587 posts
Location
Wrocław, Poland
Posted 30 March 2013 - 03:06 AM
Spoiler
WCON
Control your computers over the Internet!
What is it?:WCON is an API (but not only) which allows you to download and upload data to WCON server.
You have 6 boolean registers (for redstone states) and 5 string registers (up to 5119 characters).
You can change all registers from in-game computer or from
online control panel.
Note:
HTTP API required.How to get started?:Get your software on your computer:
- Run "pastebin get jQLjRUnt install"
- Run "install"
Test it:
- Hook up some redstone or lamps
- Run "launch" in main directory.
- Login into control panel.
- Change redstone states and see what happens!
Changelog:Spoiler
Version 2:- Added auto updater
- Changed how stuff is located
- Added getVersion() function
- BETTER INSTALLER! YAAAY
Version 1.1:- Better password hashing on server side.
Version 1.0:Spoiler
sendData(string state, int registry):
Sets given string registry to state.
Returns false at wrong registry, nil at communication error, true at success.
sendRsData(bool state, string side):
Sets given redstone registry to state.
Returns false at wrong side string, nil at communication error, true at success.
getData():
Gets string registers table.
Returns:
nil at server communication error,
"fatal: [ERROR CODE]" at WCON_FATAL_ERROR,
table (5 element, 1 to 5) at success.
getRsData():
Gets redstone registers table.
Returns:
nil at server communication error,
"fatal: [ERROR CODE]" at WCON_FATAL_ERROR,
table (6 element, 1 to 6) at success.
Each element in table corresponds to one side:
1 = top
2 = bottom
3 = right
4 = left
5 = back
6 = front
getSide(int side):
Converts side in int into side in string.
getServer():
Returns server address.
getId():
Returns ID.
getPassword():
Returns password.
getVersion():
Returns Version.Spoiler
Passwords are encrypted with SHA-256, than encrypted with SHA-256 again. It means it's basically impossible to crack password. It also means that no one can see passwords, even me.
They are stored in MySQL Database (with randomly generated password), which allows only localhost connections, not in a plain text file.Spoiler
Homepage:
Login:
Control panel:
Register:
Registration complete:
Spoiler
THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License. Copy of this license.
587 posts
Location
Wrocław, Poland
Posted 30 March 2013 - 10:53 AM
Finished! Version 1.0 is here :D/>
131 posts
Location
I am omnipresent... DUH
Posted 30 March 2013 - 11:01 AM
Seems neat, also make it say 'pastebin' not 'patebin'
587 posts
Location
Wrocław, Poland
Posted 30 March 2013 - 11:11 AM
Seems neat, also make it say 'pastebin' not 'patebin'
Done, thanks for support :D/>
1852 posts
Location
Sweden
Posted 30 March 2013 - 11:56 AM
Seems quite nice!
Will try it out later.
1619 posts
Posted 30 March 2013 - 06:23 PM
Looks nice!
7508 posts
Location
Australia
Posted 30 March 2013 - 06:29 PM
Looks good.
2 questions:
5 string registers (up to 5119 characters).
Why 5119? Whats your math for that?- What measures have you taken to protect my data and passwords?
235 posts
Location
Germany
Posted 30 March 2013 - 09:17 PM
How are passwords saved?
587 posts
Location
Wrocław, Poland
Posted 30 March 2013 - 09:54 PM
Why 5119? Whats your math for that?
It's 5KB without 1B for string length. It's easier for me to calculate disk space used.
What measures have you taken to protect my data and passwords?
How are passwords saved?
They are in MySQL Database accessible only from localhost and encrypted
(sha1 -> md5 -> sha256) (sha-256 -> sha-256)
7508 posts
Location
Australia
Posted 30 March 2013 - 11:18 PM
They are in MySQL Database accessible only from localhost and encrypted (sha1 -> md5 -> sha256)
Proof:
-image snip-
Ok so what that just told me is that you are storing passwords weakly and have no confidence in the hashes since you blurred out 75% of the hash value…
587 posts
Location
Wrocław, Poland
Posted 31 March 2013 - 12:00 AM
Ok so what that just told me is that you are storing passwords weakly and have no confidence in the hashes since you blurred out 75% of the hash value…
Well, kinda yes :P/>, But I think it's safe
enough…
7508 posts
Location
Australia
Posted 31 March 2013 - 12:27 AM
Well, kinda yes :P/>, But I think it's safe enough…
Remove MD5 out of the hashing sequence and it would be largely more secure. Remove SHA1 and its a little more secure. If you want to do multiple hashing do it with the same algorithm and it will be better than multiple hashing with different algorithms. Lastly add a random salt (which is remembered) to each password and its even better again…
587 posts
Location
Wrocław, Poland
Posted 31 March 2013 - 12:34 AM
Thanks :)/>
—————————-
Update on WCON:
Password hashing changed to SHA-256 -> SHA-256. This means all passwords are not valid now, but it's kinda no problem, since no one was using it :P/>
22 posts
Posted 31 March 2013 - 02:56 AM
Notice: Undefined index: password in /var/www/wcon/cpanel.php on line 10Wrong password or ID! BackI've just registered and it says this
Also, vurnable for SQL injection….
587 posts
Location
Wrocław, Poland
Posted 31 March 2013 - 04:03 AM
Big update is out! :D/>- New installer, featuring making accounts from computer
- Auto generated config
- Auto-updater
- Better security
- Moved some stuff
Notice: Undefined index: password in /var/www/wcon/cpanel.php on line 10Wrong password or ID! Back
Sorry! My fault!
Also, vurnable for SQL injection….
Nope, it's not. . .
288 posts
Location
The trashcan where all Undertale trash is
Posted 31 March 2013 - 08:23 AM
Oh man, I've got to try this out!
587 posts
Location
Wrocław, Poland
Posted 31 March 2013 - 10:55 AM
Oh man, I've got to try this out!
:D/>
1852 posts
Location
Sweden
Posted 31 March 2013 - 11:26 AM
This is so awesome!! :D/>
587 posts
Location
Wrocław, Poland
Posted 31 March 2013 - 11:33 PM
This is so awesome!! :D/>
Thanks :D/>
20 posts
Posted 08 April 2013 - 04:57 PM
This is not working for me, I created an account. Installed and all that. I typed in launch and it gives me a repeating error "update:1:attempt to call nil"
1619 posts
Posted 08 April 2013 - 08:03 PM
This is not working for me, I created an account. Installed and all that. I typed in launch and it gives me a repeating error "update:1:attempt to call nil"
You did something wrong. Line 1 defines a function, so there's no way that error could be thrown.
587 posts
Location
Wrocław, Poland
Posted 14 April 2013 - 09:19 AM
I'm working on package manager for CC, WCON with better installer and installable from pacman (manager's name) will be coming soon :)/>
It also means I will not be active for a bit.
And I'm trying to make real life CC Computer using STM32 MCU (STM32F103 family, with 2.8" TTF LCD), but I may never finish it. :P/>
453 posts
Location
Holland
Posted 14 April 2013 - 10:47 AM
thats is sooo coowl. just awesome and defetly uniqe
587 posts
Location
Wrocław, Poland
Posted 15 April 2013 - 02:23 AM
thats is sooo coowl. just awesome and defetly uniqe
Thanks! :D/>
570 posts
Location
Germany
Posted 15 April 2013 - 02:32 AM
- snip snip-
And I'm trying to make real life CC Computer using STM32 MCU (STM32F103 family, with 2.8" TTF LCD), but I may never finish it. :P/>
if you finish it, please make a tutorial
and on topic this is awesome. i love the idea of this
587 posts
Location
Wrocław, Poland
Posted 15 April 2013 - 03:31 AM
-quote snip-
if you finish it, please make a tutorial
and on topic this is awesome. i love the idea of this
That's my plan
And thanks for support :D/>
587 posts
Location
Wrocław, Poland
Posted 19 April 2013 - 09:04 AM
Is anyone actually using it? :mellow:/>
1 posts
Posted 19 April 2013 - 06:38 PM
It would be wise to disable browsing of directories on the website as it shows how the website is structured and may lead to problems later.
I like the idea I was thinking of doing something like this myself but I suck at css to make anything look 1/2 way decent.
You could easily make a system that sends the command to bundled cable as well. ( I do this now on my server:D)
587 posts
Location
Wrocław, Poland
Posted 19 April 2013 - 10:22 PM
It would be wise to disable browsing of directories on the website as it shows how the website is structured and may lead to problems later.
Nah, not really :)/>
You could easily make a system that sends the command to bundled cable as well. ( I do this now on my server:D)
It can be done via text registers, just a bit of code