Could not pass event InventoryMoveItemEvent to EssentialsBackup v3.5.8

Question

Could not pass event InventoryMoveItemEvent to EssentialsBackup v3.5.8

madolebr opened this issue 6 years ago · 6 comments

madolebr commented 6 years ago

Full output of /ess version:

03.02 21:20:26 [Server] INFO CONSOLE issued server command: /ess ver
03.02 21:20:26 [Server] INFO [Essentials] Loaded 19183 items from items.json.
03.02 21:20:26 [Server] INFO [Essentials] Using locale en_US
03.02 21:20:26 [Server] INFO [Essentials] ServerListPingEvent: Spigot iterator API
03.02 21:20:26 [Server] INFO Essentials reloaded 2.16.0.34.

Server log: https://gist.github.com/madolebr/db14595b436b7987cc3f9ccd52386fb9

EssentialsX config: https://gist.github.com/madolebr/4071b5ac3606382500855e9f59f26797

Details

Description
essentials backup is having issues processing items being picked up by minecart hoppers and transferred through the minecart hopper into a hopper below it. constant spamming as it does so under a grinder

Steps to reproduce
build a standard mob grinder with the collection area being a minecart hopper with hoppers below it to transfer the items

Expected behavior
no console spam

Screenshots

triagonal · Answer 1 · 2019-02-03T23:16:01.000Z

EssentialsBackup isn't a plugin that's developed by the EssentialsX team.

My limited research turned up this spigot forum post which suggests that EssentialsBackup is malware.

Could you please double check that a plugin named EssentialsBackup exists in your /plugins folder? If is isn't there and you see a plugin named metrics.jar or PluginMetrics.jar, you may have been infected.

mdcfe · Answer 2 · 2019-02-04T09:18:38.000Z

/ess ver is not a command and will just reload EssentialsX. Please use /ess version in the future.

As @triagonal correctly stated, "EssentialsBackup" is not an EssentialsX plugin. Running /ess version correctly would show that this plugin is not supported by us.

In addition, it is an obfuscated plugin, meaning the code has even scrambled to make it unreadable. No valid plugin would do this, and so it is very likely that you have a malicious jar file in your plugins/ directory - this might be masquerading as a fake plugin like PluginMetrics.jar.

You should double check your jars to make sure there isn't a malicious plugin hiding in there - there might be files or folders inside those jars called DRAWXxQcTeb... or uy.class.

madolebr · Answer 3 · 2019-02-04T00:13:18.000Z

the craziest part is that i dont even have essentials.backup on my server at all either. just found plugin metrics tho. my server owner is looking into it more. tyvm

madolebr · Answer 4 · 2019-02-07T21:13:42.000Z

i gotcha. will look through them and see what i can find

mdcfe · Answer 5 · 2019-02-13T10:46:16.000Z

Closing as this is not an EssentialsX issue.

madolebr · Answer 6 · 2019-02-26T21:44:44.000Z

just wanted to say you guys are very right, but the virus has made\ it deep into alot of our plugins, including essentials. cant find the origin, as we dont even have any leaked plugins. but will be deleting and readding all jars in hopes itll be cleared up

Share to

Details