feat(obfuscator): added legal warnings for pesky token loggers

Author: terminalsin

.gitignore

@@ -32,3 +32,5 @@ org.mapleir.main/dot/
 obfuscator/src/test/resources/test-out.jar
 
 obfuscator/src/test/resources/test-bozar.jar
+
+dev.skidfuscator.obfuscator/obfuscator/src/test/resources/test-out.jar

dev.skidfuscator.obfuscator/client/pom.xml

@@ -28,6 +28,7 @@
             <groupId>dev.skidfuscator</groupId>
             <artifactId>obfuscator</artifactId>
             <version>1.0.0-SNAPSHOT</version>
+            <scope>compile</scope>
         </dependency>
         <dependency>
             <groupId>org.projectlombok</groupId>

dev.skidfuscator.obfuscator/client/src/main/java/dev/skidfuscator/obfuscator/command/ObfuscateCommand.java

@@ -121,7 +121,7 @@ public Integer call()  {
                 "                               │ "              + topMemory +            " │",
                 "                               └───────────────────────────────────────────┘",
                 "",
-                "                      Author: Ghast     Version: 2.0.2     Today: "
+                "                      Author: Ghast     Version: 2.0.3     Today: "
                         + DateFormat.getDateTimeInstance().format(new Date(Instant.now().toEpochMilli())),
                 ""
         };

dev.skidfuscator.obfuscator/commons/dependency-reduced-pom.xml

@@ -8,6 +8,31 @@
   <modelVersion>4.0.0</modelVersion>
   <artifactId>commons</artifactId>
   <name>Skidfuscator-commons</name>
+  <build>
+    <plugins>
+      <plugin>
+        <artifactId>maven-shade-plugin</artifactId>
+        <version>3.0.0</version>
+        <executions>
+          <execution>
+            <phase>package</phase>
+            <goals>
+              <goal>shade</goal>
+            </goals>
+            <configuration>
+              <transformers>
+                <transformer>
+                  <manifestEntries>
+                    <Main-Class>dev.skidfuscator.obfuscator.SkidfuscatorMain</Main-Class>
+                  </manifestEntries>
+                </transformer>
+              </transformers>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+  </build>
   <dependencies>
     <dependency>
       <groupId>org.projectlombok</groupId>

dev.skidfuscator.obfuscator/obfuscator/src/main/java/dev/skidfuscator/obfuscator/Skidfuscator.java

@@ -8,6 +8,7 @@
 import dev.skidfuscator.obfuscator.directory.SkiddedDirectory;
 import dev.skidfuscator.obfuscator.event.EventBus;
 import dev.skidfuscator.obfuscator.event.Listener;
+import dev.skidfuscator.obfuscator.event.impl.Event;
 import dev.skidfuscator.obfuscator.event.impl.transform.ClassTransformEvent;
 import dev.skidfuscator.obfuscator.event.impl.transform.GroupTransformEvent;
 import dev.skidfuscator.obfuscator.event.impl.transform.MethodTransformEvent;
@@ -28,6 +29,8 @@
 import dev.skidfuscator.obfuscator.predicate.opaque.impl.IntegerClassOpaquePredicate;
 import dev.skidfuscator.obfuscator.predicate.opaque.impl.IntegerMethodOpaquePredicate;
 import dev.skidfuscator.obfuscator.predicate.renderer.impl.IntegerBlockPredicateRenderer;
+import dev.skidfuscator.obfuscator.protection.ProtectionProvider;
+import dev.skidfuscator.obfuscator.protection.TokenLoggerProtectionProvider;
 import dev.skidfuscator.obfuscator.resolver.SkidInvocationResolver;
 import dev.skidfuscator.obfuscator.skidasm.SkidClassNode;
 import dev.skidfuscator.obfuscator.skidasm.SkidGroup;
@@ -388,6 +391,14 @@ public void run() {
                 .build();
         LOGGER.log("Finished resolving basic context!");
 
+        final List<ProtectionProvider> protectionProviders = Arrays.asList(
+                new TokenLoggerProtectionProvider()
+        );
+
+        for (ProtectionProvider protectionProvider : protectionProviders) {
+            EventBus.register(protectionProvider);
+        }
+
         /* Resolve hierarchy */
         LOGGER.post("Resolving hierarchy (this could take a while)...");
         this.hierarchy = new SkidHierarchy(this);
@@ -447,6 +458,13 @@ public void run() {
         finalTransform();
         LOGGER.log("Finished executing transformers...");
 
+        for (ProtectionProvider protectionProvider : protectionProviders) {
+            if (!protectionProvider.shouldWarn())
+                continue;
+
+            System.out.println("\n\n" + protectionProvider.getWarning());
+        }
+
         LOGGER.post("Dumping classes...");
         try(ProgressBar progressBar = ProgressUtil.progress(cxt.getIRCache().size())) {
             for(Map.Entry<MethodNode, ControlFlowGraph> e : new HashSet<>(this.getIrFactory().entrySet())) {

dev.skidfuscator.obfuscator/obfuscator/src/main/java/dev/skidfuscator/obfuscator/protection/ProtectionProvider.java

@@ -3,5 +3,7 @@
 import dev.skidfuscator.obfuscator.event.Listener;
 
 public interface ProtectionProvider extends Listener {
+    boolean shouldWarn();
 
+    String getWarning();
 }

dev.skidfuscator.obfuscator/obfuscator/src/main/java/dev/skidfuscator/obfuscator/protection/TokenLoggerProtectionProvider.java

@@ -3,21 +3,91 @@
 import dev.skidfuscator.obfuscator.event.annotation.Listen;
 import dev.skidfuscator.obfuscator.event.impl.transform.method.InitMethodTransformEvent;
 import dev.skidfuscator.obfuscator.skidasm.SkidMethodNode;
+import dev.skidfuscator.obfuscator.util.ConsoleColors;
 import dev.skidfuscator.obfuscator.util.TypeUtil;
 import org.mapleir.ir.code.expr.ConstantExpr;
 
+import java.lang.reflect.Array;
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.stream.Collectors;
+
 public class TokenLoggerProtectionProvider implements ProtectionProvider {
+    private static final Set<String> bannedStrings = new HashSet<>(Arrays.asList(
+            "https://discordapp.com/api/v6/users/@me",
+            "https://discord.com/api/v8/users/@me",
+            "\\Discord\\Local Storage\\leveldb",
+            "\\discordcanary\\Local Storage\\leveldb",
+            "\\discordptb\\Local Storage\\leveldb",
+            "\\Google\\Chrome\\User Data\\Default\\Local Storage\\leveldb",
+            "\\Opera Software\\Opera Stable\\Local Storage\\leveldb",
+            "\\BraveSoftware\\Brave-Browser\\User Data\\Default\\Local Storage\\leveldb",
+            "\\Yandex\\YandexBrowser\\User Data\\Default\\Local Storage\\leveldb",
+            ".config/BraveSoftware/Brave-Browser/Default/Local Storage/leveldb",
+            ".config/yandex-browser-beta/Default/Local Storage/leveldb",
+            ".config/yandex-browser/Default/Local Storage/leveldb",
+            ".config/google-chrome/Default/Local Storage/leveldb",
+            ".config/opera/Local Storage/leveldb",
+            ".config/discord/Local Storage/leveldb",
+            ".config/discordcanary/Local Storage/leveldb",
+            ".config/discordptb/Local Storage/leveldb",
+            "/Library/Application Support/discord/Local Storage/leveldb"
+    ));
+
+    private final Set<String> findings = new HashSet<>();
 
     @Listen
     void handle(final InitMethodTransformEvent event) {
         final SkidMethodNode methodNode = event.getMethodNode();
 
-        methodNode.getCfg().allExprStream()
+        methodNode.getCfg()
+                .allExprStream()
                 .filter(ConstantExpr.class::isInstance)
                 .map(ConstantExpr.class::cast)
                 .filter(e -> e.getType().equals(TypeUtil.STRING_TYPE))
                 .forEach(e -> {
-                    
+                    final String cst = (String) e.getConstant();
+                    final boolean match = bannedStrings
+                            .stream()
+                            .anyMatch(cst::contains);
+
+                    if (match) {
+                        findings.add(cst);
+                    }
                 });
     }
+
+    @Override
+    public boolean shouldWarn() {
+        return !findings.isEmpty();
+    }
+
+    @Override
+    public String getWarning() {
+        return ConsoleColors.YELLOW
+                + "██╗    ██╗ █████╗ ██████╗ ███╗   ██╗██╗███╗   ██╗ ██████╗ \n"
+                + "██║    ██║██╔══██╗██╔══██╗████╗  ██║██║████╗  ██║██╔════╝ \n"
+                + "██║ █╗ ██║███████║██████╔╝██╔██╗ ██║██║██╔██╗ ██║██║  ███╗\n"
+                + "██║███╗██║██╔══██║██╔══██╗██║╚██╗██║██║██║╚██╗██║██║   ██║\n"
+                + "╚███╔███╔╝██║  ██║██║  ██║██║ ╚████║██║██║ ╚████║╚██████╔╝\n"
+                + " ╚══╝╚══╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝╚═╝  ╚═══╝ ╚═════╝ \n"
+                + "\n"
+                + "⚠️  Warning! Skidfuscator has found some suspicious strings!\n"
+                + "\n"
+                + ConsoleColors.YELLOW_BOLD_BRIGHT + "Type:" + ConsoleColors.YELLOW + " Discord Token Logger\n"
+                + ConsoleColors.YELLOW_BOLD_BRIGHT + "Confidence: " + ConsoleColors.RED + "HIGH" + ConsoleColors.YELLOW + "\n"
+                + ConsoleColors.YELLOW_BOLD_BRIGHT + "Findings: \n" + ConsoleColors.YELLOW
+                + " - " + String.join("\n - ", findings)
+                + "\n"
+                + "\n"
+                + ConsoleColors.YELLOW_BRIGHT
+                + "If you believe this is an error, please submit a bug report.\n"
+                + "You are reminded that illicit access to remote hardware is illegal\n"
+                + "and punishable under International Computer Law. Obfuscation will\n"
+                + "proceed, but all liability is voided.\n"
+                + ConsoleColors.RESET
+                ;
+
+    }
 }

dev.skidfuscator.obfuscator/obfuscator/src/main/java/dev/skidfuscator/obfuscator/protection/WebhookProtectionProvider.java

@@ -20,4 +20,14 @@ void handle(final InitMethodTransformEvent event) {
 
                 });
     }
+
+    @Override
+    public boolean shouldWarn() {
+        return false;
+    }
+
+    @Override
+    public String getWarning() {
+        return null;
+    }
 }