Important
A lot of error codes are in native code now, which I kind of can't be asked to reverse engineer (unless RFL flags them) they use radio egor for their native obf, which uses string pools, which breaks IDA's string XREFs. If IDA wouldn't break when you use string pools for storing strings, I'd probably document the error codes...
All currently known auth error codes.
TODO: dynamically analyze EC01 2, because RFL now is detected by that check.
And RFL devs are probably relying on me to unpatch now,
since they never updated (Patched ~September 15, made my PR on October 12, then they merged it October 26) before I made my PR and then they merged it.
EC01 2 is basically(?) the same as this but no exempts(?), EC01 2 is inside the function that connects to Rise's auth servers, which is natived. (currently __ngen_native_aGS13, obtained by using edb and hardware breakpointing an error code string until you find a native_jvm::classes::__ngen_{...} method)
-javaagent: is in your JVM arguments,
either remove it OR rename your agent file to idea_rt.jar or one of the exempted agent jar names.
If your arguments contain any of these, you probably are exempt:
idea_rt.jarjetbrainsjacocovscodejava-debugredhateclipse.jdt.ls
Warning
Rise made these error codes empty strings. EC03 is IllegalArgumentException, everything else is IllegalStateException(?).
A null URI was given
A URI was passed that has a scheme (e.g. <scheme here>://<...>) that wasn't wss (WebSockets over HTTPS)
A URI was passed that returned null when Rise called getHost
A URI was passed that returned something other than auth.riseclient.com (case-insensitive)
InetAddress.getAllByName(string) had an address in it
that was a local address (isAnyLocalAddress) or is a loopback address (isLoopbackAddress)
You have something in your %SystemRoot%\System32\drivers\etc\hosts
(Windows, %SystemRoot% is replaced with C:\Windows if the environment variable SystemRoot doesn't exist)
or in /etc/hosts that flags this check
it will not check if the file isn't readable or if the check threw an exemption.
Here is the decompiled code:
import java.net.InetAddress;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
/**
* checks for if {@code host} will redirect to localhost via the hosts file.
* maybe you could abuse IP tables on Linux to bypass this check, but Billionare isn't smart enough to care.
* @return if it will redirect to localhost
**/
public boolean checkForLocalhostRedirection(String host) {
try {
// the string path to the hosts file
String hostsFile;
// the path to the hosts file
Path filePath;
// the name of this OS
String osName = System.getProperty("os.name", "").toLowerCase();
if (osName.contains("win")) {
String systemRoot = System.getenv("SystemRoot");
if (systemRoot == null || systemRoot.isEmpty()) {
systemRoot = "C:/Windows";
}
hostsFile = systemRoot + "/System32/drivers/etc/hosts";
} else {
hostsFile = "/etc/hosts";
}
filePath = Paths.get(hostsFile);
// we can't read it anyway, exempt.
if (!Files.isReadable(filePath)) {
return false;
}
for (String l : Files.readAllLines(filePath)) {
String[] splitBySpace;
String t = l.trim();
if (t.isEmpty() || t.startsWith("#") // ignore comments
|| !t.toLowerCase().contains(host.toLowerCase()) // ignore ones other than ours
|| (splitBySpace = t.split("\\s+")).length == 0 // if it's an empty or malformed line
)
continue;
String redirectTo = splitBySpace[0];
try {
InetAddress inetAddress = InetAddress.getByName(redirectTo);
if (!inetAddress.isAnyLocalAddress() // if it's not local
&& !inetAddress.isLoopbackAddress() // and it's not a loopback address (e.g. localhost)
&& !inetAddress.isLinkLocalAddress() // and it's not a link local address
&& !inetAddress.isSiteLocalAddress()) // and it isn't a site local address
continue; // we're fine
return true; // you flagged.
}
catch (Exception ignored) {
}
}
}
catch (Exception exception) {
// empty catch block
}
return false;
}