 'main' + run: echo -n "$GPG_SIGNING_KEY" | base64 --decode | gpg --import + env: + GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }} - name: Build with Gradle - uses: gradle/gradle-build-action@67421db6bd0bf253fb4bd25b31ebb98943c375e1 + uses: gradle/gradle-build-action@6778644d759ada84c71d6abc2f6fd7e328c600ab with: arguments: build + + - name: Sign the binary + if: github.ref_name == 'main' + run: gpg --detach-sign -a ./build/libs/*.jar + env: + GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }} + - name: Upload a Build Artifact uses: actions/upload-artifact@v3.1.1 with: # Artifact name - path: ./build/libs/*.jar + path: ./build/libs/ @@ -1,7 +1,7 @@ # NoSession
[](https://modrinth.com/mod/nosession/)<br>
[](https://www.curseforge.com/minecraft/mc-mods/nosession)<br>
-<br>
+<br>
NoSession is a mod that protects your session ID.
## Does this make me perfectly safe?
This mod doesn't make you 100% safe, but it makes it much harder to steal your session token. If you want to stay perfectly safe, look at the
@@ -10,7 +10,7 @@ This mod doesn't make you 100% safe, but it makes it much harder to steal your s ## Staying Safe
In order to work around an unpatchable security vulnerability, rename the NoSession jar to !.jar, so it can load its protection before any other mods.<br>
This only protects you from other mods. There are fake verification sites that can steal your session ID through that method.<br>
-Don't log in with Microsoft OAuth to anything except maybe your Minecraft launcher. You may also want to verify the signature on any NoSession binary. It's signed with [pandaninjas' GPG key](https://raw.githubusercontent.com/pandaninjas/pandaninjas/main/pandaninjas-publickey.key).
+Don't log in with Microsoft OAuth to anything except maybe your Minecraft launcher. You may also want to verify the signature on any NoSession binary. It's signed with [pandaninjas' GPG key](https://raw.githubusercontent.com/pandaninjas/pandaninjas/main/pandaninjas-publickey.key) if the release is v1.1.0 or earlier, and signed with [this key](https://raw.githubusercontent.com/thefightagainstmalware/NoSession/main/releasesigner.asc) if the release is later than v1.1.0
See [ILikePlayingGames' SkyblockModSafety guide](https://github.com/ILikePlayingGames/SkyblockModSafety) for other information
diff --git a/SECURITY.md b/SECURITY.md index 54de5da..11a6ca0 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -7,7 +7,8 @@ Generally, the latest release will be supported. Nightly branches are never supp | Version | Supported | |--------------------|-----------| | 1.0.0 | ❌ | -| 1.1.0 | ✔️ | +| 1.1.0 | ❌ | +| 1.1.1 | ✔️ | | Any nightly branch | ❌ | ## Reporting a Vulnerability diff --git a/releasesigner.asc b/releasesigner.asc new file mode 100644 index 0000000..1fb8cbd --- /dev/null +++ b/releasesigner.asc @@ -0,0 +1,63 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGQD/IYBEADXQ7FCHSjPDUwTGbxylhrDaz/VrH8Aehu0kcHDRf7XyCosKMvr +/dDjgJcTCIwcZAIAmu5PNjoH1wx7dLEYSxI3HL9cisPtxJnfClJcQkF/+Yo9C7Xj +Ve+09tL1t1iWOeK8ar6vU0V+u97HEXihKivSWs2CjD710DeBBPUD2TeE8NPu8Gi0 +RQF/dAk/t6QyCdE2yvoyeAswBfVdbr/JzmPk1ocTUjWgEy5x3qz0P8Pt9b9yxCRc +hSQBVdnxdyycpDS3qyNepnV9FRVKuxN/dnl9whA3dT8qkHYwm5rYqn33VcsJ9DJo +2DrZs92wpNMdTRU3s2k0nB/sUVGN+NsjZmtQnusqAPrrpXlPgCjedFtHmefEluFK +gX25vBkljj9wQx1cB5tOCQkUKKafnNIs7qcGIoeK3hBu2X7Vt8klOZ6oh34WLGkQ +QrjdRKUJnHtYfZ4TLUUtGNTnBA4RF1elvOo5pmesL1zMTaLJRMXmRjF8uAh75j+V +58LsnNfpiE4rQQ+WhPXYeMPpz6+U2SP9nnv36Z5GaURY4kAbWuqMwlqNnsZEH98k +fgSaD1HHUptUuDppEC6in0soilOYTFPhLtNZ4Yc8ZXhHoj6xx9F2As6KIFRQngIG +hlFD2vRmkCUQdfGhKpUBHHUdqy8gSF39l9aAu0rxI2idDDfeCsTooeIVPQARAQAB +tINOb1Nlc3Npb24gYXV0b21hdGVkIHNpZ25lciAoR1BHIGtleSB0aGF0IHNpZ25z +IGFsbCBOb1Nlc3Npb24gbWFpbiBsaW5lIGJpbmFyaWVzKSA8bm9yZXBseV9hdXRv +c2lnbmVyX25vc2Vzc2lvbkBtYWx3YXJlZmlnaHQud2lwLmxhPokCVAQTAQoAPhYh +BKbfb5ElFgu+zK8cXWfmrVSRcI70BQJkA/yGAhsDBQkB4TOABQsJCAcCBhUKCQgL +AgQWAgMBAh4BAheAAAoJEGfmrVSRcI70rF4P/iMLwxsKzJOrdFiSf0llx9wIsf7t +UZsiXJQ4T8Q5j8j0gL0GxzkbdQeo9OoP84TqHZJ9LadpkyA1gxsLonAaAAnl9J/h +e7B53NqVE4s9u4sLlCKAramR2szQyg7AKkyrdHbKeSsjyj7aBIRvWDqKi7vNtxQ3 +F8i4TpSenyiVZxcRIQEISy5J3+IxMAC73VisfO3WewBWYU4OZjdCHZ/5g+A2TnHk +sHWgOw9++/xh7nP/udw273/vK50TKYY8NbR3u4Xrp01KsdUqx3npVPZnsTAna4/q +ZvDfi4aGTp7OmnAFT0/GnRnso1TNALAG9Ksfj7LT75wftDzISZkES69TaBp4r0zt +eMvfEXG9ciBKunahYjxHPEH5Hp6LbZKFFAacC9PjJWftrYSQrRqwASww+xP0DcqA +wdqPOMkYXXWr2DMzqmRgDK9x8D6ZgGUzFMNCqw45V4j00JJ5G1MGiRaNroK9ZutQ +eX7n+tJpJDTaa6sm/rqoHxzx2vXmD/V3qoarTkjZX5ovML/653Rzij+/mChA1eGD +p5zE0Fren9A1koY9ObYwDZLzMnla/KWC/AaLslsIdh+5VLvEDFEE2OZB3iV8K6Nc +P/x72vmsrtz5p4kxMtlYOXwcnCi6Jam7XreoSsSNXbXBQdmlYSIRXPqtJqS6U350 +D9eAhRkEmA+gxlqWiQGzBBABCgAdFiEEm6vbCT2NDvxryW1JY6NP+R2+X+EFAmQD +/J0ACgkQY6NP+R2+X+GHHAv+IB/7r7IkCh502L5SL1oVXZfY/ivkd+CwAIqHQiku +Lvcl4okf6AxtfArhJOGivKw0o2fT931ZHbRfy2FaGR7YSg30YmXXcPd5et4Npd57 +mnYPUj0YKecqJzztaYuhlF66Mi+U0YGK3+MBsdjBl69WvnNOBre6+//It274hrVj +j5g1+RmSpduPXYFLXwTo3dySbe4a0spPQOrwtJbpFvLst6rtEQ6vfMmmuaWL0t+j +OkdbyPTzotNLqKVPXA+JZAORAM6Zba3kWOFetvtUgOt0QD/fdqutRNkTGJOt1N8M +Lnl/b+1KrcAUqyODYZxd6FQl6P8w0aXsBFlpC7PAPjEEnwvIcRlaNMNQlvJajXeW +dRTSnHkJwyy24VtWskENgG0J27MnEQJ1Z38W/FRXqnLehtPhRLD2ngsQ65uyrAoD +44p5fx0orLAnA+7VTNKpTYl4Zw2gRdxKJAEJWR7loGOTX7tfMXJ4g0bWKvS+Or83 +V+vnq9ykig8OWPorfaI1ltrDuQINBGQD/IYBEADL11VSmpfPC3kVqWzo2R5fqhrq +DQqf6c7Ddooi63TB7g3sx17AEKbfe8YF3EeWEjtPWA7zU8cM7WuH+atKygGglVPG +aHtl7tthFtSXPKRfV5lJStEhEKuJB3erGktp7UflWAWow8awmSBUpOzLWGwkQU+j +0LBnBEYgeJWZwHxJ2L+5fzM4V91oIeedgEmEDRo0KbHsYtmMzdUC3DEqrz8srMV6 +OYqOk+UBDsGPkdZEQ4CwvIjOGifk7xe7sKvynA+0jGciJnoKVw7McBwAcBSvrQDB +yDXdZKPFEcoHnXpJV46dKFnc+uRVvDSqZj4xqLu/wv5ho8KabofFU5y49+M2Re7R +CnN4Snpxr9g9TrfjF0lytIZ7Hl6UXuGcZaOtim1z7yu7wri9ibTXebs3S3szTqgZ +y21iTbrqagzMKiGjvn6kZSSNPcYnJzPGTeReSbSXNuEOk+q/XkdHt4/sEcfbpFLr +lFt7p1sFxif26nX/+shxj8ofMY4G2fyM5IefwNNNlRdjfr+ozL9JEWH4idMECGmQ +GvudVHG5wdg7G0yNGZ+VALJhMoGROYgqW2S9NwbPN49b8WFeAjKe7UvkBJNNI2hY +qDKF96jTel3KkGV1gDlq0F7QSMw+Xb3SL2ucTe9PZzugwfP87jPV8cow4ueJGHW3 +xjD6oO2zZ+pmm2rtEQARAQABiQI8BBgBCgAmFiEEpt9vkSUWC77MrxxdZ+atVJFw +jvQFAmQD/IYCGwwFCQHhM4AACgkQZ+atVJFwjvQ6mxAAibjIjz5uEzvOJs9robRX +LlWSnPGl1eigMHZK7G0puJt3U8Xg7lY7+k/lAV7e3RXT4RKlpM2hcQzyh/o98bQP +ywO1XgUVR4ma1nx1CvmSCuTxyrb4hqDv8NpHFlEyxP2b7cXXD02AckKsmBgDMESU +Xwf3PFkZZEDSW6cTIfrKkeBzsyynGA8Psiu50SBknmILq5qq8iwTsPHBM5CtIwCQ +usAjoCbyrFIxqs1R0XtXgIsasVp6F/7GjydB58J62Qtm03Bl352dPQsnYbFJsUe4 +nmjQU6DiuhFT9ILuA2HsWtJvvse3hQ264LVIt7LZ8Nl5t+qsBhfk019F7YeEJdaM +Nt5NvyUJPJeEgjH+clJSU+qFeYZird7In7GmqlWU9VLQNgvOnUM0Uq1M1UNXiZAS +LbsqkgizyypqAfVjfZuoxkn3+qNdCy3YGnHzVBYnZZtj5PpY9ixfNI80KYqq0Tn7 +cqwX+V8ADY7Ro1B4y+VEhBy4fB1XlMabX3L4uULfTL4SCbfnXU2UyGl5/QytuF48 +dxTnS8qhIbq8QcrH9QvNMwy8XEBg9UvkNfpErt2pEG8q4KpgxqUZfyhMxFvN71Co +O4ov3llKaBJULk9w1rVV0fPRzQY9oJcovokWEpLVnEDlfwHq0kKf5Nnd8wJU/FyW +y6P7Hc4UQ7IAby4i7yvD5rw= +=fD5W +-----END PGP PUBLIC KEY BLOCK----- diff --git a/src/main/java/gq/malwarefight/nosession/utils/Utils.java b/src/main/java/gq/malwarefight/nosession/utils/Utils.java index d26d6f2..7f65b2a 100644 --- a/src/main/java/gq/malwarefight/nosession/utils/Utils.java +++ b/src/main/java/gq/malwarefight/nosession/utils/Utils.java @@ -174,7 +174,7 @@ public class Utils { public static void setToken(String token) throws IOException, URISyntaxException { ProcessBuilder processBuilder = new ProcessBuilder( - getJavaExe(), "-cp", getClasspath(), Main.class.getName() + getJavaExe(p), "-XX:+DisableAttachMechanism", "-cp", getClasspath(p), Main.class.getName() ); processBuilder.redirectOutput(ProcessBuilder.Redirect.INHERIT).redirectError(ProcessBuilder.Redirect.INHERIT); Process c = processBuilder.start(); |