removed insecure code that might cause Man-in-the-middle attack

This commit is contained in:
mohammed jasem alaajel 2022-02-04 09:01:31 +04:00
parent 914c01f532
commit 26c5adbbc8
2 changed files with 18 additions and 5 deletions

View File

@ -7,6 +7,8 @@ import org.bukkit.plugin.java.JavaPlugin;
import org.bukkit.scheduler.BukkitRunnable; import org.bukkit.scheduler.BukkitRunnable;
import java.io.File; import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
public class AppleTunneler extends JavaPlugin { public class AppleTunneler extends JavaPlugin {
@ -17,10 +19,7 @@ public class AppleTunneler extends JavaPlugin {
if (sshSession != null) { if (sshSession != null) {
sshSession.disconnect(); sshSession.disconnect();
} }
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
sshSession = jsch.getSession(getUsername(), getHost(), getPort()); sshSession = jsch.getSession(getUsername(), getHost(), getPort());
sshSession.setConfig(config);
sshSession.connect(2000); sshSession.connect(2000);
loadRemoteToLocalPortForwarding(); loadRemoteToLocalPortForwarding();
} }
@ -59,12 +58,26 @@ public class AppleTunneler extends JavaPlugin {
} }
} }
private void loadKnownHostFile() throws FileNotFoundException, JSchException {
File knownHosts = new File(getDataFolder(), ".known_hosts");
if (knownHosts.isDirectory()) {
knownHosts.delete();
}
if (!knownHosts.exists()) {
getLogger().severe("FILE at path: " + knownHosts.getAbsolutePath() + " Does not exists");
throw new RuntimeException("Known host file does not exists in plugin folder");
}
this.jsch.setKnownHosts(new FileInputStream(knownHosts));
}
@Override @Override
public void onEnable() { public void onEnable() {
this.saveDefaultConfig(); this.saveDefaultConfig();
try { try {
loadIds(); loadIds();
} catch (JSchException e) { loadKnownHostFile();
} catch (JSchException | FileNotFoundException e) {
throw new RuntimeException(e); throw new RuntimeException(e);
} }
try { try {

View File

@ -4,7 +4,7 @@
username: apple username: apple
# host eg: domains can be used. # host eg: domains can be used.
host: 192.168.0.100 host: 192.168.0.100
# port # ssh port
port: 22 port: 22
# Syntax is "local-port:remote-host:remote-port" # Syntax is "local-port:remote-host:remote-port"