/MC-Log4j-Patcher

A singular file to protect as many Minecraft servers and clients as possible from the Log4j exploit (CVE-2021-44228).

Primary LanguageJava

MC-Log4J-Patcher

The goal of this project is to provide Minecraft players, and server owners, peace of mind in regards to the recently discovered Log4J exploit (CVE-2021-44228).
Currently this project looks for any Log4J format strings, not just jndi, and either replaces them or stops them from being logged entirely depending on your configuration.

See features, supported platforms, and more below.

I would much appreciate any help from others, whether it be by contributing or by suggesting features, platforms, etc. via an issue.

Supported Platforms

Planned Platforms

  • Velocity
  • Sponge
  • Forge (I know it should be fixed, but people keep asking me to make a mod anyways)
  • Vanilla/All Clients via Java Agent

Features

Spigot

  • Chat & Command filter
  • Item Name filter
  • Player username filter (for offline/bungee servers) (Yes, usernames can be Log4J formats)
  • Mob name filter (Spawning & Renaming)

Bungee

  • Chat & Command filter
  • Player username filter (Yes, usernames can be Log4J formats)

Config

  • Customizable messages
  • Toggles for all listeners, individual for each platform

Specifics need to be filled in