This is a read-only snapshot of the ComputerCraft forums, taken in April 2020.
ComputerCraftPrograms
doublequestionmark's profile picture

The Internet Connected Door Lock! (ICDL)

Started by doublequestionmark, 31 July 2014 - 03:49 AM
doublequestionmark #1

doublequestionmark's profile picture

129 posts

Location I honestly don't know

Posted 31 July 2014 - 05:49 AM
Sorry, But The ICDL Is Temporarly Unavailable. The Reason Is That My Hosting Provider Decided To Cancel The Server Plan. Until I Can Find Another Host, The ICDL Will Be Unavailable.
EDIT: I Have Found Another Host Now I Am Transferring The File Stuff
—————————————————————————————————————————————–

I Have Made A DoorLock.
Now, You Might Be Thinking "I've Seen Thousands Of Those, What Makes Yours So Special?"
Glad You Asked. The Internet Connected Door Lock (ICDL For Short) Does Not Store Your Password. Instead It Is Hosted On A Server. (A Real Server Not An Ingame Server) So If Someone (Even Server Admins) Looks At The Lock Code They Will Not Be Able To Locate The Password.


Getting A Key
SpoilerTo Use ICDL You Are Going To Need A Key.
The Key Is Needed So The Server Knows Which Password Is Yours.

To Get A Key Go To This Link: Generate Key
Type The Password You Want In The Box And Hit Generate Key.
Once You Have Done That You Will Be Brought To A New Page Telling You Your Key.
Copy The Key

Installation
Spoilertype 
 pastebin get UF4KbYxz startup
Once You Have Done That Type 
 edit startup
And Find The Line That Says: 
 key = "PlaceKeyHere"
replace "PlaceKeyHere" With Your Key (Leave The Quotes)
Then Save And Exit

Pictures
Spoiler[attachment=1833:Capture.PNG]

Changelog
Spoiler30/7/14 - Initial Release
31/7/14 - Added Server Side Encryption And Now The Password Never Leave The Server
Edited on 13 August 2014 - 10:48 PM
lieudusty #2

lieudusty's profile picture

475 posts

Posted 31 July 2014 - 06:51 AM
What is the point of doing a GET request and comparing the user input to the one on the server? This isn't any more secure than keeping the user's password on the client because if someone were to read the startup, they would just take the key and enter it into your site to get the unhashed input.

Also you left indexing on.
doublequestionmark #3

doublequestionmark's profile picture

129 posts

Location I honestly don't know

Posted 31 July 2014 - 07:09 AM
What is the point of doing a GET request and comparing the user input to the one on the server?
Well It Is A WIP And I Havent Found Another Way To Do That Fixed That Now Password Never Leaves Server

Also you left indexing on.
And I Didn't Think Anyone Would Notice The Indexing Thing, I'll Fix That Immediatly Indexing Is Now Disabled

This isn't any more secure than keeping the user's password on the client because if someone were to read the startup, they would just take the key and enter it into your site to get the unhashed input.
I Cannot Think Of A Way To Fix That Of The Top Of My Head I Encrypted The Data On The Server. (You Can't Do That Anymore)
Edited on 31 July 2014 - 09:41 PM
flaghacker #4

flaghacker's profile picture

656 posts

Posted 31 July 2014 - 07:29 AM
You could send the password to the server, compare it there and return the result.
doublequestionmark #5

doublequestionmark's profile picture

129 posts

Location I honestly don't know

Posted 31 July 2014 - 07:41 AM
flaghacker, on 31 July 2014 - 07:29 AM said:
You could send the password to the server, compare it there and return the result.
I Don't Think I Know How, Atleast To Work With CC
Thank You, I Just Did That
Edited on 02 August 2014 - 07:13 PM
Not-A-Spammer #6

Not-A-Spammer's profile picture

5 posts

Posted 02 August 2014 - 10:29 PM
Is there any way this can be used as an OS Lock?
If so can i use it in a OS im dev'ing
doublequestionmark #7

doublequestionmark's profile picture

129 posts

Location I honestly don't know

Posted 03 August 2014 - 04:00 PM
Not-A-Spammer, on 02 August 2014 - 10:29 PM said:
Is there any way this can be used as an OS Lock?
If so can i use it in a OS im dev'ing
Yes, You Can Use This In Your OS And As A OS Lock.
To Do That You Would Need To Download The Pastebin Code And Locate This Area.

And Replace Redstone Output To Whatever You Want.
Also You Might Want To Edit The Part Of The Code That Handles Incorrect Passwords:
theoriginalbit #8

theoriginalbit's profile picture

7508 posts

Location Australia

Posted 21 August 2014 - 12:08 PM
I have gone and cleaned up the topic. How a person types doesn't matter, just as long as it is readable and not have verbose formatting, it shouldn't matter how it looks; as such the topic of the capitalised words stops now.
Anavrins #9

Anavrins's profile picture

756 posts

Posted 21 August 2014 - 11:04 PM
There's two problem with your code.
First is that your program will eventually crash, shell.run()'ing the program on itself will cause a stack overflow after 256 loops, this is a way to terminate your program.
Secondly, your variables aren't localized, especially the "input" variable, this means that after your program crashed with the crash I mentioned, you could simply go into the lua prompt and type "input" to see the last attempted password in plain-text.
Lego Stax #10

Lego Stax's profile picture

149 posts

Location The dark depths of the web

Posted 18 September 2014 - 01:23 AM
Looks useful. However, you could simply hash the password, store it in a file, and then hash input and compare that to the file. This would rule out the need for a real-life internet server.