⭐IrisDev Loader (for Paper 1.8.8)⭐ - Antileak+Optimisation for Setups

Status
This thread has been locked.

Carrot

God of Carrots
Supreme
Feedback score
0
Posts
0
Reactions
1
Resources
5
NOTICE: THIS IS NOT A TRADITIONAL PLUGIN BUT IT PLUGS INTO THE SERVER ECOSYSTEM.
1. The jar "plugs" into the server by hooking into Paper on server load
2. The custom plugin builds are, well, plugin builds

IrisDev Loader:

Traditionally Setups have been massive targets of leakers, being frequently uploaded to leak websites and there hasn't been anything setup authors have been able to do. This all changes with IrisDev Loader. IrisDev Loader replaces the server jar and connects to a server to check the user/file ID isn't blacklisted, and only then launches the server. We then give you a custom build of any open-source plugin of your choice (ex. Vault), and then also embed the antileak system in there. We can even make the plugin check if the loader is being used or not.

This system also reduces server jar size by downloading and running PaperSpigot 1.8 on server start.

I am selling custom builds of this for around $25/500-buyers, then $10 per additional 500 buyers after that
This includes:
- Custom Modified Plugin Jar
- Guide/Assistance on Setup of Blacklist
- The Loader Itself
- Leak Website Scanning


What we do not offer:
- Free Hosting, we show you how to use GitHub to host your lists for free and have them accessible to your whole team.

Please Message us if you are interested

 
Last edited by a moderator:

LillianA

beep boop
Premium
Feedback score
7
Posts
351
Reactions
259
Resources
0
So at worst someone has to replace a spigot or a open-sourced plugin?
 

404Labs

Feedback score
0
Posts
32
Reactions
5
Resources
0
So at worst someone has to replace a spigot or a free plugin?
Yes, or multiple. But what else is it that you can do? It is not like you can obfuscate the setup and inject an antileak that you can just remove. This is a decent way of doing it as the leak sites do not rly seem to care about setups, just software.
 

Cole

Developer
Supreme
Feedback score
19
Posts
947
Reactions
476
Resources
0
This system is very exploitable literally no point in it, you could just replace the spigot and check through every plugin to see which has the “backdoor” in it
 

404Labs

Feedback score
0
Posts
32
Reactions
5
Resources
0
This system is very exploitable literally no point in it, you could just replace the spigot and check through every plugin to see which has the “backdoor” in it
90% of the Setup leakers are not the java leakers and do not know a thing about java, let alone Bytecode inspectors. These are usually just standard server owners who either wanted the adfly revenue or did not like their product/had issues with their product. Plus, for the amount of traffic they get for setups vs plugins, it is just not worth them spending time on the setups. This solution will benefit the community as a whole anyways as it will waste their time, causing them to not be able to leak as many things.
 

Cole

Developer
Supreme
Feedback score
19
Posts
947
Reactions
476
Resources
0
90% of the Setup leakers are not the java leakers and do not know a thing about java, let alone Bytecode inspectors. These are usually just standard server owners who either wanted the adfly revenue or did not like their product/had issues with their product. Plus, for the amount of traffic they get for setups vs plugins, it is just not worth them spending time on the setups. This solution will benefit the community as a whole anyways as it will waste their time, causing them to not be able to leak as many things.
But any type of leaker who is dedicated enough would spend time to leak stuff doesn’t matter if you know Java or not. They could also just redownload every plugin instead of looking through.


This solution will benefit the community
If it’s being sold for the community why is it for profit?

I think this is an extremely misleading product - it provides no protection what so ever and people can patch it from a drag and drop.
 

404Labs

Feedback score
0
Posts
32
Reactions
5
Resources
0
But any type of leaker who is dedicated enough would spend time to leak stuff doesn’t matter if you know Java or not. They could also just redownload every plugin instead of looking through.



If it’s being sold for the community why is it for profit?

I think this is an extremely misleading product - it provides no protection what so ever and people can patch it from a drag and drop.
At least 70% of the top Minecraft server setup leaks' authors have only leaked configs or server setups. This probably means that they do not know how to scan jars etc.
Most antileaks in plugins are also basically drag and drop and yet people pay 10s of thousands of dollars for (also) bypassable obfuscators ( Stringer/DashO), or other custom anti-leak systems that are yet so easy to remove. Yes, they might be a lot harder but it will still be very easy and very fast. Nothing is un-bypassable, in any platform/language.
 

Carrot

God of Carrots
Supreme
Feedback score
0
Posts
0
Reactions
1
Resources
5
Please stop referring to it as a backdoor, it is not a backdoor, just a ban checker and IP/UserID/Nonce association system.
 

Cole

Developer
Supreme
Feedback score
19
Posts
947
Reactions
476
Resources
0
At least 70% of the top Minecraft server setup leaks' authors have only leaked configs or server setups.
That’s because they’re focused on server setups. Nothings stopping them from asking their bitch buddies who do know Java
 

404Labs

Feedback score
0
Posts
32
Reactions
5
Resources
0
That’s because they’re focused on server setups. Nothings stopping them from asking their bitch buddies who do know Java
For the amount of ad revenue/clicks they get is it worth it for the Java guys to do that? Plugins get 3x as many downloads.
 

TheEasyPeasy

Supreme
Feedback score
2
Posts
2
Reactions
128
Resources
0
Most antileaks in plugins are also basically drag and drop and yet people pay 10s of thousands of dollars for (also) bypassable obfuscators ( Stringer/DashO), or other custom anti-leak systems that are yet so easy to remove. Yes, they might be a lot harder but it will still be very easy and very fast. Nothing is un-bypassable, in any platform/language.

Agree, but the control-flow analysis takes a lot longer than dump classes from memory.
You have many ways for such a loader, such as javaAgent (inject/enable jar with parameter -javaagent)/Attacker can hook defineClass from jvm or just use a ready Hook from JVMTI/Hotspot etc.

So finally i will enable jar and just dump memory and that's all.
But against total noobs it's okay :)
 
Last edited:

404Labs

Feedback score
0
Posts
32
Reactions
5
Resources
0
Remember this is for Setups not Plugins and the major leakers (the ones who know what Java byte code is) in general don't target Setups, only plugins and similar.
 
Status
This thread has been locked.
Top