The Revenact anti-leak is an anti-cracking and identification measure against leakers, crackers, and reverse-engineers who attempt to tamper with your code. The way this works is by modifying your resources uniquely to the user who downloads it and injecting a special protection wrapper. Currently, the anti-leak is capable of:
Swapping out resource placeholder strings
Protecting methods with a special protection wrapper for Java
Injecting a simple anti-piracy into the Java resources main class.
Please note that the anti-leak tampers with Java classes in order to uniquely identify them to users so you may have to remove certain anti-tampering/integrity-checking protections.
Supported File Extentions
Placeholder injection & Obfuscation: jar
Simple Placeholder Injection: json, txt, yml, css, scss, html, php, js, py, sh, sk
Processed as directory with their content injected: zip, 7zip
Notes: The injector will only go through 1 level of jar, zip and 7zip. If you need any other file type supported, please open a ticket.
.jar -> .jar -> .class = no injection
.jar -> .zip -> .class= no injection
.zip -> .jar -> .class = no injection
.zip -> .class = no injection
.7z -> .class = no injection
.jar -> .class = injection works
.zip -> .zip -> .txt = no injection
.zip -> .txt = injection works
.zip -> directory -> .txt = injection works
Revenact supports on-download placeholder replacement. These placeholders are special types of identification that are intended to be unique to the resource and user who downloads said resource.
To use them, place the following in string literals in your plugin where needed and they should be replaced on download.
Currently, there is no lookup for the download ID to the user ID. There should be one soon, however.
Java Protection Wrapper
The anti-leak uses a special protection wrapper to protect certain methods. The wrapped method is then run through a special execution engine whenever a server uses the plugin. To protect one of your methods, you have to put "vm_entry" somewhere in the method name. For maximum protection, it is recommended that you use this to modify the plugin's internal behavior silently when your own anti-piracy system flags the plugin as pirated.
Even though the protection wrapper is relatively advanced, it is recommended you do notcreate complex methods to protect with the wrapper as the wrapper's execution engine may not be able to handle it correctly. Additionally, it is recommended you do not use obscure initialization tricks to run wrapped methods when the server loads the plugin.
The execution engine will break if Revenact's injected anti-piracy method is removed or not run so please keep this in mind.
Also, make sure that your 'vm_entry' methods do not contain any of the following as the execution engine cannot handle them:
Lambdas and references.
My Plugin Broke!
Revenact's anti-leak system is by no means perfect. If the anti-leaks corrupts/breaks your resource in any way, please send @HoverCatz a PM with the following format filled out:
Link to the resource:
Download date (does not have to be exact but the day needs to be included):
Unmodified resource (the one you uploaded):
Modified resource (the output of the anti-leak):
Text file of error log (I will not accept Pastebin-like links)
Default Java Anti-Piracy
Revenact, by default, injects an anti-piracy into the main class of bungeecord/spigot/bukkit plugins. This anti-piracy is a minor deterrent and is extremely easy to crack unless the protection wrapper is utilized.