The Revenact Anti-Leak

Status
Not open for further replies.

ItzSomebody

noob
Platinum
Titanium
May 12, 2019
5
10
3
Credits
200
Overview

The Revenact anti-leak is an active anti-cracking and identification measure against leakers, crackers, and reverse-engineers who attempt to tamper with your code. The way this works is by modifying your plugin uniquely to the user who downloads it and injecting a special protection wrapper. Currently, the anti-leak is capable of:
  • Swapping out resource placeholder strings
  • Protecting methods with a special protection wrapper and
  • Injecting a simple anti-piracy into the main class.
Please note that the anti-leak tampers with classes in order to uniquely identify them to users so you may have to remove certain anti-tampering/integrity-checking protections.

Placeholders

Revenact supports on-download placeholder replacement. These placeholders are special types of identification that are intended to be unique to the plugin and user who downloads said plugin.

To use them, place the following in string literals in your plugin where needed and they should be replaced on download.

  • %%__USER__%% or %%__USR__%%
  • %%__RESOURCE__%% or %%__RSRC__%%
  • %%__NONCE__%% or %%__DWL__%%
    • Placeholders for the download ID.
    • Currently, there is no lookup for the download ID to the user ID. There should be one soon, however.
Protection Wrapper

The anti-leak uses a special protection wrapper to protect certain methods. The wrapped method is then run through a special execution engine whenever a server uses the plugin. To protect one of your methods, you have to put "vm_entry" somewhere in the method name. For maximum protection, it is recommended that you use this to modify the plugin's internal behavior silently when your own anti-piracy system flags the plugin as pirated.

Even though the protection wrapper is relatively advanced, it is recommended you
do not create complex methods to protect with the wrapper as the wrapper's execution engine may not be able to handle it correctly. Additionally, it is recommended you do not use obscure initialization tricks to run wrapped methods when the server loads the plugin.

The execution engine will break if Revenact's injected anti-piracy method is removed or not run so please keep this in mind.

Also, make sure that your 'vm_entry' methods do not contain any of the following as the execution engine cannot handle them:

  • Lambdas and references.
  • Multidimensional arrays.
  • Switch statements.

Disabling the Anti-Leak Injection

There may certain instances where you do not want Revenact to modify your program's internals on download. If this happens to be the case, please follow these steps

  1. Put the JAR archive(s) into a zip/rar/7z/etc.
  2. Upload the compressed archive.

My Plugin Broke!

Revenact's anti-leak system is by no means perfect. If the anti-leaks corrupts/breaks your resource in any way, please send me a PM with the following format filled out:

Code:
Link to the resource:
Resource version:
Download date (does not have to be exact but the day needs to be included):
Unmodified resource (the one you uploaded):
Modified resource (the output of the anti-leak):
Text file of error log (I will not accept Pastebin-like links):
If any of these are missing or not filled out correctly, I will not respond to your PM.
 

ItzSomebody

noob
Platinum
Titanium
May 12, 2019
5
10
3
Credits
200
Default Anti-Piracy

Revenact, by default, injects an anti-piracy into the main class of the Spigot or Bungeecord plugin. This anti-piracy is a minor deterrent and is extremely easy to crack unless the protection wrapper is utilized.
 
Status
Not open for further replies.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)